18/04/12 23:30:20

D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:20
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:21
A
18/04/12 23:30:21
D
call: DLL_PROCESS_DETACH
18/04/12 23:30:21
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:21
A
18/04/12 23:30:21
D
call: DLL_PROCESS_DETACH
18/04/12 23:30:21
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:21
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:21
D
call: DLL_PROCESS_ATTACH
18/04/12 23:30:21
A
18/04/12 23:30:21
D
call: DLL_PROCESS_DETACH
18/04/12 23:30:22
A
18/04/12 23:30:22
D
call: DLL_PROCESS_DETACH
18/04/12 23:30:22
A
18/04/12 23:30:22
F
18/04/12 23:30:22
A
18/04/12 23:30:22
F
18/04/12 23:30:22
A
18/04/12 23:30:22
F
18/04/12 23:30:24
A
18/04/12 23:30:24
D

Enter DllMain -> Handle: 3988783104 - Reason for

Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for

call: DLL_PROCESS_DETACH
18/04/12 23:30:24
A
18/04/12 23:30:24
F
18/04/12 23:30:24
A
18/04/12 23:30:24
F
18/04/12 23:30:24
A
18/04/12 23:30:24
F
18/04/12 23:30:38
A
18/04/12 23:30:38
D
call: DLL_PROCESS_DETACH
18/04/12 23:30:55
A
18/04/12 23:35:04
D
call: DLL_PROCESS_ATTACH
18/04/12 23:35:10
D
call: DLL_PROCESS_ATTACH
18/04/12 23:35:10
A
18/04/12 23:35:10
A
18/04/12 23:35:10
A
18/04/12 23:35:10
A
18/04/12 23:35:10
D
call: DLL_PROCESS_ATTACH
18/04/12 23:35:20
A
18/04/12 23:35:20
D
call: DLL_PROCESS_DETACH
18/04/12 23:35:21
A
18/04/12 23:35:21
D
call: DLL_PROCESS_DETACH
18/04/12 23:35:47
A
18/04/12 23:52:00
D
call: DLL_PROCESS_ATTACH
18/04/12 23:52:00
A
18/04/12 23:52:00
D
call: DLL_PROCESS_DETACH
18/04/12 23:52:02
D
call: DLL_PROCESS_ATTACH
18/04/12 23:53:43
A
18/04/12 23:53:43
D
call: DLL_PROCESS_DETACH
18/04/12 23:53:46
D
call: DLL_PROCESS_ATTACH
18/04/12 23:53:46
D
call: DLL_PROCESS_ATTACH
18/04/12 23:53:50
D
call: DLL_PROCESS_ATTACH
18/04/12 23:53:55
A
18/04/12 23:53:55
A
18/04/12 23:53:55
D
call: DLL_PROCESS_DETACH
18/04/12 23:53:55
A
18/04/12 23:53:55
D
call: DLL_PROCESS_DETACH
18/04/12 23:53:56
D
call: DLL_PROCESS_ATTACH
18/04/12 23:54:01
A
18/04/12 23:54:01
A
18/04/12 23:54:01
D
call: DLL_PROCESS_DETACH
18/04/12 23:54:23
D
call: DLL_PROCESS_ATTACH
18/04/12 23:54:28
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for

call: DLL_PROCESS_ATTACH
18/04/12 23:54:29
A
18/04/12 23:54:29
A
18/04/12 23:54:29
D
call: DLL_PROCESS_DETACH
18/04/12 23:54:29
A
18/04/12 23:54:29
D
call: DLL_PROCESS_DETACH
18/04/12 23:54:38
D
call: DLL_PROCESS_ATTACH
18/04/12 23:54:44
A
18/04/12 23:54:44
A
18/04/12 23:54:44
D
call: DLL_PROCESS_DETACH
18/04/12 23:54:46
D
call: DLL_PROCESS_ATTACH
18/04/12 23:55:05
A
18/04/12 23:55:05
A
18/04/12 23:55:05
D
call: DLL_PROCESS_DETACH
18/04/12 23:55:07
D
call: DLL_PROCESS_ATTACH
18/04/12 23:55:18
A
18/04/12 23:55:18
A
18/04/12 23:55:18
D
call: DLL_PROCESS_DETACH
18/04/12 23:55:22
D
call: DLL_PROCESS_ATTACH
18/04/12 23:55:27
A
18/04/12 23:55:27
A
18/04/12 23:55:27
D
call: DLL_PROCESS_DETACH
18/04/12 23:55:28
D
call: DLL_PROCESS_ATTACH
18/04/12 23:55:33
A
18/04/12 23:55:33
F
18/04/12 23:55:33
A
18/04/12 23:55:33
A
18/04/12 23:55:33
D
call: DLL_PROCESS_DETACH
18/04/12 23:55:36
D
call: DLL_PROCESS_ATTACH
18/04/12 23:55:36
A
18/04/12 23:55:36
D
call: DLL_PROCESS_DETACH
18/04/12 23:55:46
A
18/04/12 23:55:46
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:45
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3988783104 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1869283328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3988783104 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for

29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
A
29/05/12 22:12:46
A
29/05/12 22:12:46
A
29/05/12 22:12:46
A
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:46
A
29/05/12 22:12:46
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:46
A
29/05/12 22:12:46
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:47
D
call: DLL_PROCESS_ATTACH
29/05/12 22:12:48
A
29/05/12 22:12:48
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:48
A
29/05/12 22:12:48
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:48
A
29/05/12 22:12:48
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:49
A
29/05/12 22:12:49
D
call: DLL_PROCESS_DETACH
29/05/12 22:12:52
A
29/05/12 22:12:52
D
call: DLL_PROCESS_DETACH
29/05/12 22:13:10
D
call: DLL_PROCESS_ATTACH
29/05/12 22:13:23
A
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 3993960448 - Reason for

Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1939275776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3993960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3993960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3993960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3993960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for

29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
29/05/12 22:16:07
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 3993960448 - Reason for

Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 3993960448 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 1939275776 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for

30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:40
A
30/05/12 20:48:40
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:40
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:41
A
30/05/12 20:48:41
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:41
A
30/05/12 20:48:41
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:42
A
30/05/12 20:48:42
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:42
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:43
A
30/05/12 20:48:43
F
30/05/12 20:48:43
A
30/05/12 20:48:43
F
30/05/12 20:48:43
A
30/05/12 20:48:43
F
30/05/12 20:48:45
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:46
A
30/05/12 20:48:46
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:46
A
30/05/12 20:48:46
A
30/05/12 20:48:46
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:47
A
30/05/12 20:48:47
F
30/05/12 20:48:47
A
30/05/12 20:48:47
F
30/05/12 20:48:47
D
call: DLL_PROCESS_ATTACH
30/05/12 20:48:48
A
30/05/12 20:48:48
D
call: DLL_PROCESS_DETACH
30/05/12 20:48:48
A
30/05/12 20:48:48
F
30/05/12 20:48:50
A
30/05/12 20:48:50
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:00
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:00
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:00
A
30/05/12 20:49:00
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:00
A
30/05/12 20:49:00
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:08
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:09
D

Enter DllMain -> Handle: 1942683648 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for

call: DLL_PROCESS_ATTACH
30/05/12 20:49:15
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:15
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:15
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:15
A
30/05/12 20:49:15
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:16
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:16
A
30/05/12 20:49:16
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:24
A
30/05/12 20:49:24
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:24
A
30/05/12 20:49:24
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:27
D
call: DLL_PROCESS_ATTACH
30/05/12 20:49:27
A
30/05/12 20:49:27
D
call: DLL_PROCESS_DETACH
30/05/12 20:49:28
A
30/05/12 20:49:28
R
30/05/12 20:49:54
A
30/05/12 20:50:28
D
call: DLL_PROCESS_ATTACH
30/05/12 20:50:32
D
call: DLL_PROCESS_ATTACH
30/05/12 20:50:33
A
30/05/12 20:50:33
R
30/05/12 20:50:59
D
call: DLL_PROCESS_ATTACH
30/05/12 20:51:52
D
call: DLL_PROCESS_ATTACH
30/05/12 20:51:56
D
call: DLL_PROCESS_ATTACH
30/05/12 20:51:56
D
call: DLL_PROCESS_ATTACH
30/05/12 20:51:57
D
call: DLL_PROCESS_ATTACH
30/05/12 20:52:01
D
call: DLL_PROCESS_ATTACH
30/05/12 20:52:01
A
30/05/12 20:52:01
D
call: DLL_PROCESS_DETACH
30/05/12 20:52:05
A
30/05/12 20:52:05
D
call: DLL_PROCESS_DETACH
30/05/12 20:52:06
A
30/05/12 20:52:06
A
30/05/12 20:52:06
D
call: DLL_PROCESS_DETACH
30/05/12 20:52:08
D
call: DLL_PROCESS_ATTACH
30/05/12 20:52:17
A

Enter DllMain -> Handle: 1942683648 - Reason for

Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback

30/05/12 20:52:17
D
call: DLL_PROCESS_DETACH
30/05/12 20:52:25
D
call: DLL_PROCESS_ATTACH
30/05/12 20:52:32
A
30/05/12 20:52:32
D
call: DLL_PROCESS_DETACH
30/05/12 20:52:34
A
30/05/12 20:52:34
D
call: DLL_PROCESS_DETACH
30/05/12 20:53:32
D
call: DLL_PROCESS_ATTACH
30/05/12 20:53:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:53:38
A
30/05/12 20:53:38
A
30/05/12 20:53:38
A
30/05/12 20:53:38
A
30/05/12 20:53:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:54:30
D
call: DLL_PROCESS_ATTACH
30/05/12 20:54:31
A
30/05/12 20:54:32
R
30/05/12 20:54:51
D
call: DLL_PROCESS_ATTACH
30/05/12 20:54:51
A
30/05/12 20:54:51
R
30/05/12 20:56:55
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:01
A
30/05/12 20:57:01
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:09
A
30/05/12 20:57:09
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:17
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:26
A
30/05/12 20:57:26
A
30/05/12 20:57:26
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:27
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:29
A
30/05/12 20:57:29
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:30
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:35
A
30/05/12 20:57:35
A
30/05/12 20:57:35
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:37
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:37
A
30/05/12 20:57:37
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:37
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1942683648 - Reason for

Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for

30/05/12 20:57:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:38
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:38
A
30/05/12 20:57:38
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:38
A
30/05/12 20:57:38
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:38
A
30/05/12 20:57:38
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:45
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:47
A
30/05/12 20:57:47
R
30/05/12 20:57:48
D
call: DLL_PROCESS_ATTACH
30/05/12 20:57:48
A
30/05/12 20:57:48
R
30/05/12 20:57:56
A
30/05/12 20:57:56
D
call: DLL_PROCESS_DETACH
30/05/12 20:57:58
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:00
A
30/05/12 20:58:00
R
30/05/12 20:58:01
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:01
A
30/05/12 20:58:01
R
30/05/12 20:58:18
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:18
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:23
A
30/05/12 20:58:23
A
30/05/12 20:58:23
D
call: DLL_PROCESS_DETACH
30/05/12 20:58:34
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:34
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:37
D
call: DLL_PROCESS_ATTACH
30/05/12 20:58:42
A
30/05/12 20:58:42
A
30/05/12 20:58:42
D
call: DLL_PROCESS_DETACH
30/05/12 20:58:49
A
30/05/12 20:58:49
D
call: DLL_PROCESS_DETACH
30/05/12 20:58:51
A
30/05/12 20:58:51
D
call: DLL_PROCESS_DETACH
30/05/12 20:59:18
A
30/05/12 20:59:18
D
call: DLL_PROCESS_DETACH
30/05/12 21:00:00
D

Enter DllMain -> Handle: 4045471744 - Reason for

Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for

call: DLL_PROCESS_ATTACH
30/05/12 21:00:00
A
30/05/12 21:00:00
D
call: DLL_PROCESS_DETACH
30/05/12 21:00:06
D
call: DLL_PROCESS_ATTACH
30/05/12 21:00:11
D
call: DLL_PROCESS_ATTACH
30/05/12 21:00:11
D
call: DLL_PROCESS_ATTACH
30/05/12 21:00:12
A
30/05/12 21:00:12
D
call: DLL_PROCESS_DETACH
30/05/12 21:00:14
D
call: DLL_PROCESS_ATTACH
30/05/12 21:00:14
A
30/05/12 21:00:14
D
call: DLL_PROCESS_DETACH
30/05/12 21:00:19
A
30/05/12 21:00:19
A
30/05/12 21:00:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:01:22
D
call: DLL_PROCESS_ATTACH
30/05/12 21:01:22
A
30/05/12 21:01:22
D
call: DLL_PROCESS_DETACH
30/05/12 21:02:43
D
call: DLL_PROCESS_ATTACH
30/05/12 21:02:44
A
30/05/12 21:02:44
D
call: DLL_PROCESS_DETACH
30/05/12 21:02:44
D
call: DLL_PROCESS_ATTACH
30/05/12 21:02:47
D
call: DLL_PROCESS_ATTACH
30/05/12 21:02:48
A
30/05/12 21:02:48
D
call: DLL_PROCESS_DETACH
30/05/12 21:02:50
D
call: DLL_PROCESS_ATTACH
30/05/12 21:02:50
A
30/05/12 21:02:50
D
call: DLL_PROCESS_DETACH
30/05/12 21:02:55
A
30/05/12 21:02:55
A
30/05/12 21:02:55
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:37
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:37
A
30/05/12 21:03:37
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:38
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:38
A
30/05/12 21:03:38
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for

30/05/12 21:03:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:40
A
30/05/12 21:03:40
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:40
A
30/05/12 21:03:40
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:40
A
30/05/12 21:03:40
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:41
A
30/05/12 21:03:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:43
A
30/05/12 21:03:43
A
30/05/12 21:03:43
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:52
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:53
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:54
A
30/05/12 21:03:54
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:57
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:57
A
30/05/12 21:03:57
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:57
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:57
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:57
D
call: DLL_PROCESS_ATTACH
30/05/12 21:03:58
A
30/05/12 21:03:58
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:58
A
30/05/12 21:03:58
D
call: DLL_PROCESS_DETACH
30/05/12 21:03:59
A
30/05/12 21:03:59
D
call: DLL_PROCESS_DETACH
30/05/12 21:04:04
D
call: DLL_PROCESS_ATTACH
30/05/12 21:04:05
A
30/05/12 21:04:06
D
call: DLL_PROCESS_ATTACH
30/05/12 21:04:06
A
30/05/12 21:04:06
D
call: DLL_PROCESS_DETACH
30/05/12 21:04:07
A

Enter DllMain -> Handle: 1942683648 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:04:07
D
call: DLL_PROCESS_DETACH
30/05/12 21:04:08
D
call: DLL_PROCESS_ATTACH
30/05/12 21:04:11
A
30/05/12 21:04:11
A
30/05/12 21:04:11
D
call: DLL_PROCESS_DETACH
30/05/12 21:04:12
A
30/05/12 21:04:12
D
call: DLL_PROCESS_DETACH
30/05/12 21:04:12
D
call: DLL_PROCESS_ATTACH
30/05/12 21:05:56
D
call: DLL_PROCESS_ATTACH
30/05/12 21:05:56
A
30/05/12 21:05:56
D
call: DLL_PROCESS_DETACH
30/05/12 21:05:56
D
call: DLL_PROCESS_ATTACH
30/05/12 21:05:56
D
call: DLL_PROCESS_ATTACH
30/05/12 21:05:57
A
30/05/12 21:05:57
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:02
A
30/05/12 21:06:02
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:03
A
30/05/12 21:06:03
A
30/05/12 21:06:03
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:06
D
call: DLL_PROCESS_ATTACH
30/05/12 21:06:10
D
call: DLL_PROCESS_ATTACH
30/05/12 21:06:11
A
30/05/12 21:06:11
A
30/05/12 21:06:11
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:11
A
30/05/12 21:06:11
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:13
D
call: DLL_PROCESS_ATTACH
30/05/12 21:06:13
A
30/05/12 21:06:13
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:14
D
call: DLL_PROCESS_ATTACH
30/05/12 21:06:19
A
30/05/12 21:06:19
A
30/05/12 21:06:19
D
call: DLL_PROCESS_DETACH
30/05/12 21:06:56
D
call: DLL_PROCESS_ATTACH
30/05/12 21:07:03
A
30/05/12 21:07:03
R
30/05/12 21:07:16
A
30/05/12 21:07:16
R

Enter DllMain -> Handle: 1942683648 - Reason for

Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 1942683648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1942683648 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4045471744 - Reason for
Enter DllMain -> Handle: 4045471744 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino taskmgr.exe
-> NtTerminateProcessCallback
La victima es winlogon.exe Asesino taskmgr.exe

30/05/12 21:07:16
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:35
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:35
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:35
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
A
30/05/12 21:08:36
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:36
A
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:36
A
30/05/12 21:08:36
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:36
A

Enter DllMain -> Handle: 4045471744 - Reason for

Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:08:36
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:36
A
30/05/12 21:08:36
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:39
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:40
A
30/05/12 21:08:40
A
30/05/12 21:08:40
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:41
A
30/05/12 21:08:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:42
A
30/05/12 21:08:42
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:43
A
30/05/12 21:08:43
F
30/05/12 21:08:43
A
30/05/12 21:08:43
F
30/05/12 21:08:43
A
30/05/12 21:08:43
F
30/05/12 21:08:45
A
30/05/12 21:08:45
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:45
A
30/05/12 21:08:45
F
30/05/12 21:08:45
A
30/05/12 21:08:45
F
30/05/12 21:08:46
A
30/05/12 21:08:46
F
30/05/12 21:08:53
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:53
A
30/05/12 21:08:53
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:54
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:54
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:54
A
30/05/12 21:08:54
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:54
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:55
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:55
A
30/05/12 21:08:55
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:55
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:55
A
30/05/12 21:08:55
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4028760064 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for

30/05/12 21:08:56
A
30/05/12 21:08:56
D
call: DLL_PROCESS_DETACH
30/05/12 21:08:59
D
call: DLL_PROCESS_ATTACH
30/05/12 21:08:59
A
30/05/12 21:08:59
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:09
A
30/05/12 21:09:09
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:25
A
30/05/12 21:09:25
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:27
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:32
A
30/05/12 21:09:32
A
30/05/12 21:09:32
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:32
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:35
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:35
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:35
A
30/05/12 21:09:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:35
A
30/05/12 21:09:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:43
A
30/05/12 21:09:47
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:49
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:54
A
30/05/12 21:09:54
A
30/05/12 21:09:54
D
call: DLL_PROCESS_DETACH
30/05/12 21:09:55
D
call: DLL_PROCESS_ATTACH
30/05/12 21:09:56
D
call: DLL_PROCESS_ATTACH
30/05/12 21:10:00
A
30/05/12 21:10:00
A
30/05/12 21:10:00
D
call: DLL_PROCESS_DETACH
30/05/12 21:10:07
A
30/05/12 21:10:07
D
call: DLL_PROCESS_DETACH
30/05/12 21:10:10
A
30/05/12 21:10:10
D
call: DLL_PROCESS_DETACH
30/05/12 21:10:15
D
call: DLL_PROCESS_ATTACH
30/05/12 21:10:15
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for

call: DLL_PROCESS_ATTACH
30/05/12 21:10:16
A
30/05/12 21:10:16
D
call: DLL_PROCESS_DETACH
30/05/12 21:10:23
A
30/05/12 21:10:23
A
30/05/12 21:10:23
D
call: DLL_PROCESS_DETACH
30/05/12 21:10:24
D
call: DLL_PROCESS_ATTACH
30/05/12 21:10:25
D
call: DLL_PROCESS_ATTACH
30/05/12 21:10:31
D
call: DLL_PROCESS_ATTACH
30/05/12 21:10:34
A
30/05/12 21:10:34
R
30/05/12 21:11:07
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:11
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:15
A
30/05/12 21:11:15
R
30/05/12 21:11:42
A
30/05/12 21:11:42
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:46
A
30/05/12 21:11:46
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:50
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:50
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:50
A
30/05/12 21:11:50
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:50
A
30/05/12 21:11:50
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:50
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:53
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:53
D
call: DLL_PROCESS_ATTACH
30/05/12 21:11:53
A
30/05/12 21:11:53
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:53
A
30/05/12 21:11:53
D
call: DLL_PROCESS_DETACH
30/05/12 21:11:55
A
30/05/12 21:11:55
A
30/05/12 21:11:55
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:10
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:13
A
30/05/12 21:12:13
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:15
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino taskmgr.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:12:15
A
30/05/12 21:12:15
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:15
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:18
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:23
A
30/05/12 21:12:23
A
30/05/12 21:12:23
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:27
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:29
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:31
A
30/05/12 21:12:31
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:32
A
30/05/12 21:12:32
A
30/05/12 21:12:32
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:32
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:32
A
30/05/12 21:12:32
D
call: DLL_PROCESS_DETACH
30/05/12 21:12:33
D
call: DLL_PROCESS_ATTACH
30/05/12 21:12:38
A
30/05/12 21:12:38
A
30/05/12 21:12:38
D
call: DLL_PROCESS_DETACH
30/05/12 21:13:17
D
call: DLL_PROCESS_ATTACH
30/05/12 21:13:23
D
call: DLL_PROCESS_ATTACH
30/05/12 21:13:23
A
30/05/12 21:13:23
A
30/05/12 21:13:23
A
30/05/12 21:13:23
A
30/05/12 21:13:23
D
call: DLL_PROCESS_ATTACH
30/05/12 21:14:58
D
call: DLL_PROCESS_ATTACH
30/05/12 21:15:03
A
30/05/12 21:15:03
A
30/05/12 21:15:03
D
call: DLL_PROCESS_DETACH
30/05/12 21:15:04
D
call: DLL_PROCESS_ATTACH
30/05/12 21:15:05
D
call: DLL_PROCESS_ATTACH
30/05/12 21:15:08
A
30/05/12 21:15:08
D
call: DLL_PROCESS_DETACH
30/05/12 21:15:09
A
30/05/12 21:15:09
A
30/05/12 21:15:09
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for

30/05/12 21:15:10
D
call: DLL_PROCESS_ATTACH
30/05/12 21:15:14
A
30/05/12 21:15:14
D
call: DLL_PROCESS_DETACH
30/05/12 21:15:14
D
call: DLL_PROCESS_ATTACH
30/05/12 21:15:18
A
30/05/12 21:15:18
D
call: DLL_PROCESS_DETACH
30/05/12 21:17:14
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:14
A
30/05/12 21:17:14
D
call: DLL_PROCESS_DETACH
30/05/12 21:17:17
A
30/05/12 21:17:17
D
call: DLL_PROCESS_DETACH
30/05/12 21:17:18
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:20
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:23
A
30/05/12 21:17:23
A
30/05/12 21:17:23
D
call: DLL_PROCESS_DETACH
30/05/12 21:17:26
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:26
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:27
D
call: DLL_PROCESS_ATTACH
30/05/12 21:17:31
A
30/05/12 21:17:31
A
30/05/12 21:17:31
D
call: DLL_PROCESS_DETACH
30/05/12 21:17:38
D
call: DLL_PROCESS_ATTACH
30/05/12 21:18:01
A
30/05/12 21:18:01
A
30/05/12 21:18:01
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:00
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:01
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:01
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:02
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:02
A
30/05/12 21:21:02
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:03
A
30/05/12 21:21:03
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:03
A
30/05/12 21:21:03
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:05
A

Enter DllMain -> Handle: 1866727424 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:21:05
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:06
A
30/05/12 21:21:06
A
30/05/12 21:21:06
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:06
A
30/05/12 21:21:06
A
30/05/12 21:21:06
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:06
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:08
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:10
A
30/05/12 21:21:10
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:11
A
30/05/12 21:21:11
A
30/05/12 21:21:11
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:19
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:28
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:29
A
30/05/12 21:21:29
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:30
A
30/05/12 21:21:30
A
30/05/12 21:21:30
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:30
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:35
A
30/05/12 21:21:35
A
30/05/12 21:21:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:35
A
30/05/12 21:21:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:44
A
30/05/12 21:21:44
D
call: DLL_PROCESS_DETACH
30/05/12 21:21:44
D
call: DLL_PROCESS_ATTACH
30/05/12 21:21:48
A
30/05/12 21:21:48
F
30/05/12 21:21:49
A
30/05/12 21:21:49
A
30/05/12 21:21:49
D
call: DLL_PROCESS_DETACH
30/05/12 21:22:05
D
call: DLL_PROCESS_ATTACH
30/05/12 21:22:32
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1866727424 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for

30/05/12 21:22:45
A
30/05/12 21:22:45
R
.exe
30/05/12 21:22:47
A
30/05/12 21:22:47
D
call: DLL_PROCESS_DETACH
30/05/12 21:22:51
D
call: DLL_PROCESS_ATTACH
30/05/12 21:22:51
A
30/05/12 21:22:51
D
call: DLL_PROCESS_DETACH
30/05/12 21:22:51
D
call: DLL_PROCESS_ATTACH
30/05/12 21:22:53
A
30/05/12 21:22:53
F
30/05/12 21:22:54
A
30/05/12 21:22:54
F
30/05/12 21:23:47
A
30/05/12 21:23:47
D
call: DLL_PROCESS_DETACH
30/05/12 21:28:04
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:12
A
30/05/12 21:39:12
F
30/05/12 21:39:12
A
30/05/12 21:39:12
F
30/05/12 21:39:12
A
30/05/12 21:39:12
F
30/05/12 21:39:12
A
30/05/12 21:39:12
D
call: DLL_PROCESS_DETACH
30/05/12 21:39:12
A
30/05/12 21:39:12
F
30/05/12 21:39:12
A
30/05/12 21:39:12
F
30/05/12 21:39:38
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:41
A
30/05/12 21:39:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:39:41
A
30/05/12 21:39:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:39:42
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:46
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:46
D
call: DLL_PROCESS_ATTACH
30/05/12 21:39:46
A
30/05/12 21:39:46
D
call: DLL_PROCESS_DETACH
30/05/12 21:39:46
A
30/05/12 21:39:46
D
call: DLL_PROCESS_DETACH
30/05/12 21:39:47
A

-> NtTerminateProcessCallback
La victima es SILENT HILL 4.exe Asesino taskmgr
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:39:47
A
30/05/12 21:39:47
D
call: DLL_PROCESS_DETACH
30/05/12 21:40:11
A
30/05/12 21:40:11
D
call: DLL_PROCESS_DETACH
30/05/12 21:40:13
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:20
A
30/05/12 21:40:20
A
30/05/12 21:40:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:40:20
A
30/05/12 21:40:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:40:21
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:27
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:31
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:31
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:32
A
30/05/12 21:40:32
A
30/05/12 21:40:32
D
call: DLL_PROCESS_DETACH
30/05/12 21:40:33
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:40
A
30/05/12 21:40:40
R
30/05/12 21:40:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:40
A
30/05/12 21:40:40
A
30/05/12 21:40:40
R
30/05/12 21:40:40
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:46
A
30/05/12 21:40:46
A
30/05/12 21:40:46
R
30/05/12 21:40:57
D
call: DLL_PROCESS_ATTACH
30/05/12 21:40:57
A
30/05/12 21:40:57
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:01
A
30/05/12 21:41:01
R
30/05/12 21:41:03
A
30/05/12 21:41:03
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:08
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:13
A
30/05/12 21:41:19
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:20
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:20
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for

30/05/12 21:41:20
A
30/05/12 21:41:20
A
30/05/12 21:41:20
A
30/05/12 21:41:20
A
30/05/12 21:41:30
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:30
A
30/05/12 21:41:30
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:31
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:31
A
30/05/12 21:41:31
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:31
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:31
A
30/05/12 21:41:31
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:35
A
30/05/12 21:41:35
A
30/05/12 21:41:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:35
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:53
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:58
A
30/05/12 21:41:58
A
30/05/12 21:41:58
D
call: DLL_PROCESS_DETACH
30/05/12 21:41:58
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:59
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:59
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:59
A
30/05/12 21:41:59
A
30/05/12 21:41:59
A
30/05/12 21:41:59
A
30/05/12 21:41:59
D
call: DLL_PROCESS_ATTACH
30/05/12 21:41:59
A
30/05/12 21:41:59
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:00
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:00
A
30/05/12 21:42:00
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:00
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:00
A
30/05/12 21:42:00
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:01
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:04
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for

30/05/12 21:42:05
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:05
A
30/05/12 21:42:05
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:05
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:05
A
30/05/12 21:42:06
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:06
A
30/05/12 21:42:06
A
30/05/12 21:42:06
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:10
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:10
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:10
A
30/05/12 21:42:10
A
30/05/12 21:42:10
A
30/05/12 21:42:10
A
30/05/12 21:42:10
A
30/05/12 21:42:10
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:14
A
30/05/12 21:42:14
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:14
A
30/05/12 21:42:14
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:15
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:17
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:18
A
30/05/12 21:42:18
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:19
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:20
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:20
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:21
A
30/05/12 21:42:21
R
30/05/12 21:42:21
A
30/05/12 21:42:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:21
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:22
A
30/05/12 21:42:22
A
30/05/12 21:42:23
D
call: DLL_PROCESS_DETACH
30/05/12 21:42:23
A
30/05/12 21:42:23
A
30/05/12 21:42:23
R
30/05/12 21:42:42
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4028760064 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for

30/05/12 21:42:43
A
30/05/12 21:42:43
R
30/05/12 21:42:47
D
call: DLL_PROCESS_ATTACH
30/05/12 21:42:48
A
30/05/12 21:42:48
R
30/05/12 21:43:33
D
call: DLL_PROCESS_ATTACH
30/05/12 21:43:43
D
call: DLL_PROCESS_ATTACH
30/05/12 21:43:48
D
call: DLL_PROCESS_ATTACH
30/05/12 21:43:49
D
call: DLL_PROCESS_ATTACH
30/05/12 21:43:53
A
30/05/12 21:43:53
A
30/05/12 21:43:54
D
call: DLL_PROCESS_DETACH
30/05/12 21:44:36
A
30/05/12 21:44:37
D
call: DLL_PROCESS_DETACH
30/05/12 21:44:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:44:42
A
30/05/12 21:44:42
D
call: DLL_PROCESS_DETACH
30/05/12 21:46:09
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:26
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:26
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:31
A
30/05/12 21:47:31
A
30/05/12 21:47:31
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:34
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:41
A
30/05/12 21:47:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:41
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:41
A
30/05/12 21:47:41
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:42
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:42
A
30/05/12 21:47:42
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:42
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:43
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:44
A
30/05/12 21:47:44
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:45
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for

30/05/12 21:47:45
A
30/05/12 21:47:45
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:46
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:47
A
30/05/12 21:47:47
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:50
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:51
D
call: DLL_PROCESS_ATTACH
30/05/12 21:47:51
A
30/05/12 21:47:51
R
30/05/12 21:47:54
A
30/05/12 21:47:54
D
call: DLL_PROCESS_DETACH
30/05/12 21:47:54
A
30/05/12 21:47:54
R
30/05/12 21:48:09
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:15
A
30/05/12 21:48:15
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:18
A
30/05/12 21:48:18
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:19
A
30/05/12 21:48:19
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:20
A
30/05/12 21:48:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:23
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:23
A
30/05/12 21:48:23
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:23
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:24
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:24
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:24
A
30/05/12 21:48:24
A
30/05/12 21:48:24
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:24
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:25
A
30/05/12 21:48:25
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:26
D
call: DLL_PROCESS_ATTACH
30/05/12 21:48:32
A
30/05/12 21:48:32
A
30/05/12 21:48:32
D
call: DLL_PROCESS_DETACH
30/05/12 21:48:43
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4028760064 - Reason for
-> NtTerminateProcessCallback

30/05/12 21:48:43
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:20
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:21
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:22
D
call: DLL_PROCESS_DETACH
30/05/12 21:50:22
D
call: DLL_PROCESS_DETACH
04/06/12 10:45:24
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:24
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:24
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:24
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:24
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:24
A
04/06/12 10:45:24
A

Enter DllMain -> Handle: 4028760064 - Reason for

Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 4028760064 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 1866727424 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback

04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:25
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:26
A
04/06/12 10:45:27
A
04/06/12 10:45:31
A
04/06/12 10:45:31
A
04/06/12 10:45:31
D
call: DLL_PROCESS_DETACH
04/06/12 10:45:33
A
04/06/12 10:45:33
D
call: DLL_PROCESS_DETACH
04/06/12 10:45:34
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:34
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:35
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:35
A
04/06/12 10:45:35
D
call: DLL_PROCESS_DETACH
04/06/12 10:45:35
A
04/06/12 10:45:35
D
call: DLL_PROCESS_DETACH
04/06/12 10:45:35
A
04/06/12 10:45:35
A
04/06/12 10:45:35
A
04/06/12 10:45:35
A
04/06/12 10:45:35
D
call: DLL_PROCESS_ATTACH
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:39
A
04/06/12 10:45:39
F
04/06/12 10:45:50
A
04/06/12 10:45:50
D
call: DLL_PROCESS_DETACH
04/06/12 10:47:29
D
call: DLL_PROCESS_ATTACH
04/06/12 10:48:00
A
04/06/12 10:48:00
D
call: DLL_PROCESS_DETACH
04/06/12 10:49:57
D

Enter DllMain -> Handle: 1840119808 - Reason for

Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4129161216 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1840119808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1840119808 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1840119808 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for

call: DLL_PROCESS_ATTACH
04/06/12 10:50:01
D
call: DLL_PROCESS_ATTACH
04/06/12 10:50:01
A
04/06/12 10:50:01
A
04/06/12 10:50:01
A
04/06/12 10:50:01
A
04/06/12 10:50:01
D
call: DLL_PROCESS_ATTACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 10:50:07
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D

Enter DllMain -> Handle: 4129161216 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 4129161216 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 1840119808 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for

call: DLL_PROCESS_ATTACH
04/06/12 11:43:27
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
A
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
A
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
A
04/06/12 11:43:28
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:28
A
04/06/12 11:43:28
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:30
A
04/06/12 11:43:30
F
04/06/12 11:43:30
A
04/06/12 11:43:30
F
04/06/12 11:43:30
A
04/06/12 11:43:30
F
04/06/12 11:43:31
A
04/06/12 11:43:31
A
04/06/12 11:43:31
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:31
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:31
D
call: DLL_PROCESS_ATTACH
04/06/12 11:43:31
A
04/06/12 11:43:31
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:34
A
04/06/12 11:43:34
F
04/06/12 11:43:34
A
04/06/12 11:43:34
F
04/06/12 11:43:36
A
04/06/12 11:43:36
F
04/06/12 11:43:39
A
04/06/12 11:43:39
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1835794432 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4112515072 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1835794432 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1835794432 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4112515072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for

04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 11:43:51
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:14
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:15
A
04/06/12 17:15:15
A
04/06/12 17:15:15
A
04/06/12 17:15:15
A
04/06/12 17:15:26
A
04/06/12 17:15:26
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:27
A
04/06/12 17:15:27
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:43
A
04/06/12 17:15:43
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:46
D

Enter DllMain -> Handle: 4112515072 - Reason for

Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 4112515072 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 1835794432 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for

call: DLL_PROCESS_ATTACH
04/06/12 17:15:51
A
04/06/12 17:15:51
A
04/06/12 17:15:51
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:51
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:52
A
04/06/12 17:15:52
D
call: DLL_PROCESS_DETACH
04/06/12 17:15:52
D
call: DLL_PROCESS_ATTACH
04/06/12 17:15:52
A
04/06/12 17:15:52
F
04/06/12 17:18:18
A
04/06/12 17:18:18
F
04/06/12 17:18:18
A
04/06/12 17:18:18
F
04/06/12 17:18:18
A
04/06/12 17:18:18
F
04/06/12 17:18:18
A
04/06/12 17:18:18
F
04/06/12 17:18:18
A
04/06/12 17:18:18
D
call: DLL_PROCESS_DETACH
04/06/12 17:18:19
A
04/06/12 17:18:19
F
04/06/12 17:18:24
D
call: DLL_PROCESS_ATTACH
04/06/12 17:18:24
A
04/06/12 17:18:24
D
call: DLL_PROCESS_DETACH
04/06/12 17:18:24
D
call: DLL_PROCESS_ATTACH
04/06/12 17:18:24
A
04/06/12 17:18:24
F
04/06/12 17:22:02
A
04/06/12 17:22:02
F
04/06/12 17:22:02
A
04/06/12 17:22:02
F
04/06/12 17:22:02
A
04/06/12 17:22:02
D
call: DLL_PROCESS_DETACH
04/06/12 17:22:02
A
04/06/12 17:22:02
F
04/06/12 17:22:02
A
04/06/12 17:22:02
F
04/06/12 17:22:10
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:11
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:11
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:12
A
04/06/12 17:22:12
R
04/06/12 17:22:12
A
04/06/12 17:22:12
R
04/06/12 17:22:12
A
04/06/12 17:22:12
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for

04/06/12 17:22:19
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:20
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:25
A
04/06/12 17:22:25
A
04/06/12 17:22:25
D
call: DLL_PROCESS_DETACH
04/06/12 17:22:26
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:31
A
04/06/12 17:22:31
A
04/06/12 17:22:31
D
call: DLL_PROCESS_DETACH
04/06/12 17:22:34
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:40
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:40
A
04/06/12 17:22:40
A
04/06/12 17:22:40
D
call: DLL_PROCESS_DETACH
04/06/12 17:22:48
A
04/06/12 17:22:48
D
call: DLL_PROCESS_DETACH
04/06/12 17:22:49
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:49
D
call: DLL_PROCESS_ATTACH
04/06/12 17:22:54
A
04/06/12 17:22:54
A
04/06/12 17:22:54
D
call: DLL_PROCESS_DETACH
04/06/12 17:23:28
A
04/06/12 17:23:28
D
call: DLL_PROCESS_DETACH
04/06/12 17:23:48
A
04/06/12 17:23:48
D
call: DLL_PROCESS_DETACH
04/06/12 17:24:19
A
04/06/12 17:24:19
D
call: DLL_PROCESS_DETACH
04/06/12 17:24:21
D
call: DLL_PROCESS_ATTACH
04/06/12 17:24:21
A
04/06/12 17:24:21
D
call: DLL_PROCESS_DETACH
04/06/12 17:24:32
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:03
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:03
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:05
A
04/06/12 17:25:05
D
call: DLL_PROCESS_DETACH
04/06/12 17:25:08
A
04/06/12 17:25:08
A
04/06/12 17:25:08
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4115922944 - Reason for

Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for

04/06/12 17:25:13
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:17
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:17
A
04/06/12 17:25:17
D
call: DLL_PROCESS_DETACH
04/06/12 17:25:22
A
04/06/12 17:25:22
A
04/06/12 17:25:22
D
call: DLL_PROCESS_DETACH
04/06/12 17:25:22
D
call: DLL_PROCESS_ATTACH
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:23
A
04/06/12 17:25:23
F
04/06/12 17:25:25
A
04/06/12 17:25:25
F
04/06/12 17:25:26
A
04/06/12 17:25:26
F
04/06/12 17:27:59
D
call: DLL_PROCESS_ATTACH
04/06/12 17:27:59
A
04/06/12 17:27:59
D
call: DLL_PROCESS_DETACH
04/06/12 18:00:00
D
call: DLL_PROCESS_ATTACH
04/06/12 18:00:00
A
04/06/12 18:00:00
D
call: DLL_PROCESS_DETACH
04/06/12 18:13:32
A
04/06/12 18:13:32
D
call: DLL_PROCESS_DETACH
04/06/12 18:41:15
A
04/06/12 18:41:15
F
04/06/12 18:41:15
A
04/06/12 18:41:15
F
04/06/12 18:41:16
A
04/06/12 18:41:16
D
call: DLL_PROCESS_DETACH
04/06/12 18:41:16
A
04/06/12 18:41:16
F
04/06/12 18:41:31
D
call: DLL_PROCESS_ATTACH
04/06/12 18:41:40
D
call: DLL_PROCESS_ATTACH
04/06/12 18:41:41
D

Enter DllMain -> Handle: 4115922944 - Reason for

Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for

call: DLL_PROCESS_ATTACH
04/06/12 18:41:43
A
04/06/12 18:41:43
D
call: DLL_PROCESS_DETACH
04/06/12 18:41:46
A
04/06/12 18:41:46
A
04/06/12 18:41:46
D
call: DLL_PROCESS_DETACH
04/06/12 18:41:50
D
call: DLL_PROCESS_ATTACH
04/06/12 18:41:50
A
04/06/12 18:41:50
D
call: DLL_PROCESS_DETACH
04/06/12 18:41:52
D
call: DLL_PROCESS_ATTACH
04/06/12 18:41:57
A
04/06/12 18:41:57
A
04/06/12 18:41:57
D
call: DLL_PROCESS_DETACH
04/06/12 18:42:31
A
04/06/12 18:42:31
D
call: DLL_PROCESS_DETACH
04/06/12 18:44:40
A
04/06/12 18:44:40
D
call: DLL_PROCESS_DETACH
04/06/12 18:46:17
D
call: DLL_PROCESS_ATTACH
04/06/12 18:46:17
D
call: DLL_PROCESS_ATTACH
04/06/12 18:46:20
D
call: DLL_PROCESS_ATTACH
04/06/12 18:46:21
A
04/06/12 18:46:21
A
04/06/12 18:46:21
R
04/06/12 18:46:33
D
call: DLL_PROCESS_ATTACH
04/06/12 18:46:35
A
04/06/12 18:46:35
R
04/06/12 18:51:45
D
call: DLL_PROCESS_ATTACH
04/06/12 18:51:47
D
call: DLL_PROCESS_ATTACH
04/06/12 18:51:47
A
04/06/12 18:51:47
R
04/06/12 18:51:56
D
call: DLL_PROCESS_ATTACH
04/06/12 18:51:58
A
04/06/12 18:51:58
R
04/06/12 18:52:27
D
call: DLL_PROCESS_ATTACH
04/06/12 19:00:00
D
call: DLL_PROCESS_ATTACH
04/06/12 19:00:00
A
04/06/12 19:00:00
D
call: DLL_PROCESS_DETACH
04/06/12 19:01:13
D
call: DLL_PROCESS_ATTACH
04/06/12 19:01:15
D
call: DLL_PROCESS_ATTACH
04/06/12 19:01:16
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback

04/06/12 19:01:16
R
04/06/12 19:03:24
A
04/06/12 19:03:24
R
04/06/12 19:03:24
A
04/06/12 19:03:24
R
04/06/12 19:03:24
A
04/06/12 19:03:24
R
04/06/12 19:03:25
A
04/06/12 19:03:25
D
call: DLL_PROCESS_DETACH
04/06/12 19:03:25
A
04/06/12 19:03:25
D
call: DLL_PROCESS_DETACH
04/06/12 19:07:11
D
call: DLL_PROCESS_ATTACH
04/06/12 19:07:49
A
04/06/12 19:07:49
D
call: DLL_PROCESS_DETACH
04/06/12 19:07:50
A
04/06/12 19:07:50
F
04/06/12 19:07:59
A
04/06/12 19:07:59
F
04/06/12 19:08:07
D
call: DLL_PROCESS_ATTACH
04/06/12 19:08:12
D
call: DLL_PROCESS_ATTACH
04/06/12 19:08:29
A
04/06/12 19:08:29
A
04/06/12 19:08:29
D
call: DLL_PROCESS_DETACH
04/06/12 19:09:07
A
04/06/12 19:09:07
D
call: DLL_PROCESS_DETACH
04/06/12 19:18:38
D
call: DLL_PROCESS_ATTACH
04/06/12 19:18:42
A
04/06/12 19:18:42
F
04/06/12 19:18:42
A
04/06/12 19:18:42
F
04/06/12 19:19:25
A
04/06/12 19:19:25
F
04/06/12 19:24:16
A
04/06/12 19:24:16
F
04/06/12 19:24:17
A
04/06/12 19:24:17
F
04/06/12 19:24:27
A
04/06/12 19:24:27
F
04/06/12 19:24:27
A
04/06/12 19:24:31
D
call: DLL_PROCESS_ATTACH
04/06/12 19:24:32
A
04/06/12 19:24:32
F
04/06/12 19:24:33
A
04/06/12 19:24:33
F
04/06/12 19:25:10
A
04/06/12 19:25:10
F
04/06/12 19:37:57
A
04/06/12 19:37:57
F
04/06/12 19:37:57
A
04/06/12 19:37:57
F

La victima es chrome.exe Asesino chrome.exe

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

04/06/12 20:00:01
D
call: DLL_PROCESS_ATTACH
04/06/12 20:00:01
A
04/06/12 20:00:01
D
call: DLL_PROCESS_DETACH
04/06/12 21:00:00
D
call: DLL_PROCESS_ATTACH
04/06/12 21:00:00
A
04/06/12 21:00:00
D
call: DLL_PROCESS_DETACH
04/06/12 21:38:07
D
call: DLL_PROCESS_ATTACH
04/06/12 21:38:08
D
call: DLL_PROCESS_ATTACH
04/06/12 21:38:28
D
call: DLL_PROCESS_ATTACH
04/06/12 21:38:29
A
04/06/12 21:38:29
R
04/06/12 21:39:11
D
call: DLL_PROCESS_ATTACH
04/06/12 21:39:12
A
04/06/12 21:39:12
A
04/06/12 21:39:47
D
call: DLL_PROCESS_ATTACH
04/06/12 21:39:56
D
call: DLL_PROCESS_ATTACH
04/06/12 21:41:35
D
call: DLL_PROCESS_ATTACH
04/06/12 21:41:35
D
call: DLL_PROCESS_ATTACH
04/06/12 21:41:36
A
04/06/12 21:41:36
D
call: DLL_PROCESS_DETACH
04/06/12 21:41:41
A
04/06/12 21:41:41
R
04/06/12 21:41:41
A
04/06/12 21:41:41
R
04/06/12 21:41:41
A
04/06/12 21:41:41
D
call: DLL_PROCESS_DETACH
04/06/12 21:41:41
A
04/06/12 21:41:41
D
call: DLL_PROCESS_DETACH
04/06/12 21:41:52
D
call: DLL_PROCESS_ATTACH
04/06/12 21:41:58
A
04/06/12 21:41:58
A
04/06/12 21:41:58
D
call: DLL_PROCESS_DETACH
04/06/12 21:42:46
D
call: DLL_PROCESS_ATTACH
04/06/12 21:42:46
D
call: DLL_PROCESS_ATTACH
04/06/12 21:42:55
D
call: DLL_PROCESS_ATTACH
04/06/12 21:44:14
D
call: DLL_PROCESS_ATTACH
04/06/12 21:44:19
A
04/06/12 21:44:19
A
04/06/12 21:44:19
D

Enter DllMain -> Handle: 1883045888 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for

call: DLL_PROCESS_DETACH
04/06/12 21:44:28
D
call: DLL_PROCESS_ATTACH
04/06/12 21:44:29
A
04/06/12 21:44:29
R
04/06/12 21:44:37
D
call: DLL_PROCESS_ATTACH
04/06/12 21:44:38
A
04/06/12 21:44:38
R
04/06/12 21:50:08
D
call: DLL_PROCESS_ATTACH
04/06/12 21:50:30
D
call: DLL_PROCESS_ATTACH
04/06/12 21:51:37
D
call: DLL_PROCESS_ATTACH
04/06/12 21:51:37
D
call: DLL_PROCESS_ATTACH
04/06/12 21:51:37
A
04/06/12 21:51:37
D
call: DLL_PROCESS_DETACH
04/06/12 21:52:55
D
call: DLL_PROCESS_ATTACH
04/06/12 22:00:01
D
call: DLL_PROCESS_ATTACH
04/06/12 22:00:01
A
04/06/12 22:00:01
D
call: DLL_PROCESS_DETACH
04/06/12 22:01:41
A
04/06/12 22:01:41
A
04/06/12 22:01:41
A
04/06/12 22:01:41
A
04/06/12 22:01:44
D
call: DLL_PROCESS_ATTACH
04/06/12 22:01:47
A
04/06/12 22:01:47
D
call: DLL_PROCESS_DETACH
04/06/12 22:08:09
A
04/06/12 22:08:09
R
04/06/12 22:08:09
A
04/06/12 22:08:09
R
04/06/12 22:08:09
A
04/06/12 22:08:09
R
04/06/12 22:08:10
A
04/06/12 22:08:10
D
call: DLL_PROCESS_DETACH
04/06/12 22:08:10
A
04/06/12 22:08:10
D
call: DLL_PROCESS_DETACH
04/06/12 22:08:13
D
call: DLL_PROCESS_ATTACH
04/06/12 22:08:13
D
call: DLL_PROCESS_ATTACH
04/06/12 22:08:13
D
call: DLL_PROCESS_ATTACH
04/06/12 22:08:14
A
04/06/12 22:08:14
R
04/06/12 22:08:56
A
04/06/12 22:08:56
D
call: DLL_PROCESS_DETACH
04/06/12 22:10:04
A

Enter DllMain -> Handle: 1883045888 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
-> NtTerminateProcessCallback

04/06/12 22:10:04
R
04/06/12 22:10:05
A
04/06/12 22:10:05
D
call: DLL_PROCESS_DETACH
04/06/12 22:10:05
A
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
04/06/12 22:14:40
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:28
A
05/06/12 10:35:29
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:29
A
05/06/12 10:35:29
A
05/06/12 10:35:29
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:29
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:29
A
05/06/12 10:35:29
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:29
D
call: DLL_PROCESS_ATTACH
05/06/12 10:35:29
A

La victima es chrome.exe Asesino chrome.exe

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1883045888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 4115922944 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 1883045888 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1816657920 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
-> NtTerminateProcessCallback

05/06/12 10:35:29
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:34
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:34
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 10:35:35
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:09
A
05/06/12 13:53:10
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:13
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:13
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:14
D
call: DLL_PROCESS_ATTACH
05/06/12 13:53:14
D

Enter DllMain -> Handle: 4080664576 - Reason for

Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 4080664576 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 1816657920 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for

call: DLL_PROCESS_ATTACH
05/06/12 13:53:18
A
05/06/12 13:53:18
F
05/06/12 13:53:18
A
05/06/12 13:53:18
F
05/06/12 13:53:18
A
05/06/12 13:53:18
F
05/06/12 13:53:21
A
05/06/12 13:53:21
F
05/06/12 13:53:21
A
05/06/12 13:53:21
F
05/06/12 13:53:21
A
05/06/12 13:53:21
A
05/06/12 13:53:21
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:21
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:21
A
05/06/12 13:53:21
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:21
A
05/06/12 13:53:21
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:22
A
05/06/12 13:53:22
F
05/06/12 13:53:23
A
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:23
D
call: DLL_PROCESS_DETACH
05/06/12 13:53:24
D
call: DLL_PROCESS_DETACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1830748160 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 1830748160 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for

05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:16
A
05/06/12 15:38:17
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:17
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:17
A
05/06/12 15:38:17
A
05/06/12 15:38:17
A
05/06/12 15:38:17
A
05/06/12 15:38:17
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:17
D
call: DLL_PROCESS_ATTACH
05/06/12 15:38:17
A
05/06/12 15:38:17
D
call: DLL_PROCESS_DETACH
05/06/12 15:38:17
A
05/06/12 15:38:17
D
call: DLL_PROCESS_DETACH
05/06/12 15:38:18
A
05/06/12 15:38:18
F
05/06/12 15:38:18
A
05/06/12 15:38:18
F
05/06/12 15:38:18
A
05/06/12 15:38:18
F
05/06/12 15:38:20
A
05/06/12 15:38:20
F
05/06/12 15:38:20
A
05/06/12 15:38:20
F
05/06/12 15:38:21
A

Enter DllMain -> Handle: 4120444928 - Reason for

Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1919811584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1919811584 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

05/06/12 15:38:21
F
05/06/12 15:38:21
A
05/06/12 15:38:21
D
call: DLL_PROCESS_DETACH
05/06/12 15:38:22
A
05/06/12 15:38:22
A
05/06/12 15:38:22
A
05/06/12 15:38:22
A
05/06/12 15:38:25
A
05/06/12 15:38:25
D
call: DLL_PROCESS_DETACH
05/06/12 15:38:46
A
05/06/12 15:38:46
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
05/06/12 15:47:40
D
call: DLL_PROCESS_DETACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH

lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1919811584 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4120444928 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 4120444928 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 1919811584 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for

06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:09
A
06/06/12 11:01:09
A
06/06/12 11:01:09
A
06/06/12 11:01:09
A
06/06/12 11:01:09
A
06/06/12 11:01:09
D
call: DLL_PROCESS_DETACH
06/06/12 11:01:10
A
06/06/12 11:01:10
F
06/06/12 11:01:10
A
06/06/12 11:01:10
F
06/06/12 11:01:10
A
06/06/12 11:01:10
F
06/06/12 11:01:13
A
06/06/12 11:01:13
F
06/06/12 11:01:13
A
06/06/12 11:01:13
F
06/06/12 11:01:13
A
06/06/12 11:01:13
F
06/06/12 11:01:35
D
call: DLL_PROCESS_ATTACH
06/06/12 11:01:42
A
06/06/12 11:01:42
D
call: DLL_PROCESS_DETACH
06/06/12 11:01:52
A
06/06/12 11:01:52
D
call: DLL_PROCESS_DETACH
06/06/12 11:01:55
D
call: DLL_PROCESS_ATTACH
06/06/12 11:02:00
A
06/06/12 11:02:00
D
call: DLL_PROCESS_DETACH
06/06/12 11:02:02
D
call: DLL_PROCESS_ATTACH
06/06/12 11:02:04
A
06/06/12 11:02:04
D
call: DLL_PROCESS_DETACH
06/06/12 11:02:06
A
06/06/12 11:02:06
A
06/06/12 11:02:06
D
call: DLL_PROCESS_DETACH
06/06/12 11:02:24
D
call: DLL_PROCESS_ATTACH
06/06/12 11:02:28
D
call: DLL_PROCESS_ATTACH
06/06/12 11:02:29
A
06/06/12 11:02:29
D
call: DLL_PROCESS_DETACH
06/06/12 11:02:29
A
06/06/12 11:02:29
A
06/06/12 11:02:29
D
call: DLL_PROCESS_DETACH
06/06/12 11:02:37
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1957298176 - Reason for

Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for

06/06/12 11:02:49
A
06/06/12 11:02:49
A
06/06/12 11:02:49
D
call: DLL_PROCESS_DETACH
06/06/12 11:03:02
D
call: DLL_PROCESS_ATTACH
06/06/12 11:03:07
A
06/06/12 11:03:07
A
06/06/12 11:03:07
D
call: DLL_PROCESS_DETACH
06/06/12 11:03:11
D
call: DLL_PROCESS_ATTACH
06/06/12 11:03:22
A
06/06/12 11:03:22
A
06/06/12 11:03:22
D
call: DLL_PROCESS_DETACH
06/06/12 11:03:34
D
call: DLL_PROCESS_ATTACH
06/06/12 11:03:39
A
06/06/12 11:03:39
A
06/06/12 11:03:39
D
call: DLL_PROCESS_DETACH
06/06/12 11:03:50
D
call: DLL_PROCESS_ATTACH
06/06/12 11:03:52
A
06/06/12 11:03:52
D
call: DLL_PROCESS_DETACH
06/06/12 11:04:24
D
call: DLL_PROCESS_ATTACH
06/06/12 11:04:29
A
06/06/12 11:04:29
A
06/06/12 11:04:29
D
call: DLL_PROCESS_DETACH
06/06/12 11:04:31
D
call: DLL_PROCESS_ATTACH
06/06/12 11:04:36
A
06/06/12 11:04:41
D
call: DLL_PROCESS_ATTACH
06/06/12 11:04:53
D
call: DLL_PROCESS_ATTACH
06/06/12 11:04:53
A
06/06/12 11:04:53
A
06/06/12 11:04:53
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:01
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:01
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:02
A
06/06/12 11:05:02
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:03
A
06/06/12 11:05:03
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:03
A
06/06/12 11:05:03
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:05
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:10
A

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback

06/06/12 11:05:10
A
06/06/12 11:05:10
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:27
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:32
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:32
A
06/06/12 11:05:32
A
06/06/12 11:05:32
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:32
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:32
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:34
A
06/06/12 11:05:34
D
call: DLL_PROCESS_DETACH
06/06/12 11:05:35
D
call: DLL_PROCESS_ATTACH
06/06/12 11:05:42
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:01
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:05
A
06/06/12 11:06:05
A
06/06/12 11:06:06
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:06
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:08
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:16
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:16
A
06/06/12 11:06:16
A
06/06/12 11:06:16
A
06/06/12 11:06:16
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:17
A
06/06/12 11:06:17
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:17
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:17
A
06/06/12 11:06:17
A
06/06/12 11:06:17
A
06/06/12 11:06:17
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:18
A
06/06/12 11:06:18
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:20
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:20
A
06/06/12 11:06:20
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:22
A
06/06/12 11:06:22
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for

06/06/12 11:06:22
A
06/06/12 11:06:22
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:24
A
06/06/12 11:06:24
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:37
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:38
A
06/06/12 11:06:38
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:42
A
06/06/12 11:06:42
A
06/06/12 11:06:42
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:49
A
06/06/12 11:06:49
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:49
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:49
A
06/06/12 11:06:49
D
call: DLL_PROCESS_DETACH
06/06/12 11:06:54
A
06/06/12 11:06:56
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:58
D
call: DLL_PROCESS_ATTACH
06/06/12 11:06:58
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:01
A
06/06/12 11:07:01
A
06/06/12 11:07:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:03
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:03
A
06/06/12 11:07:03
A
06/06/12 11:07:03
A
06/06/12 11:07:03
A
06/06/12 11:07:03
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:03
A
06/06/12 11:07:03
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:04
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:07
A
06/06/12 11:07:07
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:07
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:08
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:11
A
06/06/12 11:07:11
R
06/06/12 11:07:12
A
06/06/12 11:07:12
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:12
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback

06/06/12 11:07:12
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:17
A
06/06/12 11:07:45
D
call: DLL_PROCESS_ATTACH
06/06/12 11:07:50
A
06/06/12 11:07:50
A
06/06/12 11:07:50
D
call: DLL_PROCESS_DETACH
06/06/12 11:07:57
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:02
A
06/06/12 11:08:02
D
call: DLL_PROCESS_DETACH
06/06/12 11:08:11
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:13
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:13
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:14
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:16
A
06/06/12 11:08:16
A
06/06/12 11:08:16
A
06/06/12 11:08:16
D
call: DLL_PROCESS_DETACH
06/06/12 11:08:16
D
call: DLL_PROCESS_DETACH
06/06/12 11:08:18
A
06/06/12 11:08:18
D
call: DLL_PROCESS_DETACH
06/06/12 11:08:23
A
06/06/12 11:08:37
D
call: DLL_PROCESS_ATTACH
06/06/12 11:08:43
A
06/06/12 11:08:43
A
06/06/12 11:08:43
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D

Enter DllMain -> Handle: 1957298176 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096851968 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for

call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
A
06/06/12 11:09:54
A
06/06/12 11:09:54
A
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
A
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:54
A
06/06/12 11:09:54
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:55
A
06/06/12 11:09:55
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:55
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:55
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:55
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:55
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:57
A
06/06/12 11:09:57
A
06/06/12 11:09:57
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:57
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:57
A
06/06/12 11:09:57
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:58
D
call: DLL_PROCESS_ATTACH
06/06/12 11:09:58
A
06/06/12 11:09:58
D
call: DLL_PROCESS_DETACH
06/06/12 11:09:58
A
06/06/12 11:09:58
F
06/06/12 11:09:58
A
06/06/12 11:09:58
F
06/06/12 11:09:58
A
06/06/12 11:09:58
F
06/06/12 11:09:59
A
06/06/12 11:09:59
F
06/06/12 11:09:59
A
06/06/12 11:09:59
F
06/06/12 11:09:59
A
06/06/12 11:09:59
F
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D

Enter DllMain -> Handle: 1944453120 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4105371648 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944453120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4105371648 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for

call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 11:10:01
D
call: DLL_PROCESS_DETACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:46
A
06/06/12 15:34:48
A
06/06/12 15:34:48
F
06/06/12 15:34:48
A
06/06/12 15:34:48
F
06/06/12 15:34:50
A
06/06/12 15:34:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:34:51
A
06/06/12 15:34:51
F
06/06/12 15:34:51
A
06/06/12 15:34:51
D
call: DLL_PROCESS_DETACH
06/06/12 15:34:52
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4105371648 - Reason for

Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 4105371648 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 1944453120 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for

06/06/12 15:34:54
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:54
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:54
D
call: DLL_PROCESS_ATTACH
06/06/12 15:34:55
A
06/06/12 15:34:55
A
06/06/12 15:34:55
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:01
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:02
A
06/06/12 15:35:02
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:02
A
06/06/12 15:35:02
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:02
A
06/06/12 15:35:02
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:02
A
06/06/12 15:35:02
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:11
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:15
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:15
A
06/06/12 15:35:15
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:19
A
06/06/12 15:35:19
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:22
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:22
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:24
A
06/06/12 15:35:24
D
call: DLL_PROCESS_DETACH
06/06/12 15:35:28
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:33
D
call: DLL_PROCESS_ATTACH
06/06/12 15:35:57
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:01
A
06/06/12 15:36:01
A
06/06/12 15:36:01
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:03
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:04
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:12
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:12
A
06/06/12 15:36:12
A
06/06/12 15:36:12
A

Enter DllMain -> Handle: 4107730944 - Reason for

Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback

06/06/12 15:36:12
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:13
A
06/06/12 15:36:13
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:13
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:13
A
06/06/12 15:36:13
A
06/06/12 15:36:13
A
06/06/12 15:36:13
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:13
A
06/06/12 15:36:13
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:15
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:15
A
06/06/12 15:36:15
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:17
A
06/06/12 15:36:17
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:18
A
06/06/12 15:36:18
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:19
A
06/06/12 15:36:19
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:31
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:32
A
06/06/12 15:36:32
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:36
A
06/06/12 15:36:36
A
06/06/12 15:36:36
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:43
A
06/06/12 15:36:43
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:43
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:43
A
06/06/12 15:36:43
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
06/06/12 15:36:47
A
06/06/12 15:36:47
D
call: DLL_PROCESS_DETACH
06/06/12 15:36:48
A
06/06/12 15:36:48
D
call: DLL_PROCESS_DETACH
06/06/12 15:37:02
D
call: DLL_PROCESS_ATTACH
06/06/12 15:37:02
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1871904768 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for

06/06/12 15:37:03
A
06/06/12 15:37:03
D
call: DLL_PROCESS_DETACH
06/06/12 15:37:03
A
06/06/12 15:37:03
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:04
A
06/06/12 15:38:04
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:06
D
call: DLL_PROCESS_ATTACH
06/06/12 15:38:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:38:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:38:09
A
06/06/12 15:38:09
A
06/06/12 15:38:09
A
06/06/12 15:38:09
A
06/06/12 15:38:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:38:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:38:11
A
06/06/12 15:38:11
F
06/06/12 15:38:11
A
06/06/12 15:38:11
F
06/06/12 15:38:12
A
06/06/12 15:38:12
A
06/06/12 15:38:12
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:25
A
06/06/12 15:38:25
F
06/06/12 15:38:25
A
06/06/12 15:38:25
F
06/06/12 15:38:25
A
06/06/12 15:38:25
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:25
A
06/06/12 15:38:25
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:25
A
06/06/12 15:38:25
D
call: DLL_PROCESS_DETACH
06/06/12 15:38:25
A
06/06/12 15:38:25
F
06/06/12 15:38:39
D
call: DLL_PROCESS_ATTACH
06/06/12 15:40:00
A
06/06/12 15:40:00
D
call: DLL_PROCESS_DETACH
06/06/12 15:40:02
D
call: DLL_PROCESS_ATTACH
06/06/12 15:40:02
D
call: DLL_PROCESS_ATTACH
06/06/12 15:40:02
A
06/06/12 15:40:02
A
06/06/12 15:40:02
A
06/06/12 15:40:02
A
06/06/12 15:40:02
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1871904768 - Reason for

call: DLL_PROCESS_ATTACH
06/06/12 15:40:02
D
call: DLL_PROCESS_ATTACH
06/06/12 15:40:03
A
06/06/12 15:40:03
F
06/06/12 15:40:03
A
06/06/12 15:40:03
F
06/06/12 15:41:14
A
06/06/12 15:41:14
F
06/06/12 15:41:14
A
06/06/12 15:41:14
D
call: DLL_PROCESS_DETACH
06/06/12 15:41:14
A
06/06/12 15:41:14
D
call: DLL_PROCESS_DETACH
06/06/12 15:41:14
A
06/06/12 15:41:14
D
call: DLL_PROCESS_DETACH
06/06/12 15:41:14
A
06/06/12 15:41:14
F
06/06/12 15:41:24
D
call: DLL_PROCESS_ATTACH
06/06/12 15:41:24
D
call: DLL_PROCESS_ATTACH
06/06/12 15:41:31
A
06/06/12 15:41:31
A
06/06/12 15:41:31
D
call: DLL_PROCESS_DETACH
06/06/12 15:41:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:41:50
A
06/06/12 15:41:50
A
06/06/12 15:41:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:42:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:42:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:42:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:42:17
D
call: DLL_PROCESS_ATTACH
06/06/12 15:42:17
A
06/06/12 15:42:17
R
06/06/12 15:42:17
A
06/06/12 15:42:17
A
06/06/12 15:42:17
R
06/06/12 15:42:28
D
call: DLL_PROCESS_ATTACH
06/06/12 15:42:52
A
06/06/12 15:42:52
A
06/06/12 15:42:52
D
call: DLL_PROCESS_DETACH
06/06/12 15:44:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:44:23
D
call: DLL_PROCESS_ATTACH
06/06/12 15:44:28
A
06/06/12 15:44:28
A
06/06/12 15:44:28
D

Enter DllMain -> Handle: 1871904768 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for

call: DLL_PROCESS_DETACH
06/06/12 15:45:00
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:05
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:10
A
06/06/12 15:45:10
A
06/06/12 15:45:10
D
call: DLL_PROCESS_DETACH
06/06/12 15:45:16
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:19
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:20
A
06/06/12 15:45:20
R
06/06/12 15:45:20
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:45
A
06/06/12 15:45:45
D
call: DLL_PROCESS_DETACH
06/06/12 15:45:54
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:55
D
call: DLL_PROCESS_ATTACH
06/06/12 15:45:59
A
06/06/12 15:45:59
A
06/06/12 15:45:59
D
call: DLL_PROCESS_DETACH
06/06/12 15:46:04
A
06/06/12 15:46:04
D
call: DLL_PROCESS_DETACH
06/06/12 15:46:20
D
call: DLL_PROCESS_ATTACH
06/06/12 15:46:31
A
06/06/12 15:46:31
D
call: DLL_PROCESS_DETACH
06/06/12 15:46:32
D
call: DLL_PROCESS_ATTACH
06/06/12 15:46:42
A
06/06/12 15:46:42
D
call: DLL_PROCESS_DETACH
06/06/12 15:46:43
D
call: DLL_PROCESS_ATTACH
06/06/12 15:46:55
D
call: DLL_PROCESS_ATTACH
06/06/12 15:46:55
A
06/06/12 15:46:55
D
call: DLL_PROCESS_DETACH
06/06/12 15:46:55
D
call: DLL_PROCESS_ATTACH
06/06/12 15:46:57
A
06/06/12 15:46:57
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:00
A
06/06/12 15:47:00
A
06/06/12 15:47:00
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:08
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:08
D

Enter DllMain -> Handle: 4107730944 - Reason for

Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for

call: DLL_PROCESS_ATTACH
06/06/12 15:47:11
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:11
A
06/06/12 15:47:11
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:12
A
06/06/12 15:47:12
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:16
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:16
A
06/06/12 15:47:16
A
06/06/12 15:47:16
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:22
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:22
A
06/06/12 15:47:22
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:24
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:26
A
06/06/12 15:47:26
A
06/06/12 15:47:27
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:29
A
06/06/12 15:47:29
A
06/06/12 15:47:29
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:31
A
06/06/12 15:47:31
F
06/06/12 15:47:34
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:34
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:37
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:37
A
06/06/12 15:47:37
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:38
A
06/06/12 15:47:39
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:42
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:43
A
06/06/12 15:47:43
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:47
A
06/06/12 15:47:47
A
06/06/12 15:47:47
D
call: DLL_PROCESS_DETACH
06/06/12 15:47:48
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:58
D
call: DLL_PROCESS_ATTACH
06/06/12 15:47:58
A
06/06/12 15:47:58
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1871904768 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for

06/06/12 15:48:07
A
06/06/12 15:48:07
A
06/06/12 15:48:07
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:09
A
06/06/12 15:48:09
F
06/06/12 15:48:09
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:13
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:15
A
06/06/12 15:48:15
A
06/06/12 15:48:15
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:16
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:16
A
06/06/12 15:48:16
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:17
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:19
A
06/06/12 15:48:19
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:22
A
06/06/12 15:48:22
A
06/06/12 15:48:22
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:23
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:25
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:26
A
06/06/12 15:48:26
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:28
A
06/06/12 15:48:28
A
06/06/12 15:48:28
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:36
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:38
D
call: DLL_PROCESS_ATTACH
06/06/12 15:48:38
A
06/06/12 15:48:38
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:47
A
06/06/12 15:48:47
A
06/06/12 15:48:47
D
call: DLL_PROCESS_DETACH
06/06/12 15:48:55
A
06/06/12 15:48:55
F
06/06/12 15:48:58
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:03
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:03
A
06/06/12 15:49:03
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:03
D

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for

call: DLL_PROCESS_ATTACH
06/06/12 15:49:04
A
06/06/12 15:49:04
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:10
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:11
A
06/06/12 15:49:11
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:13
A
06/06/12 15:49:13
A
06/06/12 15:49:13
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:21
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:23
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:23
A
06/06/12 15:49:23
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:28
A
06/06/12 15:49:28
A
06/06/12 15:49:28
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:31
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:33
A
06/06/12 15:49:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:34
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:36
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:36
A
06/06/12 15:49:36
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:39
A
06/06/12 15:49:39
A
06/06/12 15:49:39
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:40
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:46
A
06/06/12 15:49:46
A
06/06/12 15:49:46
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:46
A
06/06/12 15:49:46
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:50
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:50
A
06/06/12 15:49:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:50
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:50
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for

06/06/12 15:49:50
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:50
A
06/06/12 15:49:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:50
A
06/06/12 15:49:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:50
D
call: DLL_PROCESS_ATTACH
06/06/12 15:49:51
A
06/06/12 15:49:51
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:55
A
06/06/12 15:49:55
A
06/06/12 15:49:55
D
call: DLL_PROCESS_DETACH
06/06/12 15:49:57
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:10
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:10
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:10
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:10
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:15
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:28
A
06/06/12 15:50:28
A
06/06/12 15:50:28
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:31
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:32
A
06/06/12 15:50:32
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:33
A
06/06/12 15:50:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:33
A
06/06/12 15:50:33
A
06/06/12 15:50:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:33
A
06/06/12 15:50:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:36
A
06/06/12 15:50:36
A
06/06/12 15:50:36
D
call: DLL_PROCESS_DETACH
06/06/12 15:50:47
D
call: DLL_PROCESS_ATTACH
06/06/12 15:50:52
A
06/06/12 15:50:52
A
06/06/12 15:50:52
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4107730944 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for

06/06/12 15:51:25
D
call: DLL_PROCESS_ATTACH
06/06/12 15:51:27
A
06/06/12 15:51:27
D
call: DLL_PROCESS_DETACH
06/06/12 15:51:28
D
call: DLL_PROCESS_ATTACH
06/06/12 15:51:33
A
06/06/12 15:51:33
A
06/06/12 15:51:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:51:34
D
call: DLL_PROCESS_ATTACH
06/06/12 15:52:33
A
06/06/12 15:52:33
D
call: DLL_PROCESS_DETACH
06/06/12 15:52:44
D
call: DLL_PROCESS_ATTACH
06/06/12 15:52:48
D
call: DLL_PROCESS_ATTACH
06/06/12 15:52:49
A
06/06/12 15:52:49
D
call: DLL_PROCESS_DETACH
06/06/12 15:52:55
A
06/06/12 15:52:55
A
06/06/12 15:52:55
D
call: DLL_PROCESS_DETACH
06/06/12 15:53:02
D
call: DLL_PROCESS_ATTACH
06/06/12 15:53:07
A
06/06/12 15:53:07
A
06/06/12 15:53:07
D
call: DLL_PROCESS_DETACH
06/06/12 15:53:11
D
call: DLL_PROCESS_ATTACH
06/06/12 15:53:16
A
06/06/12 15:53:16
A
06/06/12 15:53:16
D
call: DLL_PROCESS_DETACH
06/06/12 15:53:21
D
call: DLL_PROCESS_ATTACH
06/06/12 15:53:26
A
06/06/12 15:53:26
A
06/06/12 15:53:26
D
call: DLL_PROCESS_DETACH
06/06/12 15:53:45
D
call: DLL_PROCESS_ATTACH
06/06/12 15:53:46
A
06/06/12 15:53:46
D
call: DLL_PROCESS_DETACH
06/06/12 15:53:50
D
call: DLL_PROCESS_ATTACH
06/06/12 15:53:50
A
06/06/12 15:53:50
D
call: DLL_PROCESS_DETACH
06/06/12 15:54:07
D
call: DLL_PROCESS_ATTACH
06/06/12 15:54:25
D
call: DLL_PROCESS_ATTACH
06/06/12 15:54:31
A

Enter DllMain -> Handle: 1871904768 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback

06/06/12 15:54:31
A
06/06/12 15:54:31
D
call: DLL_PROCESS_DETACH
06/06/12 15:57:29
A
06/06/12 15:57:29
F
06/06/12 15:57:30
D
call: DLL_PROCESS_ATTACH
06/06/12 15:57:35
A
06/06/12 15:57:35
A
06/06/12 15:57:35
D
call: DLL_PROCESS_DETACH
06/06/12 15:58:16
A
06/06/12 15:58:16
F
06/06/12 15:58:17
A
06/06/12 15:58:17
F
06/06/12 15:58:17
A
06/06/12 15:58:17
F
06/06/12 15:58:17
D
call: DLL_PROCESS_ATTACH
06/06/12 15:58:22
A
06/06/12 15:58:22
A
06/06/12 15:58:22
D
call: DLL_PROCESS_DETACH
06/06/12 15:58:25
A
06/06/12 15:58:25
A
06/06/12 15:58:25
F
06/06/12 15:58:25
D
call: DLL_PROCESS_DETACH
06/06/12 15:58:27
D
call: DLL_PROCESS_ATTACH
06/06/12 15:58:51
A
06/06/12 15:58:51
F
06/06/12 15:58:52
D
call: DLL_PROCESS_ATTACH
06/06/12 15:58:57
A
06/06/12 15:58:57
A
06/06/12 15:58:57
D
call: DLL_PROCESS_DETACH
06/06/12 15:59:24
A
06/06/12 15:59:24
F
06/06/12 15:59:24
A
06/06/12 15:59:24
F
06/06/12 15:59:24
A
06/06/12 15:59:24
F
06/06/12 15:59:24
D
call: DLL_PROCESS_ATTACH
06/06/12 15:59:28
A
06/06/12 15:59:28
D
call: DLL_PROCESS_DETACH
06/06/12 15:59:28
A
06/06/12 15:59:28
F
06/06/12 15:59:29
A
06/06/12 15:59:29
A
06/06/12 15:59:29
D
call: DLL_PROCESS_DETACH
06/06/12 15:59:30
D
call: DLL_PROCESS_ATTACH
06/06/12 16:00:01
D
call: DLL_PROCESS_ATTACH
06/06/12 16:00:01
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback

06/06/12 16:00:01
D
call: DLL_PROCESS_DETACH
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:15
A
06/06/12 16:00:15
F
06/06/12 16:00:44
A
06/06/12 16:00:44
F
06/06/12 16:00:44
A
06/06/12 16:00:44
F
06/06/12 16:00:51
A
06/06/12 16:00:51
A
06/06/12 16:00:51
F
06/06/12 16:00:51
D
call: DLL_PROCESS_DETACH
06/06/12 16:00:53
D
call: DLL_PROCESS_ATTACH
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:27
A
06/06/12 16:01:27
F
06/06/12 16:01:41
A
06/06/12 16:01:41
F
06/06/12 16:01:41
A

Enter DllMain -> Handle: 1871904768 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

06/06/12 16:01:41
F
06/06/12 16:01:45
A
06/06/12 16:01:45
D
call: DLL_PROCESS_DETACH
06/06/12 16:01:45
A
06/06/12 16:01:45
F
06/06/12 16:01:47
D
call: DLL_PROCESS_ATTACH
06/06/12 16:02:25
A
06/06/12 16:02:25
F
06/06/12 16:02:26
D
call: DLL_PROCESS_ATTACH
06/06/12 16:02:31
A
06/06/12 16:02:31
A
06/06/12 16:02:31
D
call: DLL_PROCESS_DETACH
06/06/12 16:03:09
A
06/06/12 16:03:09
F
06/06/12 16:03:09
A
06/06/12 16:03:09
F
06/06/12 16:03:09
A
06/06/12 16:03:09
F
06/06/12 16:03:09
D
call: DLL_PROCESS_ATTACH
06/06/12 16:03:13
A
06/06/12 16:03:13
D
call: DLL_PROCESS_DETACH
06/06/12 16:03:13
A
06/06/12 16:03:13
F
06/06/12 16:03:15
A
06/06/12 16:03:15
A
06/06/12 16:03:15
D
call: DLL_PROCESS_DETACH
06/06/12 16:03:18
D
call: DLL_PROCESS_ATTACH
06/06/12 16:03:45
A
06/06/12 16:03:45
F
06/06/12 16:03:46
D
call: DLL_PROCESS_ATTACH
06/06/12 16:03:51
A
06/06/12 16:03:51
A
06/06/12 16:03:51
D
call: DLL_PROCESS_DETACH
06/06/12 16:04:23
A
06/06/12 16:04:23
F
06/06/12 16:04:23
A
06/06/12 16:04:23
F
06/06/12 16:04:23
A
06/06/12 16:04:23
F
06/06/12 16:04:23
D
call: DLL_PROCESS_ATTACH
06/06/12 16:04:26
A
06/06/12 16:04:26
D
call: DLL_PROCESS_DETACH
06/06/12 16:04:26
A
06/06/12 16:04:26
F
06/06/12 16:04:28
A
06/06/12 16:04:28
A
06/06/12 16:04:28
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for

06/06/12 16:04:39
D
call: DLL_PROCESS_ATTACH
06/06/12 16:04:44
D
call: DLL_PROCESS_ATTACH
06/06/12 16:04:45
A
06/06/12 16:04:45
D
call: DLL_PROCESS_DETACH
06/06/12 16:04:48
A
06/06/12 16:04:48
A
06/06/12 16:04:48
D
call: DLL_PROCESS_DETACH
06/06/12 16:05:21
D
call: DLL_PROCESS_ATTACH
06/06/12 16:05:26
D
call: DLL_PROCESS_ATTACH
06/06/12 16:05:26
A
06/06/12 16:05:26
D
call: DLL_PROCESS_DETACH
06/06/12 16:05:29
A
06/06/12 16:05:29
A
06/06/12 16:05:29
D
call: DLL_PROCESS_DETACH
06/06/12 16:06:43
D
call: DLL_PROCESS_ATTACH
06/06/12 16:06:48
A
06/06/12 16:06:48
A
06/06/12 16:06:48
D
call: DLL_PROCESS_DETACH
06/06/12 16:07:41
D
call: DLL_PROCESS_ATTACH
06/06/12 16:11:44
A
06/06/12 16:11:44
F
06/06/12 16:14:21
A
06/06/12 16:14:21
D
call: DLL_PROCESS_DETACH
06/06/12 16:18:00
A
06/06/12 16:18:00
F
06/06/12 16:18:01
A
06/06/12 16:18:01
F
06/06/12 16:18:01
A
06/06/12 16:18:01
F
06/06/12 16:18:06
A
06/06/12 16:18:06
D
call: DLL_PROCESS_DETACH
06/06/12 16:18:06
A
06/06/12 16:18:06
F
06/06/12 16:18:18
D
call: DLL_PROCESS_ATTACH
06/06/12 16:18:21
A
06/06/12 16:18:21
A
06/06/12 16:18:21
R
06/06/12 16:18:22
A
06/06/12 16:18:22
R
06/06/12 16:20:17
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:21
A
06/06/12 16:20:21
A
06/06/12 16:20:21
R
06/06/12 16:20:23
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4107730944 - Reason for

Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4107730944 - Reason for

06/06/12 16:20:29
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:34
A
06/06/12 16:20:34
A
06/06/12 16:20:34
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:37
A
06/06/12 16:20:37
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:37
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:37
A
06/06/12 16:20:37
R
06/06/12 16:20:42
A
06/06/12 16:20:42
A
06/06/12 16:20:42
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:42
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:46
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:46
A
06/06/12 16:20:46
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:46
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:47
A
06/06/12 16:20:47
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:48
D
call: DLL_PROCESS_ATTACH
06/06/12 16:20:49
A
06/06/12 16:20:49
D
call: DLL_PROCESS_DETACH
06/06/12 16:20:51
A
06/06/12 16:20:51
A
06/06/12 16:20:51
D
call: DLL_PROCESS_DETACH
06/06/12 16:21:04
D
call: DLL_PROCESS_ATTACH
06/06/12 16:21:11
A
06/06/12 16:21:11
A
06/06/12 16:21:11
D
call: DLL_PROCESS_DETACH
06/06/12 16:21:15
D
call: DLL_PROCESS_ATTACH
06/06/12 16:21:18
D
call: DLL_PROCESS_ATTACH
06/06/12 16:21:18
A
06/06/12 16:21:18
D
call: DLL_PROCESS_DETACH
06/06/12 16:21:20
A
06/06/12 16:21:20
A
06/06/12 16:21:20
D
call: DLL_PROCESS_DETACH
06/06/12 16:21:27
D
call: DLL_PROCESS_ATTACH
06/06/12 16:22:48
A
06/06/12 16:22:48
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4107730944 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for

06/06/12 16:23:22
A
06/06/12 16:23:22
D
call: DLL_PROCESS_DETACH
06/06/12 16:23:57
D
call: DLL_PROCESS_ATTACH
06/06/12 16:24:14
A
06/06/12 16:24:14
D
call: DLL_PROCESS_DETACH
06/06/12 16:24:23
D
call: DLL_PROCESS_ATTACH
06/06/12 16:24:27
D
call: DLL_PROCESS_ATTACH
06/06/12 16:24:27
A
06/06/12 16:24:27
R
06/06/12 16:24:28
D
call: DLL_PROCESS_ATTACH
06/06/12 16:24:43
A
06/06/12 16:25:18
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:07
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:07
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:09
A
06/06/12 16:26:09
R
06/06/12 16:26:09
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:10
A
06/06/12 16:26:10
R
06/06/12 16:26:37
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:52
D
call: DLL_PROCESS_ATTACH
06/06/12 16:26:57
A
06/06/12 16:27:18
A
06/06/12 16:27:18
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:27
A
06/06/12 16:27:27
R
06/06/12 16:27:27
A
06/06/12 16:27:27
R
06/06/12 16:27:27
A
06/06/12 16:27:27
R
06/06/12 16:27:27
A
06/06/12 16:27:27
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:27
A
06/06/12 16:27:27
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:29
D
call: DLL_PROCESS_ATTACH
06/06/12 16:27:34
A
06/06/12 16:27:34
A
06/06/12 16:27:34
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:40
D
call: DLL_PROCESS_ATTACH
06/06/12 16:27:41
D
call: DLL_PROCESS_ATTACH
06/06/12 16:27:41
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
La victima es CLI.exe Asesino MOM.exe
Enter DllMain -> Handle: 4107730944 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1871904768 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for

call: DLL_PROCESS_ATTACH
06/06/12 16:27:41
A
06/06/12 16:27:41
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:41
A
06/06/12 16:27:41
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:43
D
call: DLL_PROCESS_ATTACH
06/06/12 16:27:43
D
call: DLL_PROCESS_ATTACH
06/06/12 16:27:43
A
06/06/12 16:27:43
D
call: DLL_PROCESS_DETACH
06/06/12 16:27:43
A
06/06/12 16:27:43
D
call: DLL_PROCESS_DETACH
06/06/12 16:28:00
A
06/06/12 16:28:00
D
call: DLL_PROCESS_DETACH
06/06/12 16:28:11
A
06/06/12 16:28:11
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:20
A
06/06/12 16:29:23
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:24
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:24
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:25
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:27
A
06/06/12 16:29:27
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:28
A
06/06/12 16:29:28
F
06/06/12 16:29:28
A
06/06/12 16:29:28
F
06/06/12 16:29:28
A
06/06/12 16:29:28
F
06/06/12 16:29:28
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107730944 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

06/06/12 16:29:28
F
06/06/12 16:29:28
A
06/06/12 16:29:28
F
06/06/12 16:29:28
A
06/06/12 16:29:28
F
06/06/12 16:29:29
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:37
A
06/06/12 16:29:37
A
06/06/12 16:29:37
A
06/06/12 16:29:37
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:37
A
06/06/12 16:29:37
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:39
A
06/06/12 16:29:39
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:40
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:40
A
06/06/12 16:29:40
D
call: DLL_PROCESS_DETACH
06/06/12 16:29:45
A
06/06/12 16:29:45
F
06/06/12 16:29:50
D
call: DLL_PROCESS_ATTACH
06/06/12 16:29:50
A
06/06/12 16:29:50
D
call: DLL_PROCESS_DETACH
06/06/12 16:31:02
A
06/06/12 16:31:02
F
06/06/12 16:31:02
A
06/06/12 16:31:02
F
06/06/12 16:31:02
A
06/06/12 16:31:02
F
06/06/12 16:31:08
A
06/06/12 16:31:08
F
06/06/12 16:31:08
A
06/06/12 16:31:08
D
call: DLL_PROCESS_DETACH
06/06/12 16:31:10
D
call: DLL_PROCESS_ATTACH
06/06/12 16:31:15
A
06/06/12 16:31:15
A
06/06/12 16:31:15
D
call: DLL_PROCESS_DETACH
06/06/12 16:31:24
D
call: DLL_PROCESS_ATTACH
06/06/12 16:31:30
A
06/06/12 16:31:30
F
06/06/12 16:31:56
A
06/06/12 16:31:56
F
06/06/12 16:31:56
A
06/06/12 16:31:56
F
06/06/12 16:31:56
A
06/06/12 16:31:56
F
06/06/12 16:32:00
A
06/06/12 16:32:00
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for

06/06/12 16:32:00
A
06/06/12 16:32:00
F
06/06/12 16:32:07
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:09
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:14
A
06/06/12 16:32:16
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:23
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:23
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:23
A
06/06/12 16:32:23
D
call: DLL_PROCESS_DETACH
06/06/12 16:32:23
A
06/06/12 16:32:23
D
call: DLL_PROCESS_DETACH
06/06/12 16:32:26
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:26
D
call: DLL_PROCESS_ATTACH
06/06/12 16:32:26
A
06/06/12 16:32:26
D
call: DLL_PROCESS_DETACH
06/06/12 16:32:26
A
06/06/12 16:32:26
D
call: DLL_PROCESS_DETACH
06/06/12 16:32:48
A
06/06/12 16:32:48
D
call: DLL_PROCESS_DETACH
06/06/12 16:32:50
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:02
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:03
A
06/06/12 16:33:03
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:06
A
06/06/12 16:33:06
A
06/06/12 16:33:06
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:06
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:11
A
06/06/12 16:33:11
A
06/06/12 16:33:12
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:15
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:24
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:24
A
06/06/12 16:33:24
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:46
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:48
A
06/06/12 16:33:48
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for

call: DLL_PROCESS_DETACH
06/06/12 16:33:52
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:52
A
06/06/12 16:33:52
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:52
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:53
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:53
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:53
A
06/06/12 16:33:53
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:53
A
06/06/12 16:33:53
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:53
A
06/06/12 16:33:53
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:54
A
06/06/12 16:33:54
A
06/06/12 16:33:54
D
call: DLL_PROCESS_DETACH
06/06/12 16:33:54
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:58
D
call: DLL_PROCESS_ATTACH
06/06/12 16:33:59
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:00
A
06/06/12 16:34:00
A
06/06/12 16:34:00
D
call: DLL_PROCESS_DETACH
06/06/12 16:34:01
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:02
A
06/06/12 16:34:02
R
06/06/12 16:34:07
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:11
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:17
A
06/06/12 16:34:17
A
06/06/12 16:34:17
D
call: DLL_PROCESS_DETACH
06/06/12 16:34:19
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:20
A
06/06/12 16:34:20
R
06/06/12 16:34:41
A
06/06/12 16:34:41
D
call: DLL_PROCESS_DETACH
06/06/12 16:34:44
D
call: DLL_PROCESS_ATTACH
06/06/12 16:34:44
A
06/06/12 16:34:44
F
06/06/12 16:34:44
A
06/06/12 16:34:44
F

Enter DllMain -> Handle: 1948319744 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

06/06/12 16:34:44
A
06/06/12 16:34:44
F
06/06/12 16:34:45
A
06/06/12 16:34:45
F
06/06/12 16:34:45
A
06/06/12 16:34:45
F
06/06/12 16:34:45
A
06/06/12 16:34:45
F
06/06/12 16:34:45
A
06/06/12 16:34:45
F
06/06/12 16:34:45
A
06/06/12 16:34:45
F
06/06/12 16:34:47
A
06/06/12 16:34:47
F
06/06/12 16:34:47
A
06/06/12 16:34:47
F
06/06/12 16:35:07
A
06/06/12 16:35:07
D
call: DLL_PROCESS_DETACH
06/06/12 16:42:01
D
call: DLL_PROCESS_ATTACH
06/06/12 16:42:01
A
06/06/12 16:42:01
D
call: DLL_PROCESS_DETACH
06/06/12 17:00:01
D
call: DLL_PROCESS_ATTACH
06/06/12 17:00:01
A
06/06/12 17:00:01
D
call: DLL_PROCESS_DETACH
06/06/12 17:20:47
A
06/06/12 17:20:47
F
06/06/12 17:20:47
A
06/06/12 17:20:47
F
06/06/12 17:20:52
A
06/06/12 17:20:52
F
06/06/12 17:20:52
A
06/06/12 17:20:52
F
06/06/12 18:00:01
D
call: DLL_PROCESS_ATTACH
06/06/12 18:00:01
A
06/06/12 18:00:01
D
call: DLL_PROCESS_DETACH
06/06/12 18:22:34
A
06/06/12 18:22:34
F
06/06/12 18:22:35
A
06/06/12 18:22:35
F
06/06/12 18:22:57
A
06/06/12 18:22:57
F
06/06/12 18:22:57
A
06/06/12 18:22:57
F
06/06/12 18:23:50
A
06/06/12 18:23:50
F
06/06/12 18:23:51
A
06/06/12 18:23:51
F
06/06/12 18:24:59
A
06/06/12 18:24:59
R
06/06/12 18:24:59
A
06/06/12 18:24:59
D
call: DLL_PROCESS_DETACH
06/06/12 18:24:59
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4182638592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback

06/06/12 18:24:59
D
call: DLL_PROCESS_DETACH
06/06/12 18:25:00
A
06/06/12 18:25:00
F
06/06/12 18:25:00
A
06/06/12 18:25:00
D
call: DLL_PROCESS_DETACH
06/06/12 18:26:53
A
06/06/12 18:26:53
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:46
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:47
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:48
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:48
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:49
A
11/06/12 11:13:49
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:49
D
call: DLL_PROCESS_ATTACH
11/06/12 11:13:50
A
11/06/12 11:13:50
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:50
A
11/06/12 11:13:50
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:50
A
11/06/12 11:13:50
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:50
A
11/06/12 11:13:50
D
call: DLL_PROCESS_DETACH
11/06/12 11:13:54
A
11/06/12 11:13:54
F
11/06/12 11:13:54
A
11/06/12 11:13:54
F
11/06/12 11:13:54
A

Enter DllMain -> Handle: 1948319744 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948319744 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4182638592 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

11/06/12 11:13:54
F
11/06/12 11:13:59
A
11/06/12 11:13:59
D
call: DLL_PROCESS_DETACH
11/06/12 11:14:02
D
call: DLL_PROCESS_ATTACH
11/06/12 11:14:02
A
11/06/12 11:14:02
F
11/06/12 11:14:02
A
11/06/12 11:14:02
F
11/06/12 11:14:02
A
11/06/12 11:14:02
D
call: DLL_PROCESS_DETACH
11/06/12 11:14:02
A
11/06/12 11:14:02
F
11/06/12 11:14:18
A
11/06/12 11:14:18
D
call: DLL_PROCESS_DETACH
11/06/12 11:15:13
A
11/06/12 11:15:13
D
call: DLL_PROCESS_DETACH
11/06/12 11:17:45
D
call: DLL_PROCESS_ATTACH
11/06/12 11:18:13
A
11/06/12 11:18:13
D
call: DLL_PROCESS_DETACH
11/06/12 11:26:31
D
call: DLL_PROCESS_ATTACH
11/06/12 11:26:31
A
11/06/12 11:26:31
D
call: DLL_PROCESS_DETACH
11/06/12 11:34:37
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:37
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:40
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:40
A
11/06/12 11:34:40
A
11/06/12 11:34:40
R
11/06/12 11:34:40
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:41
A
11/06/12 11:34:41
R
11/06/12 11:34:43
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:43
A
11/06/12 11:34:43
D
call: DLL_PROCESS_DETACH
11/06/12 11:34:44
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:44
A
11/06/12 11:34:44
D
call: DLL_PROCESS_DETACH
11/06/12 11:34:55
D
call: DLL_PROCESS_ATTACH
11/06/12 11:34:56
A
11/06/12 11:34:56
R
11/06/12 11:54:15
A
11/06/12 11:54:15
R

lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

11/06/12 11:54:16
A
11/06/12 11:54:16
R
11/06/12 11:54:16
A
11/06/12 11:54:16
D
call: DLL_PROCESS_DETACH
11/06/12 12:00:00
D
call: DLL_PROCESS_ATTACH
11/06/12 12:00:01
A
11/06/12 12:00:01
D
call: DLL_PROCESS_DETACH
11/06/12 12:03:42
D
call: DLL_PROCESS_ATTACH
11/06/12 12:05:16
D
call: DLL_PROCESS_ATTACH
11/06/12 12:05:16
A
11/06/12 12:05:16
A
11/06/12 12:05:16
A
11/06/12 12:05:16
A
11/06/12 12:05:16
D
call: DLL_PROCESS_ATTACH
11/06/12 12:05:34
A
11/06/12 12:05:34
D
call: DLL_PROCESS_DETACH
11/06/12 12:05:36
A
11/06/12 12:05:36
D
call: DLL_PROCESS_DETACH
11/06/12 13:00:00
D
call: DLL_PROCESS_ATTACH
11/06/12 13:00:00
A
11/06/12 13:00:00
D
call: DLL_PROCESS_DETACH
11/06/12 14:00:02
D
call: DLL_PROCESS_ATTACH
11/06/12 14:00:02
A
11/06/12 14:00:02
D
call: DLL_PROCESS_DETACH
11/06/12 14:37:20
D
call: DLL_PROCESS_ATTACH
11/06/12 14:37:20
A
11/06/12 14:37:20
D
call: DLL_PROCESS_DETACH
11/06/12 14:37:20
D
call: DLL_PROCESS_ATTACH
11/06/12 14:37:21
A
11/06/12 14:37:21
F
11/06/12 14:37:22
A
11/06/12 14:37:24
A
11/06/12 14:55:01
A
11/06/12 14:55:01
F
11/06/12 14:55:02
A
11/06/12 14:55:02
F
11/06/12 14:55:02
A
11/06/12 14:55:02
F
11/06/12 14:55:08
A
11/06/12 14:55:08
F
11/06/12 14:56:31
A
11/06/12 14:56:31
F
11/06/12 14:56:31
A
11/06/12 14:56:31
F
11/06/12 14:56:31
A

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

11/06/12 14:56:31
F
11/06/12 14:56:39
A
11/06/12 14:56:39
F
11/06/12 14:57:02
A
11/06/12 14:57:02
F
11/06/12 14:57:02
A
11/06/12 14:57:02
F
11/06/12 14:57:02
A
11/06/12 14:57:02
F
11/06/12 14:57:52
A
11/06/12 14:57:52
D
call: DLL_PROCESS_DETACH
11/06/12 14:57:52
A
11/06/12 14:57:52
F
11/06/12 15:00:01
D
call: DLL_PROCESS_ATTACH
11/06/12 15:00:01
A
11/06/12 15:00:01
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:44
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:46
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:46
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:46
A
11/06/12 15:36:46
A
11/06/12 15:36:46
A
11/06/12 15:36:46
A
11/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:47
A
11/06/12 15:36:47
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:47
A
11/06/12 15:36:47
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:47
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:47
A
11/06/12 15:36:47
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:47
A
11/06/12 15:36:47
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:48
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:49
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:49
A
11/06/12 15:36:49
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:49
A
11/06/12 15:36:49
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:49
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for

call: DLL_PROCESS_ATTACH
11/06/12 15:36:50
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:50
A
11/06/12 15:36:50
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:50
A
11/06/12 15:36:50
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:52
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:52
A
11/06/12 15:36:52
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:52
D
call: DLL_PROCESS_ATTACH
11/06/12 15:36:52
A
11/06/12 15:36:52
D
call: DLL_PROCESS_DETACH
11/06/12 15:36:52
D
call: DLL_PROCESS_ATTACH
11/06/12 15:37:01
A
11/06/12 15:37:01
D
call: DLL_PROCESS_DETACH
11/06/12 15:37:03
A
11/06/12 15:37:03
D
call: DLL_PROCESS_DETACH
11/06/12 15:37:03
A
11/06/12 15:37:03
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:00
D
call: DLL_PROCESS_ATTACH
11/06/12 16:00:00
A
11/06/12 16:00:00
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
11/06/12 16:00:49
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D

Enter DllMain -> Handle: 4085645312 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 4085645312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for

call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
A
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:40
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:41
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:41
A
24/06/12 22:32:41
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:41
A
24/06/12 22:32:41
F
24/06/12 22:32:41
A
24/06/12 22:32:41
F
24/06/12 22:32:41
A
24/06/12 22:32:41
F
24/06/12 22:32:41
A
24/06/12 22:32:41
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:43
A
24/06/12 22:32:43
F
24/06/12 22:32:43
A
24/06/12 22:32:43
F
24/06/12 22:32:43
A
24/06/12 22:32:43
F
24/06/12 22:32:44
D
call: DLL_PROCESS_ATTACH
24/06/12 22:32:45
A
24/06/12 22:32:45
A
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4200988672 - Reason for

Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4200988672 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for
Enter DllMain -> Handle: 4200988672 - Reason for

24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
24/06/12 22:32:46
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
A
25/06/12 10:12:13
A
25/06/12 10:12:13
A
25/06/12 10:12:13
A
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
A
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:13
A
25/06/12 10:12:13
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:13
A
25/06/12 10:12:13
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:14
A
25/06/12 10:12:14
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1956052992 - Reason for

Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 1956052992 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4118347776 - Reason for

25/06/12 10:12:14
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:18
A
25/06/12 10:12:18
F
25/06/12 10:12:19
A
25/06/12 10:12:19
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:23
A
25/06/12 10:12:25
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:25
A
25/06/12 10:12:25
A
25/06/12 10:12:25
A
25/06/12 10:12:25
A
25/06/12 10:12:25
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:25
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:25
A
25/06/12 10:12:25
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:25
A
25/06/12 10:12:25
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:25
A
25/06/12 10:12:25
A
25/06/12 10:12:25
A
25/06/12 10:12:26
A
25/06/12 10:12:26
A
25/06/12 10:12:26
A
25/06/12 10:12:26
A
25/06/12 10:12:26
A
25/06/12 10:12:26
A
25/06/12 10:12:28
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:28
A
25/06/12 10:12:28
A
25/06/12 10:12:28
A
25/06/12 10:12:28
A
25/06/12 10:12:28
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:28
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:28
A

Enter DllMain -> Handle: 1880293376 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4118347776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4118347776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4118347776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
-> NtTerminateProcessCallback

25/06/12 10:12:28
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:28
A
25/06/12 10:12:28
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:29
A
25/06/12 10:12:32
D
call: DLL_PROCESS_ATTACH
25/06/12 10:12:32
A
25/06/12 10:12:32
D
call: DLL_PROCESS_DETACH
25/06/12 10:12:32
A
25/06/12 10:12:32
A
25/06/12 10:12:32
A
25/06/12 10:12:32
A
25/06/12 10:12:32
A
25/06/12 10:12:33
A
25/06/12 10:12:33
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
25/06/12 10:15:05
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D

Enter DllMain -> Handle: 1880293376 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4118347776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4118347776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 4118347776 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 1880293376 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for

call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:13
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
A
26/06/12 01:59:15
A
26/06/12 01:59:15
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:15
A
26/06/12 01:59:15
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:15
A
26/06/12 01:59:15
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:15
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:16
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:16
A
26/06/12 01:59:16
A
26/06/12 01:59:16
A
26/06/12 01:59:16
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:16
A
26/06/12 01:59:16
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:18
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:18
A
26/06/12 01:59:18
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:19
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:19
A
26/06/12 01:59:19
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:19
A
26/06/12 01:59:19
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
A
26/06/12 01:59:20
A

Enter DllMain -> Handle: 4106878976 - Reason for

Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback

26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
A
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:20
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
F

-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

26/06/12 01:59:21
A
26/06/12 01:59:21
F
26/06/12 01:59:21
A
26/06/12 01:59:21
F
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
A
26/06/12 01:59:21
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:22
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:22
A
26/06/12 01:59:22
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:22
A
26/06/12 01:59:22
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:22
A
26/06/12 01:59:22
F
26/06/12 01:59:22
A
26/06/12 01:59:22
F
26/06/12 01:59:22
A
26/06/12 01:59:22
F
26/06/12 01:59:27
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:27
A
26/06/12 01:59:27
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:29
A
26/06/12 01:59:29
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:30
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:30
A
26/06/12 01:59:30
A
26/06/12 01:59:30
A
26/06/12 01:59:30
A
26/06/12 01:59:30
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4106878976 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for

26/06/12 01:59:30
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:30
A
26/06/12 01:59:30
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:30
A
26/06/12 01:59:30
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:39
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:39
A
26/06/12 01:59:39
A
26/06/12 01:59:39
A
26/06/12 01:59:39
A
26/06/12 01:59:39
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:39
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:39
A
26/06/12 01:59:39
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:39
A
26/06/12 01:59:39
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:41
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:41
A
26/06/12 01:59:41
A
26/06/12 01:59:41
A
26/06/12 01:59:41
A
26/06/12 01:59:41
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:42
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:42
A
26/06/12 01:59:42
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:42
A
26/06/12 01:59:42
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:44
A
26/06/12 01:59:44
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:58
A
26/06/12 01:59:59
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:59
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1881931776 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for

26/06/12 01:59:59
A
26/06/12 01:59:59
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:59
A
26/06/12 01:59:59
D
call: DLL_PROCESS_DETACH
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
D
call: DLL_PROCESS_ATTACH
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
A
26/06/12 01:59:59
D
call: DLL_PROCESS_ATTACH
26/06/12 02:00:00
D
call: DLL_PROCESS_ATTACH
26/06/12 02:00:00
A
26/06/12 02:00:00
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:00
A
26/06/12 02:00:00
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:00
A
26/06/12 02:00:01
A
26/06/12 02:00:01
A
26/06/12 02:00:01
A
26/06/12 02:00:01
A
26/06/12 02:00:01
A
26/06/12 02:00:03
D
call: DLL_PROCESS_ATTACH
26/06/12 02:00:04
A
26/06/12 02:00:04
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4106878976 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881931776 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for
Enter DllMain -> Handle: 4106878976 - Reason for

26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
26/06/12 02:00:07
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:20
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:21
A
01/01/02 00:13:21
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:22
D
call: DLL_PROCESS_ATTACH
01/01/02 00:13:22
A
01/01/02 00:13:22
A
01/01/02 00:13:22
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:22
D

Enter DllMain -> Handle: 1881931776 - Reason for

Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 1881931776 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for

call: DLL_PROCESS_DETACH
01/01/02 00:13:22
A
01/01/02 00:13:22
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:22
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:22
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 00:13:25
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:42
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 4079943680 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 1880031232 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for

01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:43
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:44
A
01/01/02 02:34:44
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:44
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:47
A
01/01/02 02:34:47
F
01/01/02 02:34:47
A
01/01/02 02:34:47
F
01/01/02 02:34:47
A
01/01/02 02:34:47
F
01/01/02 02:34:48
A
01/01/02 02:34:48
F
01/01/02 02:34:48
A
01/01/02 02:34:48
F
01/01/02 02:34:49
A
01/01/02 02:34:49
F
01/01/02 02:34:49
A
01/01/02 02:34:49
A
01/01/02 02:34:49
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:49
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:51
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:51
A
01/01/02 02:34:51
A
01/01/02 02:34:51
A
01/01/02 02:34:51
A
01/01/02 02:34:52
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:54
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:54
A
01/01/02 02:34:54
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:54
A
01/01/02 02:34:54
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:54
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:54
A
01/01/02 02:34:54
A
01/01/02 02:34:54
A
01/01/02 02:34:54
A
01/01/02 02:34:54
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1895497728 - Reason for

Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for

01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:55
A
01/01/02 02:34:55
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
A
01/01/02 02:34:56
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:57
D
call: DLL_PROCESS_ATTACH
01/01/02 02:34:57
A
01/01/02 02:34:57
D
call: DLL_PROCESS_DETACH
01/01/02 02:34:57
A
01/01/02 02:34:57
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:01
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:01
A
01/01/02 02:35:01
A
01/01/02 02:35:01
A
01/01/02 02:35:01
A
01/01/02 02:35:01
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:01
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:01
A
01/01/02 02:35:01
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:01
A
01/01/02 02:35:01
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1895497728 - Reason for

Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for

01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:03
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:03
A
01/01/02 02:35:03
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:10
A
01/01/02 02:35:10
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:20
A
01/01/02 02:35:20
A
01/01/02 02:35:20
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:21
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:21
A
01/01/02 02:35:21
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:21
A
01/01/02 02:35:21
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:21
A
01/01/02 02:35:22
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:22
D
call: DLL_PROCESS_ATTACH
01/01/02 02:35:22
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100718592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
-> NtTerminateProcessCallback

01/01/02 02:35:22
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:22
A
01/01/02 02:35:22
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:22
A
01/01/02 02:35:23
A
01/01/02 02:35:23
A
01/01/02 02:35:23
A
01/01/02 02:35:23
A
01/01/02 02:35:23
A
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:35:50
D
call: DLL_PROCESS_DETACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D

Enter DllMain -> Handle: 1895497728 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1895497728 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 4100718592 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 1895497728 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for

call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
01/01/02 02:50:34
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:00
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:00
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:00
A
27/06/12 17:53:00
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:00
A
27/06/12 17:53:00
A
27/06/12 17:53:00
A
27/06/12 17:53:00
A
27/06/12 17:53:00
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:00
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:00
A
27/06/12 17:53:00
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:00
A
27/06/12 17:53:00
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:00
A
27/06/12 17:53:00
F
27/06/12 17:53:00
A
27/06/12 17:53:00
F
27/06/12 17:53:00
A
27/06/12 17:53:00
F
27/06/12 17:53:00
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:01
A
27/06/12 17:53:01
F
27/06/12 17:53:01
A
27/06/12 17:53:01
F
27/06/12 17:53:01
A
27/06/12 17:53:01
F
27/06/12 17:53:01
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:01
A
27/06/12 17:53:01
A
27/06/12 17:53:01
A
27/06/12 17:53:01
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:01
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:01
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:01
A
27/06/12 17:53:01
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1858797568 - Reason for

Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188995584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188995584 - Reason for

27/06/12 17:53:01
A
27/06/12 17:53:01
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:04
A
27/06/12 17:53:04
F
27/06/12 17:53:05
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:06
A
27/06/12 17:53:06
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:11
A
27/06/12 17:53:11
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
D
call: DLL_PROCESS_ATTACH
27/06/12 17:53:15
A
27/06/12 17:53:15
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:15
A
27/06/12 17:53:15
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188995584 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1858797568 - Reason for
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1858797568 - Reason for

call: DLL_PROCESS_DETACH
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:15
A
27/06/12 17:53:55
A
27/06/12 17:53:55
F
27/06/12 17:53:55
A
27/06/12 17:53:55
A
27/06/12 17:53:55
F
27/06/12 17:53:55
D
call: DLL_PROCESS_DETACH
27/06/12 17:53:55
A
27/06/12 17:53:55
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:04
A
27/06/12 17:54:04
R
27/06/12 17:54:04
A
27/06/12 17:54:04
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:10
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:10
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:10
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:10
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:10
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:33
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
A
27/06/12 17:54:39
A
27/06/12 17:54:39
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:39
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
A
27/06/12 17:54:39
F
27/06/12 17:54:39
A
27/06/12 17:54:39
F
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH

->
->
->
->
->
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188995584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188995584 - Reason for
-> NtTerminateProcessCallback
La victima es Smartbar.exe Asesino Smartbar.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188995584 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for

27/06/12 17:54:39
A
27/06/12 17:54:39
A
27/06/12 17:54:39
A
27/06/12 17:54:39
A
27/06/12 17:54:39
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:39
A
27/06/12 17:54:39
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:39
A
27/06/12 17:54:39
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
A
27/06/12 17:54:40
F
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
A
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
A
27/06/12 17:54:40
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:40
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:40
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:40
A
27/06/12 17:54:40
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:40
A
27/06/12 17:54:40
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:40
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback

27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1961754624 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for

27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
A
27/06/12 17:54:41
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D

Enter DllMain -> Handle: 4188930048 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for

call: DLL_PROCESS_DETACH
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
A
27/06/12 17:54:42
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
A
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
A
27/06/12 17:54:43
F
27/06/12 17:54:43
A
27/06/12 17:54:43
F
27/06/12 17:54:43
A
27/06/12 17:54:43
F
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961754624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for

27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
A
27/06/12 17:54:43
A
27/06/12 17:54:43
A
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
A
27/06/12 17:54:43
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:43
A
27/06/12 17:54:43
F
27/06/12 17:54:43
A
27/06/12 17:54:43
F
27/06/12 17:54:43
A

Enter DllMain -> Handle: 1961754624 - Reason for

Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 1961754624 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

27/06/12 17:54:43
F
27/06/12 17:54:46
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:46
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:46
A
27/06/12 17:54:46
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:46
A
27/06/12 17:54:46
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:51
A
27/06/12 17:54:51
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
D
call: DLL_PROCESS_ATTACH
27/06/12 17:54:59
A
27/06/12 17:54:59
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:59
A

lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback

27/06/12 17:54:59
D
call: DLL_PROCESS_DETACH
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:54:59
A
27/06/12 17:55:00
A
27/06/12 17:55:00
A
27/06/12 17:55:00
A
27/06/12 17:55:00
A
27/06/12 17:55:00
A
27/06/12 17:55:05
A
27/06/12 17:55:05
D
call: DLL_PROCESS_DETACH
27/06/12 17:59:05
D
call: DLL_PROCESS_ATTACH
27/06/12 17:59:29
A
27/06/12 17:59:29
D
call: DLL_PROCESS_DETACH
27/06/12 17:59:52
D
call: DLL_PROCESS_ATTACH
27/06/12 17:59:53
D
call: DLL_PROCESS_ATTACH
27/06/12 17:59:57
A
27/06/12 17:59:57
F
27/06/12 17:59:58
A
27/06/12 17:59:58
A
27/06/12 17:59:58
D
call: DLL_PROCESS_DETACH
27/06/12 17:59:58
D
call: DLL_PROCESS_ATTACH
27/06/12 17:59:58
A
27/06/12 17:59:58
D
call: DLL_PROCESS_DETACH
27/06/12 17:59:58
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:00
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:00
A
27/06/12 18:00:00
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:02
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:02
A
27/06/12 18:00:03
A
27/06/12 18:00:03
A
27/06/12 18:00:03
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:07
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:07
A

Enter DllMain -> Handle: 1870725120 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> CreateDCWCallback

27/06/12 18:00:07
A
27/06/12 18:00:07
A
27/06/12 18:00:07
A
27/06/12 18:00:07
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:07
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:07
A
27/06/12 18:00:07
R
27/06/12 18:00:07
A
27/06/12 18:00:07
R
27/06/12 18:00:07
A
27/06/12 18:00:07
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:07
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:11
A
27/06/12 18:00:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:11
A
27/06/12 18:00:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:11
A
27/06/12 18:00:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:13
A
27/06/12 18:00:13
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:13
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:13
A
27/06/12 18:00:13
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:13
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:13
A
27/06/12 18:00:13
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:13
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:13
A
27/06/12 18:00:13
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:13
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
La victima es explorer.exe Asesino taskkill.exe
-> NtTerminateProcessCallback
La victima es explorer.exe Asesino taskkill.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for

27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
A
27/06/12 18:00:14
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:14
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:46
A
27/06/12 18:00:46
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:46
D
call: DLL_PROCESS_ATTACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:00:54
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 4188930048 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 1870725120 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for

27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:03
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:04
A
27/06/12 18:04:04
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:04
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:04
A
27/06/12 18:04:04
A
27/06/12 18:04:04
A
27/06/12 18:04:04
A
27/06/12 18:04:04
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:05
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:05
A
27/06/12 18:04:05
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:05
A
27/06/12 18:04:05
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:06
A
27/06/12 18:04:06
F
27/06/12 18:04:06
A
27/06/12 18:04:06
F
27/06/12 18:04:06
A
27/06/12 18:04:06
F
27/06/12 18:04:06
A
27/06/12 18:04:06
A
27/06/12 18:04:06
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:06
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:07
A

Enter DllMain -> Handle: 4089774080 - Reason for

Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback

27/06/12 18:04:07
F
27/06/12 18:04:07
A
27/06/12 18:04:07
F
27/06/12 18:04:07
A
27/06/12 18:04:07
F
27/06/12 18:04:08
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:08
A
27/06/12 18:04:08
A
27/06/12 18:04:08
A
27/06/12 18:04:08
A
27/06/12 18:04:09
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:09
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:09
A
27/06/12 18:04:09
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:09
A
27/06/12 18:04:09
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:10
A
27/06/12 18:04:10
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
A
27/06/12 18:04:10
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for

call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:10
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:11
A
27/06/12 18:04:11
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:14
A
27/06/12 18:04:14
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1881079808 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4089774080 - Reason for

27/06/12 18:04:16
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:16
A
27/06/12 18:04:16
A
27/06/12 18:04:16
A
27/06/12 18:04:16
A
27/06/12 18:04:16
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:16
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:16
A
27/06/12 18:04:16
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:16
A
27/06/12 18:04:16
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_ATTACH
27/06/12 18:04:18
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:18
A
27/06/12 18:04:18
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4089774080 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for
Enter DllMain -> Handle: 4089774080 - Reason for

27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:04:24
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
A
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
A
27/06/12 18:05:15
A
27/06/12 18:05:15
A
27/06/12 18:05:15
A
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:15
A
27/06/12 18:05:15
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4089774080 - Reason for

Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 1881079808 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for

27/06/12 18:05:15
A
27/06/12 18:05:15
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:15
A
27/06/12 18:05:15
F
27/06/12 18:05:15
A
27/06/12 18:05:15
F
27/06/12 18:05:15
A
27/06/12 18:05:15
F
27/06/12 18:05:16
A
27/06/12 18:05:16
F
27/06/12 18:05:16
A
27/06/12 18:05:16
F
27/06/12 18:05:16
A
27/06/12 18:05:16
F
27/06/12 18:05:17
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:17
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:17
A
27/06/12 18:05:17
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:17
A
27/06/12 18:05:17
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:23
A
27/06/12 18:05:23
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:30
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:30
A
27/06/12 18:05:30
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:30
A
27/06/12 18:05:30
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:30
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4202299392 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4202299392 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4202299392 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
->
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

27/06/12 18:05:31
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:31
D
call: DLL_PROCESS_ATTACH
27/06/12 18:05:31
A
27/06/12 18:05:31
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:31
A
27/06/12 18:05:31
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:31
A
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
27/06/12 18:05:37
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4202299392 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1909981184 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 4202299392 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 1909981184 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for

18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:37
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
A
18/07/12 01:45:38
A
18/07/12 01:45:38
A
18/07/12 01:45:38
A
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:38
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:40
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:40
A
18/07/12 01:45:40
A
18/07/12 01:45:40
A
18/07/12 01:45:40
A
18/07/12 01:45:41
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:41
A
18/07/12 01:45:41
A
18/07/12 01:45:41
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:41
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:41
A
18/07/12 01:45:41
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:42
A
18/07/12 01:45:42
F
18/07/12 01:45:42
A
18/07/12 01:45:42
F
18/07/12 01:45:42
A
18/07/12 01:45:42
F
18/07/12 01:45:42
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:42
A
18/07/12 01:45:42
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:43
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:43
A
18/07/12 01:45:43
D

Enter DllMain -> Handle: 4100849664 - Reason for

Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4100849664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for

call: DLL_PROCESS_DETACH
18/07/12 01:45:43
A
18/07/12 01:45:43
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:43
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:43
A
18/07/12 01:45:43
A
18/07/12 01:45:43
A
18/07/12 01:45:43
A
18/07/12 01:45:43
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
F
18/07/12 01:45:44
A
18/07/12 01:45:44
F
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
A
18/07/12 01:45:44
F
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for

18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
A
18/07/12 01:45:44
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:45
A
18/07/12 01:45:45
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:45
A
18/07/12 01:45:45
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:45
A
18/07/12 01:45:45
A
18/07/12 01:45:45
A
18/07/12 01:45:45
A
18/07/12 01:45:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:45
A
18/07/12 01:45:45
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:45
A
18/07/12 01:45:45
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:49
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:49
A
18/07/12 01:45:49
A
18/07/12 01:45:49
A
18/07/12 01:45:49
A
18/07/12 01:45:49
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:49
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:49
A
18/07/12 01:45:49
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:49
A

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback

18/07/12 01:45:49
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:52
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:52
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:52
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:52
A
18/07/12 01:45:52
A
18/07/12 01:45:52
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:52
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:52
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:52
A
18/07/12 01:45:52
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:52
A
18/07/12 01:45:52
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:53
D
call: DLL_PROCESS_ATTACH
18/07/12 01:45:53
A
18/07/12 01:45:53
D
call: DLL_PROCESS_DETACH
18/07/12 01:45:53
A
18/07/12 01:45:53
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:00
A
18/07/12 01:46:00
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
D
call: DLL_PROCESS_ATTACH
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
D
call: DLL_PROCESS_ATTACH
18/07/12 01:46:10
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1875640320 - Reason for

Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for

18/07/12 01:46:10
A
18/07/12 01:46:10
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:10
A
18/07/12 01:46:10
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:10
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
D
call: DLL_PROCESS_ATTACH
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
D
call: DLL_PROCESS_ATTACH
18/07/12 01:46:11
D
call: DLL_PROCESS_ATTACH
18/07/12 01:46:11
A
18/07/12 01:46:11
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:11
A
18/07/12 01:46:11
D
call: DLL_PROCESS_DETACH
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:11
A
18/07/12 01:46:12
A
18/07/12 01:46:12
A
18/07/12 01:46:12
A
18/07/12 01:46:12
A
18/07/12 01:46:12
A
18/07/12 01:49:09
D
call: DLL_PROCESS_ATTACH
18/07/12 01:49:32
A
18/07/12 01:49:32
D
call: DLL_PROCESS_DETACH
18/07/12 01:49:57
D
call: DLL_PROCESS_ATTACH
18/07/12 01:52:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:52:45
A
18/07/12 01:52:45
A
18/07/12 01:52:45
A
18/07/12 01:52:45
A
18/07/12 01:52:45
D
call: DLL_PROCESS_ATTACH
18/07/12 01:53:08
A
18/07/12 01:53:08
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4100849664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for

call: DLL_PROCESS_DETACH
18/07/12 01:53:10
A
18/07/12 01:53:10
D
call: DLL_PROCESS_DETACH
18/07/12 01:54:56
D
call: DLL_PROCESS_ATTACH
18/07/12 01:55:01
A
18/07/12 01:57:54
D
call: DLL_PROCESS_ATTACH
18/07/12 01:57:54
A
18/07/12 01:57:54
D
call: DLL_PROCESS_DETACH
18/07/12 01:59:56
D
call: DLL_PROCESS_ATTACH
18/07/12 02:00:00
D
call: DLL_PROCESS_ATTACH
18/07/12 02:00:00
A
18/07/12 02:00:00
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:01
A
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
18/07/12 02:00:20
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:48
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:48
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:48
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:48
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:48
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1875640320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 4100849664 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 1875640320 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for

24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:49
A
24/07/12 22:46:49
A
24/07/12 22:46:49
A
24/07/12 22:46:49
A
24/07/12 22:46:49
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:50
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
A
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:50
A
24/07/12 22:46:50
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:53
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:53
A
24/07/12 22:46:53
A
24/07/12 22:46:53
A
24/07/12 22:46:53
A
24/07/12 22:46:53
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:53
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:53
A

Enter DllMain -> Handle: 1955987456 - Reason for

Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback

24/07/12 22:46:53
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:53
A
24/07/12 22:46:53
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:54
A
24/07/12 22:46:54
F
24/07/12 22:46:54
A
24/07/12 22:46:54
F
24/07/12 22:46:54
A
24/07/12 22:46:54
F
24/07/12 22:46:56
A
24/07/12 22:46:56
F
24/07/12 22:46:56
A
24/07/12 22:46:56
F
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:56
A
24/07/12 22:46:56
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:56
A
24/07/12 22:46:56
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
A
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:56
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:57
A
24/07/12 22:46:57
F
24/07/12 22:46:57
A
24/07/12 22:46:57
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:58
D
call: DLL_PROCESS_ATTACH
24/07/12 22:46:58
A
24/07/12 22:46:58
D
call: DLL_PROCESS_DETACH
24/07/12 22:46:58
A
24/07/12 22:46:58
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:01
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:01
A
24/07/12 22:47:01
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:15
A

Enter DllMain -> Handle: 1955987456 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback

24/07/12 22:47:15
A
24/07/12 22:47:15
A
24/07/12 22:47:15
A
24/07/12 22:47:15
A
24/07/12 22:47:15
A
24/07/12 22:47:15
A
24/07/12 22:47:16
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:16
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:16
A
24/07/12 22:47:16
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:16
A
24/07/12 22:47:16
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
A
24/07/12 22:47:16
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:17
A
24/07/12 22:47:17
A
24/07/12 22:47:17
A
24/07/12 22:47:17
A
24/07/12 22:47:17
A
24/07/12 22:47:17
A
24/07/12 22:47:18
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:18
D
call: DLL_PROCESS_ATTACH
24/07/12 22:47:18
A
24/07/12 22:47:18
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:18
A
24/07/12 22:47:18
D
call: DLL_PROCESS_DETACH
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:47:18
A

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4091478016 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
->
->
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

24/07/12 22:47:18
A
24/07/12 22:47:18
A
24/07/12 22:50:35
D
call: DLL_PROCESS_ATTACH
24/07/12 22:50:57
A
24/07/12 22:50:57
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
24/07/12 22:51:43
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:48
A
03/08/12 11:19:48
A
03/08/12 11:19:48
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D

-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955987456 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 4091478016 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 1955987456 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:52
A
03/08/12 11:19:52
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:52
A
03/08/12 11:19:52
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:52
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:52
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:52
A
03/08/12 11:19:52
A
03/08/12 11:19:52
A
03/08/12 11:19:52
A
03/08/12 11:19:52
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:53
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:53
A
03/08/12 11:19:53
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:53
A
03/08/12 11:19:53
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:53
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A

Enter DllMain -> Handle: 1866792960 - Reason for

Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback

03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:54
A
03/08/12 11:19:54
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:56
A
03/08/12 11:19:56
F
03/08/12 11:19:56
A
03/08/12 11:19:56
F
03/08/12 11:19:56
A
03/08/12 11:19:56
F
03/08/12 11:19:57
A
03/08/12 11:19:57
D
call: DLL_PROCESS_DETACH
03/08/12 11:19:57
A
03/08/12 11:19:57
F
03/08/12 11:19:57
A
03/08/12 11:19:57
F
03/08/12 11:19:57
A
03/08/12 11:19:57
F
03/08/12 11:19:58
A
03/08/12 11:19:58
A
03/08/12 11:19:58
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:01
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:01
A
03/08/12 11:20:01
A
03/08/12 11:20:01
A
03/08/12 11:20:01
A
03/08/12 11:20:01
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:02
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:02
A
03/08/12 11:20:02
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:11
A
03/08/12 11:20:11
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:12
A
03/08/12 11:20:12
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:13
D

Enter DllMain -> Handle: 1866792960 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for

call: DLL_PROCESS_ATTACH
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:13
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
A
03/08/12 11:20:13
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:13
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:13
A
03/08/12 11:20:13
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:13
A
03/08/12 11:20:13
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:15
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:15
A
03/08/12 11:20:15
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:15
A
03/08/12 11:20:15
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:20
A
03/08/12 11:20:21
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:21
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:21
A
03/08/12 11:20:21
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:21
A
03/08/12 11:20:21
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:21
A
03/08/12 11:20:22
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:22
D
call: DLL_PROCESS_ATTACH
03/08/12 11:20:22
A
03/08/12 11:20:22
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:22
A
03/08/12 11:20:22
D
call: DLL_PROCESS_DETACH
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:22
A
03/08/12 11:20:23
A
03/08/12 11:20:23
A
03/08/12 11:20:23
A
03/08/12 11:20:23
A
03/08/12 11:20:23
A
03/08/12 11:21:44
D
call: DLL_PROCESS_ATTACH
03/08/12 11:22:26
A
03/08/12 11:22:26
D
call: DLL_PROCESS_DETACH
03/08/12 11:29:29
D
call: DLL_PROCESS_ATTACH
03/08/12 11:29:34
A
03/08/12 11:32:28
D
call: DLL_PROCESS_ATTACH
03/08/12 11:32:28
A
03/08/12 11:32:28
D
call: DLL_PROCESS_DETACH
03/08/12 11:34:29
D
call: DLL_PROCESS_ATTACH
03/08/12 11:34:34
A
03/08/12 11:41:43
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:43
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
A
03/08/12 11:41:45
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
A
03/08/12 11:41:45
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
A
03/08/12 11:41:45
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:45
A
03/08/12 11:41:45
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:45
A
03/08/12 11:41:45
A
03/08/12 11:41:45
A
03/08/12 11:41:45
A
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:46
A
03/08/12 11:41:46
F
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
D

Enter DllMain -> Handle: 1866792960 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

call: DLL_PROCESS_ATTACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:46
A
03/08/12 11:41:46
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:49
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:49
A
03/08/12 11:41:49
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:50
A
03/08/12 11:41:50
F
03/08/12 11:41:52
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:52
A
03/08/12 11:41:52
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:52
A
03/08/12 11:41:52
F
03/08/12 11:41:55
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:55
A
03/08/12 11:41:55
R
03/08/12 11:41:56
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:56
A
03/08/12 11:41:56
A
03/08/12 11:41:56
A
03/08/12 11:41:56
A
03/08/12 11:41:56
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:56
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:56
A
03/08/12 11:41:56
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:56
A
03/08/12 11:41:56
D
call: DLL_PROCESS_DETACH
03/08/12 11:41:58
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:58
A
03/08/12 11:41:58
R
03/08/12 11:41:58
D
call: DLL_PROCESS_ATTACH
03/08/12 11:41:59
D
call: DLL_PROCESS_ATTACH
03/08/12 11:42:01
D
call: DLL_PROCESS_ATTACH
03/08/12 11:42:09
A
03/08/12 11:42:09
R
03/08/12 11:42:09
D
call: DLL_PROCESS_ATTACH
03/08/12 11:42:09
A
03/08/12 11:42:09
R
03/08/12 11:42:43
D
call: DLL_PROCESS_ATTACH
03/08/12 11:42:46
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback

03/08/12 11:42:46
A
03/08/12 11:42:46
R
03/08/12 11:43:52
A
03/08/12 11:43:52
R
03/08/12 11:46:54
D
call: DLL_PROCESS_ATTACH
03/08/12 11:47:08
D
call: DLL_PROCESS_ATTACH
03/08/12 11:47:12
A
03/08/12 11:47:12
F
03/08/12 11:47:12
A
03/08/12 11:47:12
F
03/08/12 11:47:17
A
03/08/12 11:47:17
D
call: DLL_PROCESS_DETACH
03/08/12 11:47:47
A
03/08/12 11:47:47
F
03/08/12 11:47:47
A
03/08/12 11:47:47
F
03/08/12 11:48:06
A
03/08/12 11:48:06
F
03/08/12 11:48:06
A
03/08/12 11:48:06
F
03/08/12 11:48:52
A
03/08/12 11:48:52
D
call: DLL_PROCESS_DETACH
03/08/12 12:00:01
D
call: DLL_PROCESS_ATTACH
03/08/12 12:00:01
A
03/08/12 12:00:01
D
call: DLL_PROCESS_DETACH
03/08/12 12:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 12:09:47
A
03/08/12 12:09:47
F
03/08/12 12:09:47
A
03/08/12 12:09:47
F
03/08/12 12:10:02
A
03/08/12 12:10:02
D
call: DLL_PROCESS_DETACH
03/08/12 12:12:12
A
03/08/12 12:12:12
F
03/08/12 12:12:12
A
03/08/12 12:12:12
F
03/08/12 12:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 12:20:34
A
03/08/12 12:20:34
D
call: DLL_PROCESS_DETACH
03/08/12 12:21:58
A
03/08/12 12:21:58
F
03/08/12 12:21:58
A
03/08/12 12:21:58
F
03/08/12 12:22:44
A
03/08/12 12:22:44
F
03/08/12 12:22:44
A
03/08/12 12:22:44
F
03/08/12 12:35:33
D
call: DLL_PROCESS_ATTACH
03/08/12 12:35:33
A

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback

03/08/12 12:35:33
D
call: DLL_PROCESS_DETACH
03/08/12 12:37:31
A
03/08/12 12:37:31
F
03/08/12 12:37:31
A
03/08/12 12:37:31
F
03/08/12 12:37:52
A
03/08/12 12:37:52
F
03/08/12 12:37:52
A
03/08/12 12:37:52
F
03/08/12 12:39:38
A
03/08/12 12:39:38
F
03/08/12 12:39:38
A
03/08/12 12:39:38
F
03/08/12 12:39:53
A
03/08/12 12:39:53
F
03/08/12 12:39:53
A
03/08/12 12:39:53
F
03/08/12 12:41:41
A
03/08/12 12:41:41
F
03/08/12 12:41:41
A
03/08/12 12:41:41
F
03/08/12 12:42:20
A
03/08/12 12:42:20
F
03/08/12 12:42:20
A
03/08/12 12:42:20
F
03/08/12 12:50:20
A
03/08/12 12:50:20
F
03/08/12 12:50:21
A
03/08/12 12:50:21
F
03/08/12 12:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 12:50:33
A
03/08/12 12:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 12:52:38
A
03/08/12 12:52:38
F
03/08/12 12:52:38
A
03/08/12 12:52:38
F
03/08/12 12:54:00
A
03/08/12 12:54:00
F
03/08/12 12:54:01
A
03/08/12 12:54:01
F
03/08/12 12:59:34
A
03/08/12 12:59:34
F
03/08/12 12:59:34
A
03/08/12 12:59:34
F
03/08/12 13:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 13:00:00
A
03/08/12 13:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 13:00:03
A
03/08/12 13:00:03
F
03/08/12 13:00:03
A
03/08/12 13:00:03
D
call: DLL_PROCESS_DETACH
03/08/12 13:00:03
A
03/08/12 13:00:03
F
03/08/12 13:04:24
D

Enter DllMain -> Handle: 4096131072 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for

call: DLL_PROCESS_ATTACH
03/08/12 13:04:30
D
call: DLL_PROCESS_ATTACH
03/08/12 13:04:40
D
call: DLL_PROCESS_ATTACH
03/08/12 13:04:43
A
03/08/12 13:04:43
F
03/08/12 13:04:43
A
03/08/12 13:04:43
F
03/08/12 13:04:49
A
03/08/12 13:04:49
A
03/08/12 13:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 13:06:40
A
03/08/12 13:06:40
F
03/08/12 13:06:40
A
03/08/12 13:06:40
F
03/08/12 13:06:53
A
03/08/12 13:06:53
D
call: DLL_PROCESS_DETACH
03/08/12 13:12:21
A
03/08/12 13:12:21
F
03/08/12 13:12:21
A
03/08/12 13:12:21
F
03/08/12 13:14:07
A
03/08/12 13:14:07
F
03/08/12 13:14:07
A
03/08/12 13:14:07
F
03/08/12 13:14:57
A
03/08/12 13:14:57
F
03/08/12 13:14:57
A
03/08/12 13:14:57
F
03/08/12 13:15:30
A
03/08/12 13:15:30
F
03/08/12 13:15:30
A
03/08/12 13:15:30
F
03/08/12 13:15:40
A
03/08/12 13:15:40
F
03/08/12 13:15:41
A
03/08/12 13:15:41
F
03/08/12 13:17:45
A
03/08/12 13:17:45
F
03/08/12 13:17:45
A
03/08/12 13:17:45
F
03/08/12 13:18:21
A
03/08/12 13:18:21
F
03/08/12 13:18:22
A
03/08/12 13:18:22
F
03/08/12 13:20:28
A
03/08/12 13:20:28
F
03/08/12 13:20:28
A
03/08/12 13:20:28
F
03/08/12 13:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 13:20:33
A
03/08/12 13:20:33
D
call: DLL_PROCESS_DETACH
03/08/12 13:21:27
A
03/08/12 13:21:27
F
03/08/12 13:21:27
A

Enter DllMain -> Handle: 1866792960 - Reason for

Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

03/08/12 13:21:27
F
03/08/12 13:22:09
A
03/08/12 13:22:09
F
03/08/12 13:22:09
A
03/08/12 13:22:09
F
03/08/12 13:25:14
A
03/08/12 13:25:14
F
03/08/12 13:25:15
A
03/08/12 13:25:15
F
03/08/12 13:25:51
A
03/08/12 13:25:51
A
03/08/12 13:25:51
F
03/08/12 13:25:51
D
call: DLL_PROCESS_DETACH
03/08/12 13:25:52
A
03/08/12 13:25:52
F
03/08/12 13:25:54
D
call: DLL_PROCESS_ATTACH
03/08/12 13:25:54
A
03/08/12 13:25:54
R
03/08/12 13:30:14
D
call: DLL_PROCESS_ATTACH
03/08/12 13:30:15
A
03/08/12 13:30:15
R
03/08/12 13:30:25
A
03/08/12 13:30:25
R
03/08/12 13:30:25
A
03/08/12 13:30:25
R
03/08/12 13:30:26
A
03/08/12 13:30:26
A
03/08/12 13:30:26
D
call: DLL_PROCESS_DETACH
03/08/12 13:30:26
D
call: DLL_PROCESS_DETACH
03/08/12 13:30:26
A
03/08/12 13:30:26
D
call: DLL_PROCESS_DETACH
03/08/12 13:30:26
A
03/08/12 13:30:26
D
call: DLL_PROCESS_DETACH
03/08/12 13:35:33
D
call: DLL_PROCESS_ATTACH
03/08/12 13:35:33
A
03/08/12 13:35:33
D
call: DLL_PROCESS_DETACH
03/08/12 13:43:45
D
call: DLL_PROCESS_ATTACH
03/08/12 13:44:17
D
call: DLL_PROCESS_ATTACH
03/08/12 13:44:18
A
03/08/12 13:44:18
D
call: DLL_PROCESS_DETACH
03/08/12 13:44:21
A
03/08/12 13:44:21
D
call: DLL_PROCESS_DETACH
03/08/12 13:44:24
D
call: DLL_PROCESS_ATTACH
03/08/12 13:44:29
A
03/08/12 13:44:29
F
03/08/12 13:44:29
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

03/08/12 13:44:29
F
03/08/12 13:45:12
A
03/08/12 13:45:12
F
03/08/12 13:45:27
A
03/08/12 13:45:28
A
03/08/12 13:45:28
F
03/08/12 13:45:28
A
03/08/12 13:45:28
F
03/08/12 13:45:34
D
call: DLL_PROCESS_ATTACH
03/08/12 13:45:35
A
03/08/12 13:45:35
F
03/08/12 13:45:35
A
03/08/12 13:45:35
F
03/08/12 13:46:13
A
03/08/12 13:46:13
F
03/08/12 13:47:09
D
call: DLL_PROCESS_ATTACH
03/08/12 13:47:10
A
03/08/12 13:47:10
F
03/08/12 13:47:10
A
03/08/12 13:47:10
F
03/08/12 13:47:20
A
03/08/12 13:47:20
D
call: DLL_PROCESS_DETACH
03/08/12 13:47:20
A
03/08/12 13:47:22
D
call: DLL_PROCESS_ATTACH
03/08/12 13:47:24
A
03/08/12 13:47:24
F
03/08/12 13:47:24
A
03/08/12 13:47:24
F
03/08/12 13:48:01
A
03/08/12 13:48:01
F
03/08/12 13:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 13:50:33
A
03/08/12 13:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 14:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 14:00:00
A
03/08/12 14:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 14:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 14:58:50
A
03/08/12 14:58:50
F
03/08/12 14:58:50
A
03/08/12 14:58:50
F
03/08/12 14:58:50
A
03/08/12 14:58:51
A
03/08/12 14:58:51
F
03/08/12 14:59:12
D
call: DLL_PROCESS_ATTACH
03/08/12 14:59:16
A
03/08/12 14:59:16
D
call: DLL_PROCESS_DETACH
03/08/12 14:59:16
A
03/08/12 14:59:16
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for

call: DLL_PROCESS_DETACH
03/08/12 14:59:28
D
call: DLL_PROCESS_ATTACH
03/08/12 14:59:33
D
call: DLL_PROCESS_ATTACH
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:33
A
03/08/12 14:59:33
F
03/08/12 14:59:34
A
03/08/12 14:59:34
F
03/08/12 14:59:37
A
03/08/12 14:59:37
F
03/08/12 15:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 15:00:00
A
03/08/12 15:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 15:03:33
A
03/08/12 15:03:33
F
03/08/12 15:03:34
A
03/08/12 15:03:34
D
call: DLL_PROCESS_DETACH
03/08/12 15:03:34
A
03/08/12 15:03:34
D
call: DLL_PROCESS_DETACH
03/08/12 15:03:34
A
03/08/12 15:03:34
F
03/08/12 15:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 16:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 16:00:00
A
03/08/12 16:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 16:10:36
D
call: DLL_PROCESS_ATTACH
03/08/12 16:10:37
D
call: DLL_PROCESS_ATTACH
03/08/12 16:10:38
A
03/08/12 16:10:38
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:01
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:06
A
03/08/12 16:12:06
F
03/08/12 16:12:06
A
03/08/12 16:12:06
F
03/08/12 16:12:06
A
03/08/12 16:12:06
F
03/08/12 16:12:06
A
03/08/12 16:12:06
F

Enter DllMain -> Handle: 1866792960 - Reason for

Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

03/08/12 16:12:06
A
03/08/12 16:12:06
F
03/08/12 16:12:07
A
03/08/12 16:12:07
F
03/08/12 16:12:07
A
03/08/12 16:12:07
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:08
A
03/08/12 16:12:08
F
03/08/12 16:12:18
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:18
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:19
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:19
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:19
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:21
A
03/08/12 16:12:21
R
03/08/12 16:12:21
A
03/08/12 16:12:21
R
03/08/12 16:12:22
A
03/08/12 16:12:22
A
03/08/12 16:12:22
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:22
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:22
A
03/08/12 16:12:22
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:28
A
03/08/12 16:12:28
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:37
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:37
A
03/08/12 16:12:37
D
call: DLL_PROCESS_DETACH
03/08/12 16:12:37
D
call: DLL_PROCESS_ATTACH
03/08/12 16:12:38
A
03/08/12 16:12:38
F
03/08/12 16:14:54
A
03/08/12 16:14:54
F
03/08/12 16:14:54
A
03/08/12 16:14:54
F
03/08/12 16:14:54
A
03/08/12 16:14:54
D
call: DLL_PROCESS_DETACH
03/08/12 16:14:54
A
03/08/12 16:14:54
F
03/08/12 16:14:54
A
03/08/12 16:14:54
F
03/08/12 16:15:52
D
call: DLL_PROCESS_ATTACH
03/08/12 16:15:52
A
03/08/12 16:15:52
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 16:15:52
D
call: DLL_PROCESS_ATTACH
03/08/12 16:15:52
A
03/08/12 16:15:52
F
03/08/12 16:18:54
A
03/08/12 16:18:54
F
03/08/12 16:18:54
A
03/08/12 16:18:54
F
03/08/12 16:18:54
A
03/08/12 16:18:54
F
03/08/12 16:18:56
D
call: DLL_PROCESS_ATTACH
03/08/12 16:18:57
D
call: DLL_PROCESS_ATTACH
03/08/12 16:18:57
D
call: DLL_PROCESS_ATTACH
03/08/12 16:18:57
D
call: DLL_PROCESS_ATTACH
03/08/12 16:18:57
D
call: DLL_PROCESS_ATTACH
03/08/12 16:19:00
D
call: DLL_PROCESS_ATTACH
03/08/12 16:19:02
A
03/08/12 16:19:02
R
03/08/12 16:19:12
D
call: DLL_PROCESS_ATTACH
03/08/12 16:19:14
A
03/08/12 16:19:14
F
03/08/12 16:19:30
D
call: DLL_PROCESS_ATTACH
03/08/12 16:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 16:20:34
A
03/08/12 16:20:34
D
call: DLL_PROCESS_DETACH
03/08/12 16:25:06
A
03/08/12 16:25:06
F
03/08/12 16:25:07
A
03/08/12 16:25:07
F
03/08/12 16:25:07
A
03/08/12 16:25:07
F
03/08/12 16:25:11
A
03/08/12 16:25:11
F
03/08/12 16:25:18
D
call: DLL_PROCESS_ATTACH
03/08/12 16:25:18
A
03/08/12 16:25:18
D
call: DLL_PROCESS_DETACH
03/08/12 16:25:19
D
call: DLL_PROCESS_ATTACH
03/08/12 16:25:19
A
03/08/12 16:25:19
D
call: DLL_PROCESS_DETACH
03/08/12 16:25:20
D
call: DLL_PROCESS_ATTACH
03/08/12 16:25:20
A
03/08/12 16:25:20
D
call: DLL_PROCESS_DETACH
03/08/12 16:25:20
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1866792960 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 16:25:21
A
03/08/12 16:25:21
D
call: DLL_PROCESS_DETACH
03/08/12 16:25:21
D
call: DLL_PROCESS_ATTACH
03/08/12 16:25:21
A
03/08/12 16:25:21
D
call: DLL_PROCESS_DETACH
03/08/12 16:26:53
A
03/08/12 16:26:53
F
03/08/12 16:26:53
A
03/08/12 16:26:53
F
03/08/12 16:26:53
A
03/08/12 16:26:53
D
call: DLL_PROCESS_DETACH
03/08/12 16:26:53
A
03/08/12 16:26:53
F
03/08/12 16:26:54
A
03/08/12 16:26:54
F
03/08/12 16:26:59
A
03/08/12 16:26:59
R
03/08/12 16:26:59
A
03/08/12 16:26:59
R
03/08/12 16:26:59
A
03/08/12 16:26:59
A
03/08/12 16:26:59
D
call: DLL_PROCESS_DETACH
03/08/12 16:26:59
D
call: DLL_PROCESS_DETACH
03/08/12 16:26:59
A
03/08/12 16:26:59
D
call: DLL_PROCESS_DETACH
03/08/12 16:26:59
A
03/08/12 16:26:59
D
call: DLL_PROCESS_DETACH
03/08/12 16:27:21
A
03/08/12 16:27:21
D
call: DLL_PROCESS_DETACH
03/08/12 16:35:33
D
call: DLL_PROCESS_ATTACH
03/08/12 16:35:33
A
03/08/12 16:35:33
D
call: DLL_PROCESS_DETACH
03/08/12 16:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 16:50:33
A
03/08/12 16:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 16:58:12
D
call: DLL_PROCESS_ATTACH
03/08/12 16:58:13
D
call: DLL_PROCESS_ATTACH
03/08/12 16:58:13
D
call: DLL_PROCESS_ATTACH
03/08/12 16:58:13
D
call: DLL_PROCESS_ATTACH
03/08/12 16:58:13
D
call: DLL_PROCESS_ATTACH
03/08/12 16:58:15
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 16:59:22
D
call: DLL_PROCESS_ATTACH
03/08/12 16:59:22
A
03/08/12 16:59:22
R
03/08/12 16:59:23
D
call: DLL_PROCESS_ATTACH
03/08/12 16:59:27
A
03/08/12 16:59:27
R
03/08/12 16:59:27
D
call: DLL_PROCESS_ATTACH
03/08/12 16:59:40
D
call: DLL_PROCESS_ATTACH
03/08/12 16:59:41
A
03/08/12 16:59:41
A
03/08/12 16:59:41
R
03/08/12 16:59:57
A
03/08/12 16:59:57
R
03/08/12 17:00:01
D
call: DLL_PROCESS_ATTACH
03/08/12 17:00:01
A
03/08/12 17:00:01
D
call: DLL_PROCESS_DETACH
03/08/12 17:01:23
D
call: DLL_PROCESS_ATTACH
03/08/12 17:01:26
A
03/08/12 17:01:26
R
03/08/12 17:02:37
D
call: DLL_PROCESS_ATTACH
03/08/12 17:02:37
A
03/08/12 17:02:37
D
call: DLL_PROCESS_DETACH
03/08/12 17:02:37
A
03/08/12 17:02:37
R
03/08/12 17:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 17:05:39
A
03/08/12 17:05:39
D
call: DLL_PROCESS_DETACH
03/08/12 17:18:02
A
03/08/12 17:18:02
R
03/08/12 17:18:02
A
03/08/12 17:18:02
R
03/08/12 17:18:02
A
03/08/12 17:18:02
A
03/08/12 17:18:02
D
call: DLL_PROCESS_DETACH
03/08/12 17:18:02
D
call: DLL_PROCESS_DETACH
03/08/12 17:18:02
A
03/08/12 17:18:02
D
call: DLL_PROCESS_DETACH
03/08/12 17:18:02
A
03/08/12 17:18:02
D
call: DLL_PROCESS_DETACH
03/08/12 17:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 17:20:33
A
03/08/12 17:20:33
D
call: DLL_PROCESS_DETACH
03/08/12 17:35:33
D

Enter DllMain -> Handle: 1866792960 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for

call: DLL_PROCESS_ATTACH
03/08/12 17:35:33
A
03/08/12 17:35:33
D
call: DLL_PROCESS_DETACH
03/08/12 17:47:30
A
03/08/12 17:47:30
F
03/08/12 17:47:46
D
call: DLL_PROCESS_ATTACH
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:47:48
A
03/08/12 17:47:48
F
03/08/12 17:48:18
A
03/08/12 17:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 17:50:33
A
03/08/12 17:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 17:51:32
A
03/08/12 17:51:32
A
03/08/12 17:51:32
F
03/08/12 17:51:32
D
call: DLL_PROCESS_DETACH
03/08/12 17:51:32
A
03/08/12 17:51:32
F
03/08/12 17:51:32
A
03/08/12 17:51:32
F
03/08/12 17:51:45
D
call: DLL_PROCESS_ATTACH
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:45
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

03/08/12 17:51:45
F
03/08/12 17:51:45
A
03/08/12 17:51:45
F
03/08/12 17:51:46
A
03/08/12 17:51:46
F
03/08/12 17:52:29
A
03/08/12 18:00:01
D
call: DLL_PROCESS_ATTACH
03/08/12 18:00:01
A
03/08/12 18:00:01
D
call: DLL_PROCESS_DETACH
03/08/12 18:02:28
A
03/08/12 18:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 18:07:04
A
03/08/12 18:07:04
A
03/08/12 18:07:04
F
03/08/12 18:07:04
D
call: DLL_PROCESS_DETACH
03/08/12 18:07:05
A
03/08/12 18:07:05
F
03/08/12 18:07:05
A
03/08/12 18:07:05
F
03/08/12 18:47:49
D
call: DLL_PROCESS_ATTACH
03/08/12 18:47:51
A
03/08/12 18:47:51
F
03/08/12 18:47:51
A
03/08/12 18:47:51
A
03/08/12 18:47:51
F
03/08/12 18:47:51
D
call: DLL_PROCESS_DETACH
03/08/12 18:48:31
A
03/08/12 18:48:31
F
03/08/12 18:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 18:50:34
A
03/08/12 18:50:34
D
call: DLL_PROCESS_DETACH
03/08/12 19:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 19:00:00
A
03/08/12 19:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 19:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 19:44:39
A
03/08/12 19:44:39
F
03/08/12 19:44:40
A
03/08/12 19:44:40
F
03/08/12 19:44:40
A
03/08/12 19:44:40
A
03/08/12 19:44:40
F
03/08/12 19:44:43
D
call: DLL_PROCESS_ATTACH
03/08/12 19:44:44
A
03/08/12 19:44:44
D
call: DLL_PROCESS_DETACH
03/08/12 19:44:44
D
call: DLL_PROCESS_ATTACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 19:44:45
A
03/08/12 19:44:45
F
03/08/12 19:46:35
A
03/08/12 19:46:35
F
03/08/12 19:46:35
A
03/08/12 19:46:35
F
03/08/12 19:46:36
A
03/08/12 19:46:36
F
03/08/12 19:46:39
A
03/08/12 19:46:39
F
03/08/12 19:46:43
A
03/08/12 19:46:43
F
03/08/12 19:46:44
A
03/08/12 19:46:44
F
03/08/12 19:46:44
A
03/08/12 19:46:44
F
03/08/12 19:46:46
D
call: DLL_PROCESS_ATTACH
03/08/12 19:46:46
D
call: DLL_PROCESS_ATTACH
03/08/12 19:46:47
D
call: DLL_PROCESS_ATTACH
03/08/12 19:46:47
D
call: DLL_PROCESS_ATTACH
03/08/12 19:46:47
D
call: DLL_PROCESS_ATTACH
03/08/12 19:46:50
D
call: DLL_PROCESS_ATTACH
03/08/12 19:47:03
D
call: DLL_PROCESS_ATTACH
03/08/12 19:47:04
A
03/08/12 19:47:04
R
03/08/12 19:47:09
A
03/08/12 19:47:09
D
call: DLL_PROCESS_DETACH
03/08/12 19:47:22
D
call: DLL_PROCESS_ATTACH
03/08/12 19:47:23
A
03/08/12 19:47:23
R
03/08/12 19:47:28
A
03/08/12 19:47:28
R
03/08/12 19:47:28
A
03/08/12 19:47:28
R
03/08/12 19:47:29
A
03/08/12 19:47:29
A
03/08/12 19:47:29
D
call: DLL_PROCESS_DETACH
03/08/12 19:47:29
A
03/08/12 19:47:29
D
call: DLL_PROCESS_DETACH
03/08/12 19:47:29
D
call: DLL_PROCESS_DETACH
03/08/12 19:47:29
A
03/08/12 19:47:29
D
call: DLL_PROCESS_DETACH
03/08/12 19:47:29
D
call: DLL_PROCESS_ATTACH
03/08/12 19:47:32
A
03/08/12 19:47:32
F
03/08/12 19:47:32
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

03/08/12 19:47:32
F
03/08/12 19:48:10
A
03/08/12 19:48:10
F
03/08/12 19:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 19:50:33
A
03/08/12 19:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 20:00:02
D
call: DLL_PROCESS_ATTACH
03/08/12 20:00:03
A
03/08/12 20:00:03
D
call: DLL_PROCESS_DETACH
03/08/12 20:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 20:17:34
A
03/08/12 20:17:34
F
03/08/12 20:17:34
A
03/08/12 20:17:34
F
03/08/12 20:17:34
A
03/08/12 20:17:34
F
03/08/12 20:18:20
A
03/08/12 20:18:20
D
call: DLL_PROCESS_DETACH
03/08/12 20:51:44
A
03/08/12 20:51:45
D
call: DLL_PROCESS_ATTACH
03/08/12 21:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 21:00:00
A
03/08/12 21:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 21:17:09
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:09
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:09
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:10
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:10
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:13
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:19
A
03/08/12 21:17:19
D
call: DLL_PROCESS_DETACH
03/08/12 21:17:26
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:27
A
03/08/12 21:17:27
R
03/08/12 21:17:28
D
call: DLL_PROCESS_ATTACH
03/08/12 21:17:33
A
03/08/12 21:17:33
R
03/08/12 21:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 21:20:33
A
03/08/12 21:20:33
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for

03/08/12 21:23:57
A
03/08/12 21:23:57
D
call: DLL_PROCESS_DETACH
03/08/12 21:32:22
D
call: DLL_PROCESS_ATTACH
03/08/12 21:35:33
D
call: DLL_PROCESS_ATTACH
03/08/12 21:35:33
A
03/08/12 21:35:33
D
call: DLL_PROCESS_DETACH
03/08/12 21:36:55
A
03/08/12 21:36:55
R
03/08/12 21:36:55
A
03/08/12 21:36:55
R
03/08/12 21:36:55
A
03/08/12 21:36:55
A
03/08/12 21:36:55
D
call: DLL_PROCESS_DETACH
03/08/12 21:36:55
D
call: DLL_PROCESS_DETACH
03/08/12 21:36:55
A
03/08/12 21:36:55
D
call: DLL_PROCESS_DETACH
03/08/12 21:36:55
A
03/08/12 21:36:55
D
call: DLL_PROCESS_DETACH
03/08/12 21:37:21
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:21
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:22
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:22
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:22
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:27
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:37
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:38
A
03/08/12 21:37:38
A
03/08/12 21:37:38
R
03/08/12 21:37:41
D
call: DLL_PROCESS_ATTACH
03/08/12 21:37:42
A
03/08/12 21:37:42
A
03/08/12 21:37:42
R
03/08/12 21:38:18
A
03/08/12 21:38:18
R
03/08/12 21:38:18
A
03/08/12 21:38:18
R
03/08/12 21:38:18
A
03/08/12 21:38:18
A
03/08/12 21:38:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:38:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:38:18
A
03/08/12 21:38:18
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for

call: DLL_PROCESS_DETACH
03/08/12 21:38:18
A
03/08/12 21:38:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:38:41
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:43
A
03/08/12 21:38:43
F
03/08/12 21:38:43
A
03/08/12 21:38:43
F
03/08/12 21:38:43
A
03/08/12 21:38:43
F
03/08/12 21:38:43
A
03/08/12 21:38:43
F
03/08/12 21:38:43
A
03/08/12 21:38:43
F
03/08/12 21:38:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:49
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:53
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:54
A
03/08/12 21:38:54
R
03/08/12 21:38:55
D
call: DLL_PROCESS_ATTACH
03/08/12 21:38:57
A
03/08/12 21:38:57
D
call: DLL_PROCESS_DETACH
03/08/12 21:38:57
A
03/08/12 21:38:57
R
03/08/12 21:39:09
A
03/08/12 21:39:09
R
03/08/12 21:39:09
A
03/08/12 21:39:09
R
03/08/12 21:39:09
A
03/08/12 21:39:09
A
03/08/12 21:39:09
D
call: DLL_PROCESS_DETACH
03/08/12 21:39:09
D
call: DLL_PROCESS_DETACH
03/08/12 21:39:09
A
03/08/12 21:39:09
D
call: DLL_PROCESS_DETACH
03/08/12 21:39:09
A
03/08/12 21:39:09
D
call: DLL_PROCESS_DETACH
03/08/12 21:39:17
A
03/08/12 21:39:17
D
call: DLL_PROCESS_DETACH
03/08/12 21:41:39
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 21:41:41
A
03/08/12 21:41:41
F
03/08/12 21:41:41
A
03/08/12 21:41:41
F
03/08/12 21:41:41
A
03/08/12 21:41:41
F
03/08/12 21:41:41
A
03/08/12 21:41:41
F
03/08/12 21:44:00
D
call: DLL_PROCESS_ATTACH
03/08/12 21:44:44
D
call: DLL_PROCESS_ATTACH
03/08/12 21:44:48
A
03/08/12 21:44:48
D
call: DLL_PROCESS_DETACH
03/08/12 21:47:09
D
call: DLL_PROCESS_ATTACH
03/08/12 21:47:10
A
03/08/12 21:47:10
A
03/08/12 21:47:10
A
03/08/12 21:47:10
D
call: DLL_PROCESS_ATTACH
03/08/12 21:47:11
A
03/08/12 21:47:11
O
03/08/12 21:47:11
V
03/08/12 21:47:11
V
03/08/12 21:47:11
A
03/08/12 21:47:12
A
03/08/12 21:47:12
A
03/08/12 21:47:12
O
03/08/12 21:47:12
V
03/08/12 21:47:12
V
03/08/12 21:47:12
F
03/08/12 21:47:12
V
03/08/12 21:47:12
V
03/08/12 21:47:13
A
03/08/12 21:47:15
A
03/08/12 21:47:15
A
03/08/12 21:47:15
A
03/08/12 21:47:15
O
03/08/12 21:47:15
V
03/08/12 21:47:15
V
03/08/12 21:47:15
F
03/08/12 21:47:15
V
03/08/12 21:47:15
V
03/08/12 21:50:18
A
03/08/12 21:50:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:50:19
A
03/08/12 21:50:19
D
call: DLL_PROCESS_DETACH
03/08/12 21:50:33
D
call: DLL_PROCESS_ATTACH
03/08/12 21:50:33
A
03/08/12 21:50:33
D
call: DLL_PROCESS_DETACH
03/08/12 21:51:17
D
call: DLL_PROCESS_ATTACH
03/08/12 21:51:18
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4096131072 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 21:51:18
D
call: DLL_PROCESS_ATTACH
03/08/12 21:51:18
D
call: DLL_PROCESS_ATTACH
03/08/12 21:51:18
D
call: DLL_PROCESS_ATTACH
03/08/12 21:51:20
D
call: DLL_PROCESS_ATTACH
03/08/12 21:53:44
A
03/08/12 21:53:44
R
03/08/12 21:53:44
A
03/08/12 21:53:44
R
03/08/12 21:53:44
A
03/08/12 21:53:44
A
03/08/12 21:53:44
D
call: DLL_PROCESS_DETACH
03/08/12 21:53:44
D
call: DLL_PROCESS_DETACH
03/08/12 21:53:44
A
03/08/12 21:53:45
D
call: DLL_PROCESS_DETACH
03/08/12 21:53:45
A
03/08/12 21:53:45
D
call: DLL_PROCESS_DETACH
03/08/12 21:53:51
D
call: DLL_PROCESS_ATTACH
03/08/12 21:53:51
D
call: DLL_PROCESS_ATTACH
03/08/12 21:53:52
D
call: DLL_PROCESS_ATTACH
03/08/12 21:53:52
D
call: DLL_PROCESS_ATTACH
03/08/12 21:53:52
D
call: DLL_PROCESS_ATTACH
03/08/12 21:54:02
D
call: DLL_PROCESS_ATTACH
03/08/12 21:54:17
A
03/08/12 21:54:17
R
03/08/12 21:54:17
A
03/08/12 21:54:17
A
03/08/12 21:54:17
R
03/08/12 21:54:18
A
03/08/12 21:54:18
A
03/08/12 21:54:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:54:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:54:18
A
03/08/12 21:54:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:54:18
A
03/08/12 21:54:18
D
call: DLL_PROCESS_DETACH
03/08/12 21:54:46
A
03/08/12 21:54:46
D
call: DLL_PROCESS_DETACH
03/08/12 21:54:51
D
call: DLL_PROCESS_ATTACH
03/08/12 21:54:52
A
03/08/12 21:54:52
F

Enter DllMain -> Handle: 1866792960 - Reason for

Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

03/08/12 21:54:52
A
03/08/12 21:54:52
F
03/08/12 21:54:52
A
03/08/12 21:54:52
F
03/08/12 21:54:52
A
03/08/12 21:54:52
F
03/08/12 21:55:10
A
03/08/12 21:55:10
D
call: DLL_PROCESS_DETACH
03/08/12 21:56:04
D
call: DLL_PROCESS_ATTACH
03/08/12 21:59:07
D
call: DLL_PROCESS_ATTACH
03/08/12 21:59:14
D
call: DLL_PROCESS_ATTACH
03/08/12 22:00:00
D
call: DLL_PROCESS_ATTACH
03/08/12 22:00:00
A
03/08/12 22:00:00
D
call: DLL_PROCESS_DETACH
03/08/12 22:05:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:05:49
A
03/08/12 22:05:49
D
call: DLL_PROCESS_DETACH
03/08/12 22:20:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:20:33
A
03/08/12 22:20:33
D
call: DLL_PROCESS_DETACH
03/08/12 22:25:07
A
03/08/12 22:26:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:26:58
D
call: DLL_PROCESS_ATTACH
03/08/12 22:27:03
A
03/08/12 22:27:03
A
03/08/12 22:27:03
D
call: DLL_PROCESS_DETACH
03/08/12 22:27:22
D
call: DLL_PROCESS_ATTACH
03/08/12 22:27:27
A
03/08/12 22:27:27
A
03/08/12 22:27:27
D
call: DLL_PROCESS_DETACH
03/08/12 22:27:36
D
call: DLL_PROCESS_ATTACH
03/08/12 22:27:36
D
call: DLL_PROCESS_ATTACH
03/08/12 22:27:46
A
03/08/12 22:27:46
D
call: DLL_PROCESS_DETACH
03/08/12 22:28:20
D
call: DLL_PROCESS_ATTACH
03/08/12 22:28:25
A
03/08/12 22:28:31
D
call: DLL_PROCESS_ATTACH
03/08/12 22:28:42
A
03/08/12 22:28:49
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for

03/08/12 22:28:55
A
03/08/12 22:29:44
D
call: DLL_PROCESS_ATTACH
03/08/12 22:29:48
A
03/08/12 22:29:48
D
call: DLL_PROCESS_DETACH
03/08/12 22:29:51
A
03/08/12 22:29:51
A
03/08/12 22:29:51
D
call: DLL_PROCESS_DETACH
03/08/12 22:29:51
D
call: DLL_PROCESS_DETACH
03/08/12 22:29:51
A
03/08/12 22:29:51
D
call: DLL_PROCESS_DETACH
03/08/12 22:29:54
A
03/08/12 22:29:54
D
call: DLL_PROCESS_DETACH
03/08/12 22:29:58
A
03/08/12 22:29:58
D
call: DLL_PROCESS_DETACH
03/08/12 22:30:29
A
03/08/12 22:30:29
D
call: DLL_PROCESS_DETACH
03/08/12 22:30:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:34
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:34
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:35
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:35
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:36
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:36
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:37
A
03/08/12 22:30:37
F
03/08/12 22:30:37
A
03/08/12 22:30:37
F
03/08/12 22:30:37
A
03/08/12 22:30:37
F
03/08/12 22:30:37
A
03/08/12 22:30:37
F
03/08/12 22:30:38
D
call: DLL_PROCESS_ATTACH
03/08/12 22:30:41
A
03/08/12 22:30:41
D
call: DLL_PROCESS_DETACH
03/08/12 22:30:48
A
03/08/12 22:30:48
R
03/08/12 22:30:48
A
03/08/12 22:30:48
R
03/08/12 22:30:48
A
03/08/12 22:30:48
A
03/08/12 22:30:48
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for

call: DLL_PROCESS_DETACH
03/08/12 22:30:48
D
call: DLL_PROCESS_DETACH
03/08/12 22:30:48
A
03/08/12 22:30:48
D
call: DLL_PROCESS_DETACH
03/08/12 22:30:48
A
03/08/12 22:30:48
D
call: DLL_PROCESS_DETACH
03/08/12 22:32:24
A
03/08/12 22:32:24
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:33
D
call: DLL_PROCESS_ATTACH
03/08/12 22:35:34
A
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
03/08/12 22:35:34
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D

Enter DllMain -> Handle: 1866792960 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 4096131072 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 1866792960 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for

call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:30
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:31
A
04/08/12 09:36:31
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:33
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:33
A
04/08/12 09:36:33
A
04/08/12 09:36:33
A
04/08/12 09:36:33
A
04/08/12 09:36:33
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:33
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:33
A
04/08/12 09:36:33
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:33
A
04/08/12 09:36:33
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:37
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:37
A
04/08/12 09:36:37
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:39
A
04/08/12 09:36:39
A
04/08/12 09:36:39
A
04/08/12 09:36:39
A

Enter DllMain -> Handle: 1873149952 - Reason for

Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

04/08/12 09:36:39
A
04/08/12 09:36:39
A
04/08/12 09:36:39
A
04/08/12 09:36:40
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:40
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:40
A
04/08/12 09:36:40
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:40
A
04/08/12 09:36:40
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:40
A
04/08/12 09:36:41
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:41
A
04/08/12 09:36:41
A
04/08/12 09:36:41
A
04/08/12 09:36:41
A
04/08/12 09:36:41
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:41
D
call: DLL_PROCESS_ATTACH
04/08/12 09:36:41
A
04/08/12 09:36:41
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:41
A
04/08/12 09:36:41
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:41
A
04/08/12 09:36:41
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:42
A
04/08/12 09:36:46
A
04/08/12 09:36:46
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:48
A

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback

04/08/12 09:36:48
D
call: DLL_PROCESS_DETACH
04/08/12 09:36:51
D
call: DLL_PROCESS_ATTACH
04/08/12 09:37:03
D
call: DLL_PROCESS_ATTACH
04/08/12 09:37:03
A
04/08/12 09:37:03
D
call: DLL_PROCESS_DETACH
04/08/12 09:38:56
A
04/08/12 09:38:56
D
call: DLL_PROCESS_DETACH
04/08/12 09:42:14
D
call: DLL_PROCESS_ATTACH
04/08/12 09:42:41
A
04/08/12 09:42:41
D
call: DLL_PROCESS_DETACH
04/08/12 09:49:01
D
call: DLL_PROCESS_ATTACH
04/08/12 09:49:01
A
04/08/12 09:49:01
D
call: DLL_PROCESS_DETACH
04/08/12 09:51:02
D
call: DLL_PROCESS_ATTACH
04/08/12 09:51:07
A
04/08/12 10:00:00
D
call: DLL_PROCESS_ATTACH
04/08/12 10:00:00
A
04/08/12 10:00:00
D
call: DLL_PROCESS_DETACH
04/08/12 10:06:13
A
04/08/12 10:06:14
D
call: DLL_PROCESS_ATTACH
04/08/12 10:06:16
D
call: DLL_PROCESS_ATTACH
04/08/12 10:06:16
A
04/08/12 10:06:16
A
04/08/12 10:06:16
A
04/08/12 10:06:16
A
04/08/12 10:06:16
D
call: DLL_PROCESS_ATTACH
04/08/12 10:06:16
D
call: DLL_PROCESS_ATTACH
04/08/12 10:06:16
A
04/08/12 10:06:16
D
call: DLL_PROCESS_DETACH
04/08/12 10:06:16
A
04/08/12 10:06:16
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D

Enter DllMain -> Handle: 4107993088 - Reason for

Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for
Enter DllMain -> Handle: 4107993088 - Reason for

call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
04/08/12 10:27:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
A

Enter DllMain -> Handle: 4107993088 - Reason for

Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 1873149952 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback

26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:37
A
26/08/12 12:50:37
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for

call: DLL_PROCESS_DETACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:38
A
26/08/12 12:50:38
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A

Enter DllMain -> Handle: 4086562816 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback

26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:39
A
26/08/12 12:50:39
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:40
A
26/08/12 12:50:41
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:41
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:41
A
26/08/12 12:50:41
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:41
A
26/08/12 12:50:41
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:41
A
26/08/12 12:50:42
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4086562816 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1880358912 - Reason for

call: DLL_PROCESS_ATTACH
26/08/12 12:50:42
D
call: DLL_PROCESS_ATTACH
26/08/12 12:50:42
A
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
A
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
A
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
26/08/12 12:50:42
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1880358912 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1880358912 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 4086562816 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 1880358912 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for

04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:01
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:02
A
04/09/12 23:44:02
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:02
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:02
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:03
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:05
A
04/09/12 23:44:05
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:05
A
04/09/12 23:44:05
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:09
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:09
A
04/09/12 23:44:09
A
04/09/12 23:44:09
A
04/09/12 23:44:09
A
04/09/12 23:44:09
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:09
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:09
A
04/09/12 23:44:09
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:09
A
04/09/12 23:44:09
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
A
04/09/12 23:44:10
A
04/09/12 23:44:10
A
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
A

Enter DllMain -> Handle: 1891696640 - Reason for

Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback

04/09/12 23:44:10
A
04/09/12 23:44:10
A
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:10
A
04/09/12 23:44:10
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:11
A
04/09/12 23:44:11
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
A
04/09/12 23:44:12
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:12
A
04/09/12 23:44:12
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for

call: DLL_PROCESS_DETACH
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
A
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:12
A
04/09/12 23:44:12
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:12
A
04/09/12 23:44:12
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:14
A
04/09/12 23:44:14
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:19
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:19
A
04/09/12 23:44:19
A
04/09/12 23:44:19
A
04/09/12 23:44:19
A
04/09/12 23:44:20
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:20
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:20
A
04/09/12 23:44:20
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:20
A
04/09/12 23:44:20
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4087218176 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for

04/09/12 23:44:24
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:24
A
04/09/12 23:44:24
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:26
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:28
A
04/09/12 23:44:28
A
04/09/12 23:44:28
A
04/09/12 23:44:29
A
04/09/12 23:44:29
A
04/09/12 23:44:29
A
04/09/12 23:44:29
A
04/09/12 23:44:30
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:30
A
04/09/12 23:44:30
A
04/09/12 23:44:30
A
04/09/12 23:44:30
A
04/09/12 23:44:30
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:30
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:30
A
04/09/12 23:44:30
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:30
A
04/09/12 23:44:30
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:30
A
04/09/12 23:44:30
A
04/09/12 23:44:30
A
04/09/12 23:44:31
A
04/09/12 23:44:31
A
04/09/12 23:44:31
A
04/09/12 23:44:31
A
04/09/12 23:44:31
A
04/09/12 23:44:31
A
04/09/12 23:44:32
A
04/09/12 23:44:32
F
04/09/12 23:44:32
A
04/09/12 23:44:32
F
04/09/12 23:44:32
A
04/09/12 23:44:32
F
04/09/12 23:44:32
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:32
A
04/09/12 23:44:32
A
04/09/12 23:44:32
A
04/09/12 23:44:32
A
04/09/12 23:44:32
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:32
D
call: DLL_PROCESS_ATTACH
04/09/12 23:44:32
A
04/09/12 23:44:32
D

Enter DllMain -> Handle: 1891696640 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
->
->
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for

call: DLL_PROCESS_DETACH
04/09/12 23:44:32
A
04/09/12 23:44:32
D
call: DLL_PROCESS_DETACH
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
A
04/09/12 23:44:33
F
04/09/12 23:44:33
A
04/09/12 23:44:33
F
04/09/12 23:44:33
A
04/09/12 23:44:33
F
04/09/12 23:44:35
A
04/09/12 23:44:35
A
04/09/12 23:44:35
A
04/09/12 23:44:35
A
04/09/12 23:44:35
A
04/09/12 23:45:06
A
04/09/12 23:45:06
D
call: DLL_PROCESS_DETACH
04/09/12 23:45:52
A
04/09/12 23:45:52
D
call: DLL_PROCESS_DETACH
04/09/12 23:51:40
D
call: DLL_PROCESS_ATTACH
04/09/12 23:51:45
A
04/09/12 23:54:39
D
call: DLL_PROCESS_ATTACH
04/09/12 23:54:39
A
04/09/12 23:54:39
D
call: DLL_PROCESS_DETACH
04/09/12 23:56:40
D
call: DLL_PROCESS_ATTACH
04/09/12 23:56:45
A
04/09/12 23:59:54
D
call: DLL_PROCESS_ATTACH
04/09/12 23:59:54
A
04/09/12 23:59:54
A
04/09/12 23:59:54
A
04/09/12 23:59:54
A
04/09/12 23:59:54
D
call: DLL_PROCESS_ATTACH
04/09/12 23:59:54
A
04/09/12 23:59:54
D
call: DLL_PROCESS_DETACH
04/09/12 23:59:54
D
call: DLL_PROCESS_ATTACH
04/09/12 23:59:55
D
call: DLL_PROCESS_ATTACH
04/09/12 23:59:55
D
call: DLL_PROCESS_ATTACH
04/09/12 23:59:57
A
04/09/12 23:59:57
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:01
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for

call: DLL_PROCESS_ATTACH
05/09/12 00:00:01
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:02
A
05/09/12 00:00:02
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:04
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:04
A
05/09/12 00:00:04
A
05/09/12 00:00:04
A
05/09/12 00:00:04
A
05/09/12 00:00:04
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:04
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:04
A
05/09/12 00:00:04
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:04
A
05/09/12 00:00:04
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:06
A
05/09/12 00:00:06
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:07
A
05/09/12 00:00:07
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:08
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:08
A
05/09/12 00:00:08
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:11
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:13
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:13
A
05/09/12 00:00:13
A
05/09/12 00:00:13
A
05/09/12 00:00:13
A
05/09/12 00:00:13
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:13
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:13
A
05/09/12 00:00:13
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:13
A
05/09/12 00:00:13
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:16
A
05/09/12 00:00:16
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:17
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:17
A
05/09/12 00:00:17
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:19
D

Enter DllMain -> Handle: 1891696640 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for

call: DLL_PROCESS_ATTACH
05/09/12 00:00:19
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:19
A
05/09/12 00:00:19
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:19
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
A
05/09/12 00:00:19
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
A
05/09/12 00:00:20
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:23
A
05/09/12 00:00:23
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:23
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:23
A
05/09/12 00:00:23
A

Enter DllMain -> Handle: 4087218176 - Reason for

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback

05/09/12 00:00:23
A
05/09/12 00:00:23
A
05/09/12 00:00:23
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:25
A
05/09/12 00:00:25
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:25
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:25
A
05/09/12 00:00:25
A
05/09/12 00:00:25
A
05/09/12 00:00:25
A
05/09/12 00:00:25
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:26
A
05/09/12 00:00:26
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:26
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:26
A
05/09/12 00:00:26
A
05/09/12 00:00:26
A
05/09/12 00:00:26
A
05/09/12 00:00:26
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:26
A
05/09/12 00:00:26
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:27
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for

05/09/12 00:00:30
A
05/09/12 00:00:30
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:30
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for

call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:31
A
05/09/12 00:00:31
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:32
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:32
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:32
A
05/09/12 00:00:32
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:32
A
05/09/12 00:00:32
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:32
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
A
05/09/12 00:00:32
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:33
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:33
A
05/09/12 00:00:33
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:33
A
05/09/12 00:00:33
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:33
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback

05/09/12 00:00:33
A
05/09/12 00:00:33
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:33
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:33
A
05/09/12 00:00:33
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:33
A
05/09/12 00:00:33
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:33
A
05/09/12 00:00:34
A
05/09/12 00:00:34
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:34
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:34
A
05/09/12 00:00:34
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:34
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:34
A
05/09/12 00:00:34
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:34
D
call: DLL_PROCESS_DETACH
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:34
A
05/09/12 00:00:35
A

-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
->
->
->
->
->
->
->
->
->
->
->
->
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback

05/09/12 00:00:35
A
05/09/12 00:00:35
A
05/09/12 00:00:35
A
05/09/12 00:00:35
A
05/09/12 00:00:45
D
call: DLL_PROCESS_ATTACH
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:47
A
05/09/12 00:00:47
F
05/09/12 00:00:54
A
05/09/12 00:00:54
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
05/09/12 00:09:48
D
call: DLL_PROCESS_DETACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:53
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1891696640 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 4087218176 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 1891696640 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for

call: DLL_PROCESS_ATTACH
03/10/12 09:51:54
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:54
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:54
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:54
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:54
D
call: DLL_PROCESS_ATTACH
03/10/12 09:51:59
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:00
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:01
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:01
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:01
A
03/10/12 09:52:01
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:03
A
03/10/12 09:52:03
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:04
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:09
A
03/10/12 09:52:09
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:17
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:17
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:17
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:17
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:19
A
03/10/12 09:52:19
F
03/10/12 09:52:20
A
03/10/12 09:52:20
A
03/10/12 09:52:20
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:25
A
03/10/12 09:52:25
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:25
A
03/10/12 09:52:25
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1959591936 - Reason for

Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for

03/10/12 09:52:25
A
03/10/12 09:52:25
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:25
A
03/10/12 09:52:25
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_ATTACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
03/10/12 09:52:28
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:33
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:34
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 4196204544 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 1959591936 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

27/10/12 23:00:34
A
27/10/12 23:00:37
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:39
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:39
A
27/10/12 23:00:39
A
27/10/12 23:00:39
A
27/10/12 23:00:40
A
27/10/12 23:00:40
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:40
A
27/10/12 23:00:42
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:48
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:48
A
27/10/12 23:00:48
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:48
A
27/10/12 23:00:48
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:52
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:52
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:58
D
call: DLL_PROCESS_ATTACH
27/10/12 23:00:58
A
27/10/12 23:00:58
A
27/10/12 23:00:58
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:58
A
27/10/12 23:00:58
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:58
A
27/10/12 23:00:58
D
call: DLL_PROCESS_DETACH
27/10/12 23:00:58
A
27/10/12 23:00:58
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4125294592 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4125294592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4125294592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4125294592 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 4125294592 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
27/10/12 23:02:14
D
call: DLL_PROCESS_DETACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:57
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
D
call: DLL_PROCESS_ATTACH
28/10/12 11:00:58
A
28/10/12 11:00:59
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:02
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:02
A
28/10/12 11:01:02
A
28/10/12 11:01:02
A
28/10/12 11:01:03
A
28/10/12 11:01:03
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:03
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:04
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:04
A
28/10/12 11:01:04
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:05
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:06
A
28/10/12 11:01:06
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:07
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:07
D
call: DLL_PROCESS_ATTACH
28/10/12 11:01:07
A
28/10/12 11:01:07
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:09
A

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4124966912 - Reason for
-> NtTerminateProcessCallback

28/10/12 11:01:09
A
28/10/12 11:01:09
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:13
A
28/10/12 11:01:13
F
28/10/12 11:01:13
A
28/10/12 11:01:13
F
28/10/12 11:01:13
A
28/10/12 11:01:13
F
28/10/12 11:01:15
A
28/10/12 11:01:15
F
28/10/12 11:01:15
A
28/10/12 11:01:15
F
28/10/12 11:01:15
A
28/10/12 11:01:15
F
28/10/12 11:01:16
A
28/10/12 11:01:16
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:16
A
28/10/12 11:01:16
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:17
A
28/10/12 11:01:17
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
28/10/12 11:01:32
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4124966912 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4124966912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4124966912 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 4124966912 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 1960312832 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for

16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:29
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:30
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:33
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:33
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:33
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:33
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:33
A
16/11/12 22:56:33
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:35
A
16/11/12 22:56:35
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:35
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:36
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:37
A
16/11/12 22:56:37
A
16/11/12 22:56:37
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:39
A
16/11/12 22:56:39
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:39
A
16/11/12 22:56:39
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:39
D
call: DLL_PROCESS_ATTACH
16/11/12 22:56:41
A
16/11/12 22:56:41
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:44
A
16/11/12 22:56:44
D
call: DLL_PROCESS_DETACH
16/11/12 22:56:48
A
16/11/12 22:56:48
F
16/11/12 22:56:48
A
16/11/12 22:56:48
F
16/11/12 22:56:48
A
16/11/12 22:56:48
F
16/11/12 22:56:49
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4116054016 - Reason for

Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4116054016 - Reason for

16/11/12 22:56:50
A
16/11/12 22:56:50
F
16/11/12 22:56:50
A
16/11/12 22:56:50
F
16/11/12 22:56:51
A
16/11/12 22:56:51
F
16/11/12 22:57:05
D
call: DLL_PROCESS_ATTACH
16/11/12 22:57:05
A
16/11/12 22:57:05
D
call: DLL_PROCESS_DETACH
16/11/12 22:57:08
A
16/11/12 22:57:08
D
call: DLL_PROCESS_DETACH
16/11/12 22:57:15
A
16/11/12 22:57:15
A
16/11/12 22:57:15
D
call: DLL_PROCESS_DETACH
16/11/12 22:57:15
D
call: DLL_PROCESS_DETACH
16/11/12 22:58:34
D
call: DLL_PROCESS_ATTACH
16/11/12 22:58:35
A
16/11/12 22:58:35
D
call: DLL_PROCESS_DETACH
16/11/12 22:58:41
D
call: DLL_PROCESS_ATTACH
16/11/12 22:59:10
D
call: DLL_PROCESS_ATTACH
16/11/12 22:59:38
A
16/11/12 22:59:38
D
call: DLL_PROCESS_DETACH
16/11/12 23:00:02
D
call: DLL_PROCESS_ATTACH
16/11/12 23:00:02
A
16/11/12 23:00:02
D
call: DLL_PROCESS_DETACH
16/11/12 23:00:07
A
16/11/12 23:00:07
D
call: DLL_PROCESS_DETACH
16/11/12 23:06:12
D
call: DLL_PROCESS_ATTACH
16/11/12 23:06:17
A
16/11/12 23:09:11
D
call: DLL_PROCESS_ATTACH
16/11/12 23:09:11
A
16/11/12 23:09:11
D
call: DLL_PROCESS_DETACH
16/11/12 23:11:12
D
call: DLL_PROCESS_ATTACH
16/11/12 23:11:17
A
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947205632 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947205632 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 4116054016 - Reason for

call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
16/11/12 23:17:34
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:05
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:06
A
17/11/12 00:46:06
A
17/11/12 00:46:06
A
17/11/12 00:46:07
A
17/11/12 00:46:07
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:07
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:07
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:08
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:09
A
17/11/12 00:46:09
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:10
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:11
A
17/11/12 00:46:11
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:11
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:12
D
call: DLL_PROCESS_ATTACH
17/11/12 00:46:14
A

Enter DllMain -> Handle: 4116054016 - Reason for

Enter DllMain -> Handle: 4116054016 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 1947205632 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
-> CreateDCWCallback

17/11/12 00:46:14
F
17/11/12 00:46:14
A
17/11/12 00:46:14
F
17/11/12 00:46:14
A
17/11/12 00:46:14
F
17/11/12 00:46:19
A
17/11/12 00:46:19
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:19
A
17/11/12 00:46:19
F
17/11/12 00:46:19
A
17/11/12 00:46:19
F
17/11/12 00:46:20
A
17/11/12 00:46:20
F
17/11/12 00:46:21
A
17/11/12 00:46:21
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:21
A
17/11/12 00:46:21
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:21
A
17/11/12 00:46:21
D
call: DLL_PROCESS_DETACH
17/11/12 00:46:34
A
17/11/12 00:46:34
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:02
D
call: DLL_PROCESS_ATTACH
17/11/12 00:58:02
A
17/11/12 00:58:02
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 00:58:32
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122607616 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122607616 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122607616 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122607616 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 4122607616 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 1960968192 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for

call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:19
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
A
17/11/12 01:00:20
A
17/11/12 01:00:20
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:21
A
17/11/12 01:00:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:22
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:22
A
17/11/12 01:00:22
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:23
A
17/11/12 01:00:23
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:24
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:24
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:24
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:26
D
call: DLL_PROCESS_ATTACH
17/11/12 01:00:26
A
17/11/12 01:00:26
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:36
A
17/11/12 01:00:36
F
17/11/12 01:00:36
A
17/11/12 01:00:36
F
17/11/12 01:00:36
A
17/11/12 01:00:36
F
17/11/12 01:00:42
A
17/11/12 01:00:42
F
17/11/12 01:00:42
A

Enter DllMain -> Handle: 4107075584 - Reason for

Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1921449984 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1921449984 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

17/11/12 01:00:42
F
17/11/12 01:00:43
A
17/11/12 01:00:43
F
17/11/12 01:00:43
A
17/11/12 01:00:43
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:43
A
17/11/12 01:00:43
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:43
A
17/11/12 01:00:43
D
call: DLL_PROCESS_DETACH
17/11/12 01:00:43
A
17/11/12 01:00:43
D
call: DLL_PROCESS_DETACH
17/11/12 01:01:01
A
17/11/12 01:01:01
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:02:57
D
call: DLL_PROCESS_DETACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:20
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:21
A
17/11/12 01:05:21
A
17/11/12 01:05:21
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107075584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107075584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107075584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4107075584 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 4107075584 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 1921449984 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4194369536 - Reason for

17/11/12 01:05:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:21
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:22
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:25
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:26
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:28
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:29
D
call: DLL_PROCESS_ATTACH
17/11/12 01:05:31
A
17/11/12 01:05:31
D
call: DLL_PROCESS_DETACH
17/11/12 01:05:31
A
17/11/12 01:05:31
D
call: DLL_PROCESS_DETACH
17/11/12 01:05:31
A
17/11/12 01:05:31
D
call: DLL_PROCESS_DETACH
17/11/12 01:05:33
A
17/11/12 01:05:33
F
17/11/12 01:05:33
A
17/11/12 01:05:33
F
17/11/12 01:05:33
A
17/11/12 01:05:33
F
17/11/12 01:05:37
A
17/11/12 01:05:37
F
17/11/12 01:05:37
A
17/11/12 01:05:37
F
17/11/12 01:05:37
A
17/11/12 01:05:37
D
call: DLL_PROCESS_DETACH
17/11/12 01:05:37
A
17/11/12 01:05:37
F
17/11/12 01:05:48
A
17/11/12 01:05:48
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D

Enter DllMain -> Handle: 1951334400 - Reason for

Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4194369536 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4194369536 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4194369536 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4194369536 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 4194369536 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for

call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 01:13:00
D
call: DLL_PROCESS_DETACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:52
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:53
A
17/11/12 13:33:54
A
17/11/12 13:33:54
A
17/11/12 13:33:54
D
call: DLL_PROCESS_DETACH
17/11/12 13:33:55
D
call: DLL_PROCESS_ATTACH
17/11/12 13:33:59
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:02
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:02
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:04
A
17/11/12 13:34:04
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:04
A
17/11/12 13:34:04
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:06
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:06
A
17/11/12 13:34:06
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:06
A

Enter DllMain -> Handle: 1951334400 - Reason for

Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 1951334400 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback

17/11/12 13:34:06
F
17/11/12 13:34:06
A
17/11/12 13:34:06
F
17/11/12 13:34:06
A
17/11/12 13:34:06
F
17/11/12 13:34:07
A
17/11/12 13:34:07
F
17/11/12 13:34:07
A
17/11/12 13:34:07
F
17/11/12 13:34:07
A
17/11/12 13:34:07
F
17/11/12 13:34:09
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:09
A
17/11/12 13:34:09
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:12
A
17/11/12 13:34:12
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:20
A
17/11/12 13:34:20
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:28
D
call: DLL_PROCESS_ATTACH
17/11/12 13:34:29
A
17/11/12 13:34:29
D
call: DLL_PROCESS_DETACH
17/11/12 13:34:54
D
call: DLL_PROCESS_ATTACH
17/11/12 13:46:43
D
call: DLL_PROCESS_ATTACH
17/11/12 13:46:43
A
17/11/12 13:46:43
D
call: DLL_PROCESS_DETACH
17/11/12 13:48:42
D
call: DLL_PROCESS_ATTACH
17/11/12 13:48:44
D
call: DLL_PROCESS_ATTACH
17/11/12 13:48:47
A
17/11/12 13:54:36
A
17/11/12 13:54:36
F
17/11/12 13:54:46
A
17/11/12 13:54:46
F
17/11/12 14:00:01
D
call: DLL_PROCESS_ATTACH
17/11/12 14:00:02
A
17/11/12 14:00:02
D
call: DLL_PROCESS_DETACH
17/11/12 14:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 14:20:54
A
17/11/12 14:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 14:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 14:35:54
A
17/11/12 14:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 14:50:54
D
call: DLL_PROCESS_ATTACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for

17/11/12 14:50:54
A
17/11/12 14:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 15:00:00
D
call: DLL_PROCESS_ATTACH
17/11/12 15:00:00
A
17/11/12 15:00:00
D
call: DLL_PROCESS_DETACH
17/11/12 15:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 15:05:54
A
17/11/12 15:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 15:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 15:20:54
A
17/11/12 15:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 15:35:55
D
call: DLL_PROCESS_ATTACH
17/11/12 15:35:56
A
17/11/12 15:35:56
D
call: DLL_PROCESS_DETACH
17/11/12 15:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 15:50:54
A
17/11/12 15:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 16:00:03
D
call: DLL_PROCESS_ATTACH
17/11/12 16:00:03
A
17/11/12 16:00:03
D
call: DLL_PROCESS_DETACH
17/11/12 16:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 16:05:54
A
17/11/12 16:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 16:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 16:20:54
A
17/11/12 16:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 16:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 16:35:54
A
17/11/12 16:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 16:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 16:50:54
A
17/11/12 16:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
17/11/12 17:00:01
A
17/11/12 17:00:01
D
call: DLL_PROCESS_DETACH
17/11/12 17:05:54
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for

17/11/12 17:05:54
A
17/11/12 17:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 17:17:35
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:36
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:40
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:41
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:41
A
17/11/12 17:17:41
D
call: DLL_PROCESS_DETACH
17/11/12 17:17:41
A
17/11/12 17:17:41
A
17/11/12 17:17:41
D
call: DLL_PROCESS_DETACH
17/11/12 17:17:46
A
17/11/12 17:17:51
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:52
A
17/11/12 17:17:52
D
call: DLL_PROCESS_DETACH
17/11/12 17:17:52
D
call: DLL_PROCESS_ATTACH
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:17:54
A
17/11/12 17:17:54
F
17/11/12 17:18:11
A
17/11/12 17:18:11
D
call: DLL_PROCESS_DETACH
17/11/12 17:18:14
D
call: DLL_PROCESS_ATTACH
17/11/12 17:18:25
A
17/11/12 17:18:25
A
17/11/12 17:18:25
D
call: DLL_PROCESS_DETACH
17/11/12 17:18:35
A
17/11/12 17:18:35
D
call: DLL_PROCESS_DETACH
17/11/12 17:18:47
D
call: DLL_PROCESS_ATTACH
17/11/12 17:18:47
A
17/11/12 17:18:47
D
call: DLL_PROCESS_DETACH
17/11/12 17:18:48
D
call: DLL_PROCESS_ATTACH
17/11/12 17:18:49
A
17/11/12 17:18:49
F
17/11/12 17:20:02
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

17/11/12 17:20:02
F
17/11/12 17:20:02
A
17/11/12 17:20:02
F
17/11/12 17:20:02
A
17/11/12 17:20:02
F
17/11/12 17:20:02
A
17/11/12 17:20:02
D
call: DLL_PROCESS_DETACH
17/11/12 17:20:03
A
17/11/12 17:20:03
F
17/11/12 17:20:15
D
call: DLL_PROCESS_ATTACH
17/11/12 17:20:28
A
17/11/12 17:20:28
F
17/11/12 17:20:28
A
17/11/12 17:20:28
F
17/11/12 17:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 17:20:54
A
17/11/12 17:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 17:21:10
A
17/11/12 17:21:10
F
17/11/12 17:29:50
A
17/11/12 17:29:50
F
17/11/12 17:29:50
A
17/11/12 17:29:50
F
17/11/12 17:29:51
A
17/11/12 17:29:51
A
17/11/12 17:29:51
F
17/11/12 17:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 17:35:54
A
17/11/12 17:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:13
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:14
A
17/11/12 17:37:14
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:25
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:28
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:28
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:29
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:30
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:35
A
17/11/12 17:37:35
A
17/11/12 17:37:35
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:36
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:37
A
17/11/12 17:37:37
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:37
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945501696 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback

17/11/12 17:37:37
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:38
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:38
A
17/11/12 17:37:38
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:39
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:40
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:41
A
17/11/12 17:37:41
A
17/11/12 17:37:41
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:44
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:45
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:50
A
17/11/12 17:37:50
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:50
A
17/11/12 17:37:50
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:51
D
call: DLL_PROCESS_ATTACH
17/11/12 17:37:53
A
17/11/12 17:37:53
R
17/11/12 17:37:56
A
17/11/12 17:37:56
D
call: DLL_PROCESS_DETACH
17/11/12 17:37:56
A
17/11/12 17:37:56
D
call: DLL_PROCESS_DETACH
17/11/12 17:38:48
D
call: DLL_PROCESS_ATTACH
17/11/12 17:38:53
A
17/11/12 17:38:53
A
17/11/12 17:38:53
D
call: DLL_PROCESS_DETACH
17/11/12 17:38:57
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:14
A
17/11/12 17:39:14
F
17/11/12 17:39:14
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:14
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:14
A
17/11/12 17:39:14
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:21
A
17/11/12 17:39:21
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:21
A

Enter DllMain -> Handle: 1945501696 - Reason for

Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback

17/11/12 17:39:21
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:25
A
17/11/12 17:39:25
A
17/11/12 17:39:25
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:26
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:27
A
17/11/12 17:39:27
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:38
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:43
A
17/11/12 17:39:43
F
17/11/12 17:39:45
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:46
A
17/11/12 17:39:46
A
17/11/12 17:39:46
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:46
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:47
A
17/11/12 17:39:47
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:47
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:48
A
17/11/12 17:39:48
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:50
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:50
A
17/11/12 17:39:50
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:50
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:50
A
17/11/12 17:39:50
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:59
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:59
A
17/11/12 17:39:59
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:59
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:59
A
17/11/12 17:39:59
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:59
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:59
A
17/11/12 17:39:59
D
call: DLL_PROCESS_DETACH
17/11/12 17:39:59
D
call: DLL_PROCESS_ATTACH
17/11/12 17:39:59
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4188536832 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for

17/11/12 17:40:00
A
17/11/12 17:40:00
D
call: DLL_PROCESS_DETACH
17/11/12 17:40:00
D
call: DLL_PROCESS_ATTACH
17/11/12 17:40:01
A
17/11/12 17:40:01
D
call: DLL_PROCESS_DETACH
17/11/12 17:40:02
D
call: DLL_PROCESS_ATTACH
17/11/12 17:40:05
A
17/11/12 17:40:05
A
17/11/12 17:40:05
D
call: DLL_PROCESS_DETACH
17/11/12 17:40:07
A
17/11/12 17:40:07
D
call: DLL_PROCESS_DETACH
17/11/12 17:40:39
A
17/11/12 17:40:39
D
call: DLL_PROCESS_DETACH
17/11/12 17:41:00
A
17/11/12 17:41:00
R
17/11/12 17:41:01
A
17/11/12 17:41:01
D
call: DLL_PROCESS_DETACH
17/11/12 17:41:01
A
17/11/12 17:41:01
D
call: DLL_PROCESS_DETACH
17/11/12 17:41:04
D
call: DLL_PROCESS_ATTACH
17/11/12 17:41:04
A
17/11/12 17:41:04
D
call: DLL_PROCESS_DETACH
17/11/12 17:41:28
A
17/11/12 17:41:28
D
call: DLL_PROCESS_DETACH
17/11/12 17:48:49
D
call: DLL_PROCESS_ATTACH
17/11/12 17:48:49
D
call: DLL_PROCESS_ATTACH
17/11/12 17:49:13
D
call: DLL_PROCESS_ATTACH
17/11/12 17:49:15
A
17/11/12 17:49:15
R
17/11/12 17:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 17:50:54
A
17/11/12 17:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 17:51:22
D
call: DLL_PROCESS_ATTACH
17/11/12 17:57:46
D
call: DLL_PROCESS_ATTACH
17/11/12 17:57:46
A
17/11/12 17:57:46
D
call: DLL_PROCESS_DETACH
17/11/12 17:57:47
D
call: DLL_PROCESS_ATTACH
17/11/12 17:57:47
A
17/11/12 17:57:47
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for

call: DLL_PROCESS_DETACH
17/11/12 17:58:45
D
call: DLL_PROCESS_ATTACH
17/11/12 17:58:47
A
17/11/12 17:58:47
R
17/11/12 17:59:59
D
call: DLL_PROCESS_ATTACH
17/11/12 18:00:02
D
call: DLL_PROCESS_ATTACH
17/11/12 18:00:02
A
17/11/12 18:00:02
D
call: DLL_PROCESS_DETACH
17/11/12 18:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 18:05:54
A
17/11/12 18:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 18:20:02
A
17/11/12 18:20:02
R
17/11/12 18:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 18:20:54
A
17/11/12 18:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 18:24:02
D
call: DLL_PROCESS_ATTACH
17/11/12 18:24:04
A
17/11/12 18:24:04
R
17/11/12 18:30:37
A
17/11/12 18:30:37
R
17/11/12 18:30:38
A
17/11/12 18:30:38
D
call: DLL_PROCESS_DETACH
17/11/12 18:30:38
A
17/11/12 18:30:38
D
call: DLL_PROCESS_DETACH
17/11/12 18:34:08
D
call: DLL_PROCESS_ATTACH
17/11/12 18:34:31
A
17/11/12 18:34:31
D
call: DLL_PROCESS_DETACH
17/11/12 18:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 18:35:54
A
17/11/12 18:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 18:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 18:50:54
A
17/11/12 18:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
17/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
17/11/12 19:00:00
A
17/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
17/11/12 19:00:10
A
17/11/12 19:00:10
D

Enter DllMain -> Handle: 1945501696 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for

call: DLL_PROCESS_DETACH
17/11/12 19:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 19:05:54
A
17/11/12 19:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 19:15:10
D
call: DLL_PROCESS_ATTACH
17/11/12 19:15:23
A
17/11/12 19:15:23
D
call: DLL_PROCESS_DETACH
17/11/12 19:16:15
D
call: DLL_PROCESS_ATTACH
17/11/12 19:16:18
D
call: DLL_PROCESS_ATTACH
17/11/12 19:16:18
A
17/11/12 19:16:18
A
17/11/12 19:16:18
A
17/11/12 19:16:18
A
17/11/12 19:16:18
D
call: DLL_PROCESS_ATTACH
17/11/12 19:16:18
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:08
A
17/11/12 19:19:08
D
call: DLL_PROCESS_DETACH
17/11/12 19:19:08
A
17/11/12 19:19:08
D
call: DLL_PROCESS_DETACH
17/11/12 19:19:10
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:12
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:12
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:12
A
17/11/12 19:19:12
A
17/11/12 19:19:12
A
17/11/12 19:19:12
A
17/11/12 19:19:12
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:13
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:14
A
17/11/12 19:19:14
A
17/11/12 19:19:14
A
17/11/12 19:19:14
A
17/11/12 19:19:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:15
D
call: DLL_PROCESS_ATTACH
17/11/12 19:19:15
A
17/11/12 19:19:15
D
call: DLL_PROCESS_DETACH
17/11/12 19:20:55
D
call: DLL_PROCESS_ATTACH
17/11/12 19:20:56
A
17/11/12 19:20:56
D

Enter DllMain -> Handle: 4188536832 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for

call: DLL_PROCESS_DETACH
17/11/12 19:25:10
A
17/11/12 19:25:10
R
17/11/12 19:25:10
A
17/11/12 19:25:10
R
17/11/12 19:25:10
A
17/11/12 19:25:10
R
17/11/12 19:25:29
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:32
A
17/11/12 19:25:32
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:32
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:32
A
17/11/12 19:25:32
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D

-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 1945501696 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for

call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
A
17/11/12 19:25:34
A
17/11/12 19:25:34
A
17/11/12 19:25:34
A
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
D
call: DLL_PROCESS_ATTACH
17/11/12 19:25:34
A
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:25:34
A
17/11/12 19:25:34
D
call: DLL_PROCESS_DETACH
17/11/12 19:30:29
D
call: DLL_PROCESS_ATTACH
17/11/12 19:31:02
A
17/11/12 19:31:02
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4084203520 - Reason for

Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for

17/11/12 19:31:55
A
17/11/12 19:31:55
R
17/11/12 19:31:55
A
17/11/12 19:31:55
R
17/11/12 19:31:55
A
17/11/12 19:31:55
R
17/11/12 19:32:12
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:12
A
17/11/12 19:32:12
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D

-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for

call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
A
17/11/12 19:32:14
A
17/11/12 19:32:14
A
17/11/12 19:32:14
A
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
D
call: DLL_PROCESS_ATTACH
17/11/12 19:32:14
A
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:32:14
A
17/11/12 19:32:14
D
call: DLL_PROCESS_DETACH
17/11/12 19:35:55
D
call: DLL_PROCESS_ATTACH
17/11/12 19:35:55
A
17/11/12 19:35:55
D
call: DLL_PROCESS_DETACH
17/11/12 19:38:50
A
17/11/12 19:38:50
R
17/11/12 19:38:50
A
17/11/12 19:38:50
R
17/11/12 19:38:50
A
17/11/12 19:38:50
R

Enter DllMain -> Handle: 4188536832 - Reason for

Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948909568 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4188536832 - Reason for
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe
-> NtTerminateProcessCallback
Dejamos matar a cyberclient.exe

17/11/12 19:39:04
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:05
A
17/11/12 19:39:05
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D

Enter DllMain -> Handle: 1948909568 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 4188536832 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 1948909568 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for

call: DLL_PROCESS_ATTACH
17/11/12 19:39:06
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
A
17/11/12 19:39:07
A
17/11/12 19:39:07
A
17/11/12 19:39:07
A
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
D
call: DLL_PROCESS_ATTACH
17/11/12 19:39:07
A
17/11/12 19:39:07
D
call: DLL_PROCESS_DETACH
17/11/12 19:39:07
A
17/11/12 19:39:07
D
call: DLL_PROCESS_DETACH
17/11/12 19:45:56
D
call: DLL_PROCESS_ATTACH
17/11/12 19:46:15
A
17/11/12 19:46:15
D
call: DLL_PROCESS_DETACH
17/11/12 19:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 19:50:54
A
17/11/12 19:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
17/11/12 20:00:01
A
17/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
17/11/12 20:01:15
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4084203520 - Reason for

Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for

17/11/12 20:01:37
A
17/11/12 20:01:37
D
call: DLL_PROCESS_DETACH
17/11/12 20:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 20:05:54
A
17/11/12 20:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:31
A
17/11/12 20:08:31
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:31
A
17/11/12 20:08:31
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:38
A
17/11/12 20:08:38
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:38
A
17/11/12 20:08:38
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:38
A
17/11/12 20:08:38
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:41
D
call: DLL_PROCESS_ATTACH
17/11/12 20:08:41
D
call: DLL_PROCESS_ATTACH
17/11/12 20:08:45
A
17/11/12 20:08:45
D
call: DLL_PROCESS_DETACH
17/11/12 20:08:47
D
call: DLL_PROCESS_ATTACH
17/11/12 20:08:47
A
17/11/12 20:08:47
R
17/11/12 20:09:32
D
call: DLL_PROCESS_ATTACH
17/11/12 20:10:26
D
call: DLL_PROCESS_ATTACH
17/11/12 20:10:26
A
17/11/12 20:10:26
D
call: DLL_PROCESS_DETACH
17/11/12 20:10:26
D
call: DLL_PROCESS_ATTACH
17/11/12 20:10:26
A
17/11/12 20:10:26
F
17/11/12 20:16:37
D
call: DLL_PROCESS_ATTACH
17/11/12 20:17:02
A
17/11/12 20:17:02
D
call: DLL_PROCESS_DETACH
17/11/12 20:18:37
A
17/11/12 20:18:37
F
17/11/12 20:18:37
A
17/11/12 20:18:37
F
17/11/12 20:18:37
A
17/11/12 20:18:37
F
17/11/12 20:18:38
A
17/11/12 20:18:38
D
call: DLL_PROCESS_DETACH
17/11/12 20:18:38
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> CreateDCWCallback

17/11/12 20:18:38
F
17/11/12 20:19:27
D
call: DLL_PROCESS_ATTACH
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:28
A
17/11/12 20:19:28
F
17/11/12 20:19:35
A
17/11/12 20:19:35
F
17/11/12 20:19:49
A
17/11/12 20:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 20:20:54
A
17/11/12 20:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 20:23:58
A
17/11/12 20:25:02
A
17/11/12 20:25:02
F
17/11/12 20:25:02
A
17/11/12 20:25:02
F
17/11/12 20:25:02
A
17/11/12 20:25:02
F
17/11/12 20:25:05
A
17/11/12 20:25:05
F
17/11/12 20:25:05
A
17/11/12 20:25:05
F
17/11/12 20:27:59
A
17/11/12 20:27:59
F
17/11/12 20:27:59
A
17/11/12 20:27:59
F
17/11/12 20:27:59
A
17/11/12 20:27:59
F
17/11/12 20:28:11
A
17/11/12 20:28:11
F
17/11/12 20:28:11
A
17/11/12 20:28:11
F
17/11/12 20:31:59
A
17/11/12 20:31:59
A
17/11/12 20:31:59
F
17/11/12 20:31:59
D
call: DLL_PROCESS_DETACH
17/11/12 20:31:59
A
17/11/12 20:31:59
F
17/11/12 20:32:00
A
17/11/12 20:32:00
F
17/11/12 20:32:02
D

lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949171712 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949171712 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4084203520 - Reason for

call: DLL_PROCESS_ATTACH
17/11/12 20:32:30
A
17/11/12 20:32:30
D
call: DLL_PROCESS_DETACH
17/11/12 20:33:22
A
17/11/12 20:33:22
R
17/11/12 20:33:23
A
17/11/12 20:33:23
D
call: DLL_PROCESS_DETACH
17/11/12 20:33:23
A
17/11/12 20:33:23
D
call: DLL_PROCESS_DETACH
17/11/12 20:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 20:35:54
A
17/11/12 20:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 20:47:30
D
call: DLL_PROCESS_ATTACH
17/11/12 20:48:01
A
17/11/12 20:48:01
D
call: DLL_PROCESS_DETACH
17/11/12 20:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 20:50:54
A
17/11/12 20:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 20:53:09
D
call: DLL_PROCESS_ATTACH
17/11/12 20:53:10
D
call: DLL_PROCESS_ATTACH
17/11/12 20:53:15
D
call: DLL_PROCESS_ATTACH
17/11/12 20:53:15
A
17/11/12 20:53:15
R
17/11/12 20:53:37
D
call: DLL_PROCESS_ATTACH
17/11/12 21:00:00
D
call: DLL_PROCESS_ATTACH
17/11/12 21:00:00
A
17/11/12 21:00:00
D
call: DLL_PROCESS_DETACH
17/11/12 21:03:01
D
call: DLL_PROCESS_ATTACH
17/11/12 21:03:02
A
17/11/12 21:03:02
D
call: DLL_PROCESS_DETACH
17/11/12 21:05:24
D
call: DLL_PROCESS_ATTACH
17/11/12 21:05:26
D
call: DLL_PROCESS_ATTACH
17/11/12 21:05:27
A
17/11/12 21:05:27
R
17/11/12 21:05:34
D
call: DLL_PROCESS_ATTACH
17/11/12 21:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 21:05:54
A
17/11/12 21:05:54
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for

17/11/12 21:06:04
A
17/11/12 21:06:04
R
17/11/12 21:10:33
D
call: DLL_PROCESS_ATTACH
17/11/12 21:11:01
D
call: DLL_PROCESS_ATTACH
17/11/12 21:11:02
A
17/11/12 21:11:02
R
17/11/12 21:11:03
A
17/11/12 21:11:03
R
17/11/12 21:18:02
D
call: DLL_PROCESS_ATTACH
17/11/12 21:18:06
A
17/11/12 21:18:06
D
call: DLL_PROCESS_DETACH
17/11/12 21:19:02
A
17/11/12 21:19:02
R
17/11/12 21:20:40
D
call: DLL_PROCESS_ATTACH
17/11/12 21:20:42
D
call: DLL_PROCESS_ATTACH
17/11/12 21:20:45
A
17/11/12 21:20:45
R
17/11/12 21:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 21:20:54
A
17/11/12 21:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 21:21:50
D
call: DLL_PROCESS_ATTACH
17/11/12 21:21:50
A
17/11/12 21:21:50
R
17/11/12 21:22:55
D
call: DLL_PROCESS_ATTACH
17/11/12 21:22:56
A
17/11/12 21:22:56
R
17/11/12 21:23:10
D
call: DLL_PROCESS_ATTACH
17/11/12 21:23:12
D
call: DLL_PROCESS_ATTACH
17/11/12 21:23:13
A
17/11/12 21:23:13
R
17/11/12 21:23:24
D
call: DLL_PROCESS_ATTACH
17/11/12 21:23:26
A
17/11/12 21:23:26
R
17/11/12 21:23:26
D
call: DLL_PROCESS_ATTACH
17/11/12 21:23:42
A
17/11/12 21:23:42
R
17/11/12 21:24:48
D
call: DLL_PROCESS_ATTACH
17/11/12 21:25:18
A
17/11/12 21:25:18
R
17/11/12 21:27:09
D
call: DLL_PROCESS_ATTACH
17/11/12 21:27:10
A
17/11/12 21:27:10
R
17/11/12 21:31:08
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for

17/11/12 21:31:09
A
17/11/12 21:31:09
R
17/11/12 21:33:06
D
call: DLL_PROCESS_ATTACH
17/11/12 21:33:13
A
17/11/12 21:33:13
D
call: DLL_PROCESS_DETACH
17/11/12 21:34:57
D
call: DLL_PROCESS_ATTACH
17/11/12 21:35:00
A
17/11/12 21:35:00
R
17/11/12 21:35:54
D
call: DLL_PROCESS_ATTACH
17/11/12 21:35:54
A
17/11/12 21:35:54
D
call: DLL_PROCESS_DETACH
17/11/12 21:44:43
D
call: DLL_PROCESS_ATTACH
17/11/12 21:44:44
D
call: DLL_PROCESS_ATTACH
17/11/12 21:44:46
A
17/11/12 21:44:46
R
17/11/12 21:44:50
D
call: DLL_PROCESS_ATTACH
17/11/12 21:44:51
A
17/11/12 21:44:51
R
17/11/12 21:48:13
D
call: DLL_PROCESS_ATTACH
17/11/12 21:48:23
A
17/11/12 21:48:23
D
call: DLL_PROCESS_DETACH
17/11/12 21:50:54
D
call: DLL_PROCESS_ATTACH
17/11/12 21:50:54
A
17/11/12 21:50:54
D
call: DLL_PROCESS_DETACH
17/11/12 21:54:00
D
call: DLL_PROCESS_ATTACH
17/11/12 21:54:00
A
17/11/12 21:54:00
R
17/11/12 21:54:04
D
call: DLL_PROCESS_ATTACH
17/11/12 21:54:04
A
17/11/12 21:54:04
R
17/11/12 21:54:48
D
call: DLL_PROCESS_ATTACH
17/11/12 21:54:49
A
17/11/12 21:54:49
R
17/11/12 21:54:52
D
call: DLL_PROCESS_ATTACH
17/11/12 21:54:52
A
17/11/12 21:54:52
R
17/11/12 21:55:55
D
call: DLL_PROCESS_ATTACH
17/11/12 21:55:55
A
17/11/12 21:55:55
R
17/11/12 22:00:00
D
call: DLL_PROCESS_ATTACH
17/11/12 22:00:00
A
17/11/12 22:00:00
D

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for

call: DLL_PROCESS_DETACH
17/11/12 22:03:23
D
call: DLL_PROCESS_ATTACH
17/11/12 22:03:36
A
17/11/12 22:03:36
D
call: DLL_PROCESS_DETACH
17/11/12 22:05:54
D
call: DLL_PROCESS_ATTACH
17/11/12 22:05:54
A
17/11/12 22:05:54
D
call: DLL_PROCESS_DETACH
17/11/12 22:17:25
A
17/11/12 22:17:25
R
17/11/12 22:17:26
A
17/11/12 22:17:26
R
17/11/12 22:17:27
A
17/11/12 22:17:27
R
17/11/12 22:17:34
A
17/11/12 22:17:34
R
17/11/12 22:17:35
A
17/11/12 22:17:35
R
17/11/12 22:17:35
A
17/11/12 22:17:35
D
call: DLL_PROCESS_DETACH
17/11/12 22:17:35
A
17/11/12 22:17:35
D
call: DLL_PROCESS_DETACH
17/11/12 22:18:36
D
call: DLL_PROCESS_ATTACH
17/11/12 22:18:52
A
17/11/12 22:18:52
D
call: DLL_PROCESS_DETACH
17/11/12 22:20:54
D
call: DLL_PROCESS_ATTACH
17/11/12 22:20:54
A
17/11/12 22:20:54
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D
call: DLL_PROCESS_DETACH
17/11/12 22:30:16
D

Enter DllMain -> Handle: 4084203520 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 4084203520 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for
Enter DllMain -> Handle: 1949171712 - Reason for

call: DLL_PROCESS_DETACH
18/11/12 14:45:49
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:49
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:49
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
A
18/11/12 14:45:50
A
18/11/12 14:45:50
A
18/11/12 14:45:50
A
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
D
call: DLL_PROCESS_ATTACH
18/11/12 14:45:50
A
18/11/12 14:45:50
D
call: DLL_PROCESS_DETACH
18/11/12 14:45:50
A
18/11/12 14:45:50
D
call: DLL_PROCESS_DETACH
18/11/12 14:45:53
A
18/11/12 14:45:53
A
18/11/12 14:45:53
D
call: DLL_PROCESS_DETACH
18/11/12 14:45:53
D
call: DLL_PROCESS_DETACH
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:54
A
18/11/12 14:45:54
F
18/11/12 14:45:58
D

Enter DllMain -> Handle: 4123328512 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for

call: DLL_PROCESS_ATTACH
18/11/12 14:45:58
A
18/11/12 14:45:58
D
call: DLL_PROCESS_DETACH
18/11/12 14:46:04
A
18/11/12 14:46:04
D
call: DLL_PROCESS_DETACH
18/11/12 14:46:09
A
18/11/12 14:46:09
D
call: DLL_PROCESS_DETACH
18/11/12 14:49:47
D
call: DLL_PROCESS_ATTACH
18/11/12 14:50:08
A
18/11/12 14:50:08
D
call: DLL_PROCESS_DETACH
18/11/12 14:58:41
D
call: DLL_PROCESS_ATTACH
18/11/12 14:58:41
A
18/11/12 14:58:41
D
call: DLL_PROCESS_DETACH
18/11/12 14:59:12
D
call: DLL_PROCESS_ATTACH
18/11/12 14:59:14
A
18/11/12 14:59:14
F
18/11/12 14:59:14
A
18/11/12 14:59:14
F
18/11/12 14:59:55
A
18/11/12 14:59:55
F
18/11/12 15:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 15:00:01
A
18/11/12 15:00:01
D
call: DLL_PROCESS_DETACH
18/11/12 15:00:40
D
call: DLL_PROCESS_ATTACH
18/11/12 15:00:42
D
call: DLL_PROCESS_ATTACH
18/11/12 15:00:45
A
18/11/12 15:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 15:32:42
A
18/11/12 15:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 15:38:17
A
18/11/12 15:38:17
F
18/11/12 15:38:18
A
18/11/12 15:38:18
F
18/11/12 15:38:18
A
18/11/12 15:38:18
A
18/11/12 15:38:18
F
18/11/12 15:38:25
D
call: DLL_PROCESS_ATTACH
18/11/12 15:38:25
D
call: DLL_PROCESS_ATTACH
18/11/12 15:38:25
A
18/11/12 15:38:25
D
call: DLL_PROCESS_DETACH
18/11/12 15:38:26
A
18/11/12 15:38:26
F
18/11/12 15:38:29
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

18/11/12 15:38:29
F
18/11/12 15:38:29
A
18/11/12 15:38:29
F
18/11/12 15:38:30
A
18/11/12 15:38:30
F
18/11/12 15:38:59
A
18/11/12 15:38:59
D
call: DLL_PROCESS_DETACH
18/11/12 15:39:00
A
18/11/12 15:39:00
F
18/11/12 15:39:00
A
18/11/12 15:39:00
D
call: DLL_PROCESS_DETACH
18/11/12 15:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 15:47:42
A
18/11/12 15:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 16:00:02
D
call: DLL_PROCESS_ATTACH
18/11/12 16:00:02
A
18/11/12 16:00:02
D
call: DLL_PROCESS_DETACH
18/11/12 16:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 16:02:42
A
18/11/12 16:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:33
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:33
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:33
A
18/11/12 16:15:33
A
18/11/12 16:15:33
A
18/11/12 16:15:33
A
18/11/12 16:15:36
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:37
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:37
A
18/11/12 16:15:37
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:37
A
18/11/12 16:15:37
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:37
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:37
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:37
A
18/11/12 16:15:37
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:37
A
18/11/12 16:15:37
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:39
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:39
D
call: DLL_PROCESS_ATTACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for

18/11/12 16:15:39
A
18/11/12 16:15:39
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:39
A
18/11/12 16:15:39
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:40
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:40
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:40
A
18/11/12 16:15:40
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:40
A
18/11/12 16:15:40
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:41
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:41
A
18/11/12 16:15:41
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:41
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:41
A
18/11/12 16:15:41
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:41
D
call: DLL_PROCESS_ATTACH
18/11/12 16:15:49
A
18/11/12 16:15:49
D
call: DLL_PROCESS_DETACH
18/11/12 16:15:50
A
18/11/12 16:15:50
D
call: DLL_PROCESS_DETACH
18/11/12 16:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 16:17:42
A
18/11/12 16:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 16:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 16:32:42
A
18/11/12 16:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 16:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 16:47:42
A
18/11/12 16:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 16:49:57
D
call: DLL_PROCESS_ATTACH
18/11/12 16:49:57
A
18/11/12 16:49:57
A
18/11/12 16:49:58
A
18/11/12 16:49:58
O
18/11/12 16:49:58
V
18/11/12 16:49:58
V
18/11/12 16:49:59
A
18/11/12 16:49:59
A
18/11/12 16:49:59
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> DocumentPropertiesWCallBack
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack

18/11/12 16:49:59
O
18/11/12 16:49:59
V
18/11/12 16:49:59
V
18/11/12 16:49:59
F
18/11/12 16:49:59
V
18/11/12 16:49:59
V
18/11/12 16:58:24
D
call: DLL_PROCESS_ATTACH
18/11/12 16:58:24
D
call: DLL_PROCESS_ATTACH
18/11/12 16:58:38
A
18/11/12 16:58:38
D
call: DLL_PROCESS_DETACH
18/11/12 16:58:51
A
18/11/12 16:58:51
D
call: DLL_PROCESS_DETACH
18/11/12 16:59:17
D
call: DLL_PROCESS_ATTACH
18/11/12 16:59:17
A
18/11/12 16:59:17
D
call: DLL_PROCESS_DETACH
18/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 17:00:01
A
18/11/12 17:00:01
D
call: DLL_PROCESS_DETACH
18/11/12 17:00:02
A
18/11/12 17:00:02
D
call: DLL_PROCESS_DETACH
18/11/12 17:00:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:00:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:00:33
D
call: DLL_PROCESS_ATTACH
18/11/12 17:00:35
A
18/11/12 17:00:35
A
18/11/12 17:00:35
R
18/11/12 17:00:37
D
call: DLL_PROCESS_ATTACH
18/11/12 17:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 17:02:42
A
18/11/12 17:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 17:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 17:17:42
A
18/11/12 17:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 17:19:10
A
18/11/12 17:19:10
R
18/11/12 17:19:10
A
18/11/12 17:19:10
D
call: DLL_PROCESS_DETACH
18/11/12 17:19:10
A
18/11/12 17:19:10
D
call: DLL_PROCESS_DETACH
18/11/12 17:26:09
A
18/11/12 17:26:09
F

Impresora Final: CyberClient

DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

18/11/12 17:26:17
D
call: DLL_PROCESS_ATTACH
18/11/12 17:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 17:32:42
A
18/11/12 17:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 17:39:19
A
18/11/12 17:39:19
A
18/11/12 17:39:19
F
18/11/12 17:39:19
D
call: DLL_PROCESS_DETACH
18/11/12 17:39:19
A
18/11/12 17:39:19
F
18/11/12 17:39:26
D
call: DLL_PROCESS_ATTACH
18/11/12 17:39:26
D
call: DLL_PROCESS_ATTACH
18/11/12 17:39:29
D
call: DLL_PROCESS_ATTACH
18/11/12 17:39:30
A
18/11/12 17:39:30
A
18/11/12 17:39:30
R
18/11/12 17:39:32
D
call: DLL_PROCESS_ATTACH
18/11/12 17:39:33
A
18/11/12 17:39:33
A
18/11/12 17:39:33
R
18/11/12 17:39:38
D
call: DLL_PROCESS_ATTACH
18/11/12 17:39:40
A
18/11/12 17:39:40
A
18/11/12 17:39:40
R
18/11/12 17:39:47
D
call: DLL_PROCESS_ATTACH
18/11/12 17:40:02
A
18/11/12 17:40:02
R
18/11/12 17:40:02
A
18/11/12 17:40:02
D
call: DLL_PROCESS_DETACH
18/11/12 17:40:02
A
18/11/12 17:40:02
D
call: DLL_PROCESS_DETACH
18/11/12 17:40:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:40:52
A
18/11/12 17:40:52
F
18/11/12 17:47:01
D
call: DLL_PROCESS_ATTACH
18/11/12 17:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 17:47:42
A
18/11/12 17:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 17:47:49
D
call: DLL_PROCESS_ATTACH
18/11/12 17:47:51
A
18/11/12 17:47:51
F
18/11/12 17:47:51
A
18/11/12 17:47:51
F

Enter DllMain -> Handle: 1941241856 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

18/11/12 17:48:31
A
18/11/12 17:48:31
F
18/11/12 17:48:45
A
18/11/12 17:48:45
F
18/11/12 17:48:45
A
18/11/12 17:48:45
F
18/11/12 17:48:45
A
18/11/12 17:48:46
A
18/11/12 17:48:46
F
18/11/12 17:49:22
D
call: DLL_PROCESS_ATTACH
18/11/12 17:49:22
A
18/11/12 17:49:22
D
call: DLL_PROCESS_DETACH
18/11/12 17:49:23
D
call: DLL_PROCESS_ATTACH
18/11/12 17:49:24
A
18/11/12 17:49:24
F
18/11/12 17:49:55
A
18/11/12 17:49:55
F
18/11/12 17:49:55
A
18/11/12 17:49:55
F
18/11/12 17:49:55
A
18/11/12 17:49:55
F
18/11/12 17:49:56
A
18/11/12 17:49:56
D
call: DLL_PROCESS_DETACH
18/11/12 17:49:56
A
18/11/12 17:49:56
F
18/11/12 17:50:10
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:11
A
18/11/12 17:50:11
F
18/11/12 17:50:16
A
18/11/12 17:50:16
F
18/11/12 17:50:16
A
18/11/12 17:50:16
F
18/11/12 17:50:16
A
18/11/12 17:50:16
F
18/11/12 17:50:18
A
18/11/12 17:50:18
F
18/11/12 17:50:25
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

18/11/12 17:50:25
F
18/11/12 17:50:26
A
18/11/12 17:50:26
A
18/11/12 17:50:26
F
18/11/12 17:50:26
A
18/11/12 17:50:26
F
18/11/12 17:50:26
D
call: DLL_PROCESS_DETACH
18/11/12 17:50:26
A
18/11/12 17:50:26
F
18/11/12 17:50:44
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:47
A
18/11/12 17:50:47
D
call: DLL_PROCESS_DETACH
18/11/12 17:50:49
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:51
A
18/11/12 17:50:51
D
call: DLL_PROCESS_DETACH
18/11/12 17:50:52
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:53
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:55
A
18/11/12 17:50:55
R
18/11/12 17:50:55
A
18/11/12 17:50:55
D
call: DLL_PROCESS_DETACH
18/11/12 17:50:57
D
call: DLL_PROCESS_ATTACH
18/11/12 17:50:58
A
18/11/12 17:50:58
D
call: DLL_PROCESS_DETACH
18/11/12 17:50:59
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:00
A
18/11/12 17:51:00
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:00
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:00
A
18/11/12 17:51:00
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:00
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:04
A
18/11/12 17:51:04
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:06
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:08
A
18/11/12 17:51:08
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:25
A
18/11/12 17:51:25
A

lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback

18/11/12 17:51:25
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:32
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:37
A
18/11/12 17:51:37
A
18/11/12 17:51:37
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:46
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:49
A
18/11/12 17:51:49
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:49
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:50
A
18/11/12 17:51:50
D
call: DLL_PROCESS_DETACH
18/11/12 17:51:50
D
call: DLL_PROCESS_ATTACH
18/11/12 17:51:51
A
18/11/12 17:51:51
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:02
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:03
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:07
A
18/11/12 17:52:09
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:10
A
18/11/12 17:52:10
A
18/11/12 17:52:10
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:13
A
18/11/12 17:52:13
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:16
A
18/11/12 17:52:16
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:16
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:17
A
18/11/12 17:52:17
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:23
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:24
A
18/11/12 17:52:24
D
call: DLL_PROCESS_DETACH
18/11/12 17:52:28
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:28
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:31
D
call: DLL_PROCESS_ATTACH
18/11/12 17:52:33
A
18/11/12 17:52:33
A
18/11/12 17:52:33
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4123328512 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for

18/11/12 17:52:34
A
18/11/12 17:52:34
D
call: DLL_PROCESS_DETACH
18/11/12 17:53:28
A
18/11/12 17:53:28
D
call: DLL_PROCESS_DETACH
18/11/12 17:53:32
D
call: DLL_PROCESS_ATTACH
18/11/12 17:53:34
A
18/11/12 17:53:34
D
call: DLL_PROCESS_DETACH
18/11/12 17:53:57
D
call: DLL_PROCESS_ATTACH
18/11/12 17:54:00
A
18/11/12 17:54:00
D
call: DLL_PROCESS_DETACH
18/11/12 17:54:01
D
call: DLL_PROCESS_ATTACH
18/11/12 17:54:04
D
call: DLL_PROCESS_ATTACH
18/11/12 17:54:04
A
18/11/12 17:54:04
D
call: DLL_PROCESS_DETACH
18/11/12 17:54:41
D
call: DLL_PROCESS_ATTACH
18/11/12 17:54:46
A
18/11/12 17:54:46
F
18/11/12 17:54:50
A
18/11/12 17:54:50
F
18/11/12 17:54:50
A
18/11/12 17:54:50
F
18/11/12 17:54:50
A
18/11/12 17:54:50
F
18/11/12 17:54:53
A
18/11/12 17:54:53
D
call: DLL_PROCESS_DETACH
18/11/12 17:54:53
A
18/11/12 17:54:53
F
18/11/12 17:55:04
A
18/11/12 17:55:04
D
call: DLL_PROCESS_DETACH
18/11/12 17:55:21
D
call: DLL_PROCESS_ATTACH
18/11/12 17:55:23
A
18/11/12 17:55:23
D
call: DLL_PROCESS_DETACH
18/11/12 17:55:29
D
call: DLL_PROCESS_ATTACH
18/11/12 17:55:31
A
18/11/12 17:55:31
D
call: DLL_PROCESS_DETACH
18/11/12 17:55:34
D
call: DLL_PROCESS_ATTACH
18/11/12 17:55:36
A
18/11/12 17:55:36
D
call: DLL_PROCESS_DETACH
18/11/12 17:55:53
A
18/11/12 17:55:53
D
call: DLL_PROCESS_DETACH
18/11/12 17:55:56
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for

call: DLL_PROCESS_ATTACH
18/11/12 17:56:12
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:15
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:15
A
18/11/12 17:56:15
A
18/11/12 17:56:15
A
18/11/12 17:56:15
A
18/11/12 17:56:15
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:15
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:20
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:26
A
18/11/12 17:56:26
D
call: DLL_PROCESS_DETACH
18/11/12 17:56:38
A
18/11/12 17:56:38
D
call: DLL_PROCESS_DETACH
18/11/12 17:56:38
A
18/11/12 17:56:38
D
call: DLL_PROCESS_DETACH
18/11/12 17:56:43
D
call: DLL_PROCESS_ATTACH
18/11/12 17:56:45
A
18/11/12 17:56:45
D
call: DLL_PROCESS_DETACH
18/11/12 17:57:58
A
18/11/12 17:57:58
A
18/11/12 17:58:04
A
18/11/12 17:58:04
F
18/11/12 17:58:04
D
call: DLL_PROCESS_ATTACH
18/11/12 17:58:22
A
18/11/12 17:58:22
D
call: DLL_PROCESS_DETACH
18/11/12 17:58:22
D
call: DLL_PROCESS_ATTACH
18/11/12 17:58:34
A
18/11/12 17:58:37
A
18/11/12 17:58:47
A
18/11/12 17:58:47
D
call: DLL_PROCESS_DETACH
18/11/12 17:58:48
A
18/11/12 17:58:48
F
18/11/12 17:58:48
A
18/11/12 17:58:48
F
18/11/12 17:58:48
A
18/11/12 17:58:48
F
18/11/12 17:58:48
A
18/11/12 17:58:48
F
18/11/12 17:58:51
A
18/11/12 17:58:51
F
18/11/12 17:58:54
D
call: DLL_PROCESS_ATTACH
18/11/12 17:58:59
A
18/11/12 17:58:59
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1941241856 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for

18/11/12 17:59:01
A
18/11/12 17:59:01
F
18/11/12 17:59:02
D
call: DLL_PROCESS_ATTACH
18/11/12 17:59:05
A
18/11/12 17:59:05
D
call: DLL_PROCESS_DETACH
18/11/12 17:59:26
D
call: DLL_PROCESS_ATTACH
18/11/12 17:59:26
A
18/11/12 17:59:26
D
call: DLL_PROCESS_DETACH
18/11/12 17:59:27
D
call: DLL_PROCESS_ATTACH
18/11/12 17:59:27
A
18/11/12 17:59:27
F
18/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 18:00:01
A
18/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
18/11/12 18:00:51
A
18/11/12 18:00:51
F
18/11/12 18:00:51
A
18/11/12 18:00:51
F
18/11/12 18:00:51
A
18/11/12 18:00:51
F
18/11/12 18:00:53
D
call: DLL_PROCESS_ATTACH
18/11/12 18:00:53
D
call: DLL_PROCESS_ATTACH
18/11/12 18:01:08
D
call: DLL_PROCESS_ATTACH
18/11/12 18:01:11
A
18/11/12 18:01:11
R
18/11/12 18:01:14
D
call: DLL_PROCESS_ATTACH
18/11/12 18:01:17
D
call: DLL_PROCESS_ATTACH
18/11/12 18:01:19
A
18/11/12 18:01:19
R
18/11/12 18:01:24
D
call: DLL_PROCESS_ATTACH
18/11/12 18:02:28
A
18/11/12 18:02:28
F
18/11/12 18:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 18:02:43
A
18/11/12 18:02:43
D
call: DLL_PROCESS_DETACH
18/11/12 18:14:37
A
18/11/12 18:14:37
F
18/11/12 18:14:37
A
18/11/12 18:14:37
F
18/11/12 18:14:37
A
18/11/12 18:14:37
F
18/11/12 18:14:40
A
18/11/12 18:14:40
F
18/11/12 18:17:42
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for

18/11/12 18:17:42
A
18/11/12 18:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 18:22:50
A
18/11/12 18:22:50
F
18/11/12 18:22:50
A
18/11/12 18:22:50
F
18/11/12 18:22:50
A
18/11/12 18:22:50
F
18/11/12 18:22:57
A
18/11/12 18:22:57
F
18/11/12 18:26:13
A
18/11/12 18:26:13
F
18/11/12 18:26:13
A
18/11/12 18:26:13
F
18/11/12 18:26:13
A
18/11/12 18:26:13
F
18/11/12 18:26:39
A
18/11/12 18:26:39
F
18/11/12 18:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 18:32:42
A
18/11/12 18:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 18:39:39
A
18/11/12 18:39:39
F
18/11/12 18:39:39
A
18/11/12 18:39:39
F
18/11/12 18:39:39
A
18/11/12 18:39:39
F
18/11/12 18:39:45
A
18/11/12 18:39:45
F
18/11/12 18:46:39
A
18/11/12 18:46:39
F
18/11/12 18:46:39
A
18/11/12 18:46:39
F
18/11/12 18:46:39
A
18/11/12 18:46:39
F
18/11/12 18:46:48
A
18/11/12 18:46:48
F
18/11/12 18:46:51
A
18/11/12 18:46:51
F
18/11/12 18:46:51
A
18/11/12 18:46:51
F
18/11/12 18:46:51
A
18/11/12 18:46:51
A
18/11/12 18:46:51
F
18/11/12 18:46:51
D
call: DLL_PROCESS_DETACH
18/11/12 18:46:52
A
18/11/12 18:46:52
F
18/11/12 18:47:09
D
call: DLL_PROCESS_ATTACH
18/11/12 18:47:09
A
18/11/12 18:47:09
D
call: DLL_PROCESS_DETACH
18/11/12 18:47:09
D
call: DLL_PROCESS_ATTACH
18/11/12 18:47:10
A
18/11/12 18:47:10
F

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

18/11/12 18:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 18:47:42
A
18/11/12 18:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 18:48:38
A
18/11/12 18:48:38
F
18/11/12 18:48:38
A
18/11/12 18:48:38
F
18/11/12 18:48:38
A
18/11/12 18:48:38
F
18/11/12 18:49:32
A
18/11/12 18:49:32
F
18/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
18/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
18/11/12 19:00:00
A
18/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
18/11/12 19:00:31
A
18/11/12 19:00:31
D
call: DLL_PROCESS_DETACH
18/11/12 19:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 19:02:42
A
18/11/12 19:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 19:07:35
D
call: DLL_PROCESS_ATTACH
18/11/12 19:15:31
D
call: DLL_PROCESS_ATTACH
18/11/12 19:15:32
A
18/11/12 19:15:32
D
call: DLL_PROCESS_DETACH
18/11/12 19:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 19:17:42
A
18/11/12 19:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 19:27:23
A
18/11/12 19:27:23
F
18/11/12 19:27:23
A
18/11/12 19:27:23
D
call: DLL_PROCESS_DETACH
18/11/12 19:27:23
A
18/11/12 19:27:23
F
18/11/12 19:27:23
A
18/11/12 19:27:23
F
18/11/12 19:28:15
A
18/11/12 19:28:15
R
18/11/12 19:28:15
A
18/11/12 19:28:15
R
18/11/12 19:28:15
A
18/11/12 19:28:15
D
call: DLL_PROCESS_DETACH
18/11/12 19:28:15
A
18/11/12 19:28:15
D
call: DLL_PROCESS_DETACH
18/11/12 19:28:57
D

Enter DllMain -> Handle: 4123328512 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for

call: DLL_PROCESS_ATTACH
18/11/12 19:29:25
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:25
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:25
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
A
18/11/12 19:29:25
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:26
A
18/11/12 19:29:26
D
call: DLL_PROCESS_DETACH
18/11/12 19:29:26
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:26
A
18/11/12 19:29:26
R
18/11/12 19:29:27
A
18/11/12 19:29:27
D
call: DLL_PROCESS_DETACH
18/11/12 19:29:28
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:29
A
18/11/12 19:29:29
F
18/11/12 19:29:30
A
18/11/12 19:29:30
D
call: DLL_PROCESS_DETACH
18/11/12 19:29:33
D
call: DLL_PROCESS_ATTACH
18/11/12 19:29:33
A
18/11/12 19:29:33
F
18/11/12 19:29:33
A
18/11/12 19:29:33
F
18/11/12 19:29:34
A
18/11/12 19:29:34
F
18/11/12 19:29:34
A
18/11/12 19:29:34
D
call: DLL_PROCESS_DETACH
18/11/12 19:29:37
A
18/11/12 19:29:37
F
18/11/12 19:29:39
A
18/11/12 19:29:39
A
18/11/12 19:29:39
D
call: DLL_PROCESS_DETACH
18/11/12 19:30:32
D
call: DLL_PROCESS_ATTACH
18/11/12 19:30:44
A
18/11/12 19:30:44
D
call: DLL_PROCESS_DETACH
18/11/12 19:30:47
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1941241856 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es GunBound.gme Asesino GunBound.gme
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for

18/11/12 19:30:48
A
18/11/12 19:30:48
F
18/11/12 19:30:48
A
18/11/12 19:30:48
F
18/11/12 19:30:48
A
18/11/12 19:30:48
F
18/11/12 19:30:48
A
18/11/12 19:30:48
F
18/11/12 19:30:50
A
18/11/12 19:30:50
F
18/11/12 19:30:50
A
18/11/12 19:30:50
F
18/11/12 19:30:50
A
18/11/12 19:30:50
F
18/11/12 19:30:55
A
18/11/12 19:30:55
D
call: DLL_PROCESS_DETACH
18/11/12 19:30:56
A
18/11/12 19:30:56
F
18/11/12 19:31:23
A
18/11/12 19:31:23
F
18/11/12 19:31:23
A
18/11/12 19:31:23
F
18/11/12 19:31:23
A
18/11/12 19:31:23
F
18/11/12 19:31:24
A
18/11/12 19:31:24
A
18/11/12 19:31:24
F
18/11/12 19:31:37
D
call: DLL_PROCESS_ATTACH
18/11/12 19:31:37
A
18/11/12 19:31:37
D
call: DLL_PROCESS_DETACH
18/11/12 19:31:37
D
call: DLL_PROCESS_ATTACH
18/11/12 19:31:38
A
18/11/12 19:31:38
F
18/11/12 19:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 19:32:42
A
18/11/12 19:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 19:45:41
D
call: DLL_PROCESS_ATTACH
18/11/12 19:45:47
A
18/11/12 19:45:47
D
call: DLL_PROCESS_DETACH
18/11/12 19:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 19:47:42
A
18/11/12 19:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 20:00:01
A
18/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
18/11/12 20:00:47
D
call: DLL_PROCESS_ATTACH
18/11/12 20:00:56
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback

18/11/12 20:00:56
D
call: DLL_PROCESS_DETACH
18/11/12 20:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 20:02:42
A
18/11/12 20:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:07:19
A
18/11/12 20:07:19
F
18/11/12 20:07:19
A
18/11/12 20:07:19
F
18/11/12 20:07:19
A
18/11/12 20:07:19
F
18/11/12 20:07:19
A
18/11/12 20:07:19
D
call: DLL_PROCESS_DETACH
18/11/12 20:07:19
A
18/11/12 20:07:19
F
18/11/12 20:09:18
A
18/11/12 20:09:18
D
call: DLL_PROCESS_ATTACH
18/11/12 20:10:28
D
call: DLL_PROCESS_ATTACH
18/11/12 20:10:28
A
18/11/12 20:10:28
D
call: DLL_PROCESS_DETACH
18/11/12 20:10:28
D
call: DLL_PROCESS_ATTACH
18/11/12 20:10:29
A
18/11/12 20:10:29
F
18/11/12 20:13:25
A
18/11/12 20:13:25
F
18/11/12 20:13:25
A
18/11/12 20:13:25
F
18/11/12 20:13:25
A
18/11/12 20:13:25
F
18/11/12 20:13:25
A
18/11/12 20:13:25
D
call: DLL_PROCESS_DETACH
18/11/12 20:13:25
A
18/11/12 20:13:25
F
18/11/12 20:14:54
D
call: DLL_PROCESS_ATTACH
18/11/12 20:14:55
D
call: DLL_PROCESS_ATTACH
18/11/12 20:14:57
D
call: DLL_PROCESS_ATTACH
18/11/12 20:14:57
D
call: DLL_PROCESS_ATTACH
18/11/12 20:15:05
A
18/11/12 20:15:05
D
call: DLL_PROCESS_DETACH
18/11/12 20:15:11
A
18/11/12 20:15:11
D
call: DLL_PROCESS_DETACH
18/11/12 20:15:14
D
call: DLL_PROCESS_ATTACH
18/11/12 20:15:14
A
18/11/12 20:15:14
R
18/11/12 20:15:47
D

Enter DllMain -> Handle: 4123328512 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for

call: DLL_PROCESS_ATTACH
18/11/12 20:15:56
D
call: DLL_PROCESS_ATTACH
18/11/12 20:16:08
A
18/11/12 20:16:08
D
call: DLL_PROCESS_DETACH
18/11/12 20:17:37
A
18/11/12 20:17:37
R
18/11/12 20:17:38
A
18/11/12 20:17:38
D
call: DLL_PROCESS_DETACH
18/11/12 20:17:38
A
18/11/12 20:17:38
D
call: DLL_PROCESS_DETACH
18/11/12 20:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:42
A
18/11/12 20:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:17:46
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
A
18/11/12 20:17:48
A
18/11/12 20:17:48
A
18/11/12 20:17:48
A
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:53
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:53
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
A
18/11/12 20:17:53
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:53
A
18/11/12 20:17:53
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:54
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:54
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:55
D

Enter DllMain -> Handle: 4123328512 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for

call: DLL_PROCESS_ATTACH
18/11/12 20:17:55
A
18/11/12 20:17:55
A
18/11/12 20:17:55
A
18/11/12 20:17:55
A
18/11/12 20:17:55
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:56
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:56
A
18/11/12 20:17:56
A
18/11/12 20:17:56
A
18/11/12 20:17:56
A
18/11/12 20:17:56
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:56
D
call: DLL_PROCESS_ATTACH
18/11/12 20:17:58
D
call: DLL_PROCESS_ATTACH
18/11/12 20:19:12
A
18/11/12 20:19:12
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:12
A
18/11/12 20:19:12
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:12
A
18/11/12 20:19:12
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:12
A
18/11/12 20:19:12
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:16
A
18/11/12 20:19:16
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:16
A
18/11/12 20:19:16
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:19
A
18/11/12 20:19:19
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:19
A
18/11/12 20:19:19
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:20
A
18/11/12 20:19:20
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:20
A
18/11/12 20:19:20
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:20
A
18/11/12 20:19:20
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:20
A
18/11/12 20:19:20
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:23
A
18/11/12 20:19:23
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:27
A
18/11/12 20:19:27
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for

call: DLL_PROCESS_DETACH
18/11/12 20:19:27
D
call: DLL_PROCESS_ATTACH
18/11/12 20:19:27
A
18/11/12 20:19:27
F
18/11/12 20:19:28
A
18/11/12 20:19:28
D
call: DLL_PROCESS_DETACH
18/11/12 20:19:28
D
call: DLL_PROCESS_ATTACH
18/11/12 20:19:28
A
18/11/12 20:19:28
D
call: DLL_PROCESS_DETACH
18/11/12 20:20:40
A
18/11/12 20:20:40
F
18/11/12 20:20:40
A
18/11/12 20:20:40
F
18/11/12 20:20:41
A
18/11/12 20:20:41
F
18/11/12 20:20:42
A
18/11/12 20:20:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:20:43
A
18/11/12 20:20:43
F
18/11/12 20:20:49
D
call: DLL_PROCESS_ATTACH
18/11/12 20:20:49
D
call: DLL_PROCESS_ATTACH
18/11/12 20:21:23
D
call: DLL_PROCESS_ATTACH
18/11/12 20:21:24
A
18/11/12 20:21:24
R
18/11/12 20:21:24
D
call: DLL_PROCESS_ATTACH
18/11/12 20:31:08
D
call: DLL_PROCESS_ATTACH
18/11/12 20:31:23
A
18/11/12 20:31:23
D
call: DLL_PROCESS_DETACH
18/11/12 20:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 20:32:42
A
18/11/12 20:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:46:02
A
18/11/12 20:46:02
R
18/11/12 20:46:02
A
18/11/12 20:46:02
D
call: DLL_PROCESS_DETACH
18/11/12 20:46:02
A
18/11/12 20:46:02
D
call: DLL_PROCESS_DETACH
18/11/12 20:46:13
D
call: DLL_PROCESS_ATTACH
18/11/12 20:46:13
D
call: DLL_PROCESS_ATTACH
18/11/12 20:46:23
D
call: DLL_PROCESS_ATTACH
18/11/12 20:46:23
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1941241856 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for

18/11/12 20:46:23
D
call: DLL_PROCESS_ATTACH
18/11/12 20:46:24
D
call: DLL_PROCESS_ATTACH
18/11/12 20:46:27
A
18/11/12 20:46:27
R
18/11/12 20:46:34
A
18/11/12 20:46:34
D
call: DLL_PROCESS_DETACH
18/11/12 20:46:38
A
18/11/12 20:46:38
D
call: DLL_PROCESS_DETACH
18/11/12 20:46:41
A
18/11/12 20:46:41
D
call: DLL_PROCESS_DETACH
18/11/12 20:47:19
D
call: DLL_PROCESS_ATTACH
18/11/12 20:47:21
A
18/11/12 20:47:21
F
18/11/12 20:47:26
D
call: DLL_PROCESS_ATTACH
18/11/12 20:47:27
A
18/11/12 20:47:27
R
18/11/12 20:47:42
D
call: DLL_PROCESS_ATTACH
18/11/12 20:47:42
A
18/11/12 20:47:42
D
call: DLL_PROCESS_DETACH
18/11/12 20:48:21
D
call: DLL_PROCESS_ATTACH
18/11/12 20:48:24
A
18/11/12 20:48:24
R
18/11/12 20:50:49
D
call: DLL_PROCESS_ATTACH
18/11/12 20:50:49
D
call: DLL_PROCESS_ATTACH
18/11/12 20:50:53
D
call: DLL_PROCESS_ATTACH
18/11/12 20:50:54
A
18/11/12 20:50:54
F
18/11/12 20:50:57
A
18/11/12 20:50:57
A
18/11/12 20:50:57
D
call: DLL_PROCESS_DETACH
18/11/12 20:51:09
A
18/11/12 20:51:09
F
18/11/12 20:51:15
A
18/11/12 20:51:15
F
18/11/12 20:51:17
A
18/11/12 20:51:17
A
18/11/12 20:51:17
D
call: DLL_PROCESS_DETACH
18/11/12 20:51:18
D
call: DLL_PROCESS_ATTACH
18/11/12 20:51:20
A
18/11/12 20:51:20
D
call: DLL_PROCESS_DETACH
18/11/12 20:51:22
D
call: DLL_PROCESS_ATTACH
18/11/12 20:51:22
A

Enter DllMain -> Handle: 4123328512 - Reason for

Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback

18/11/12 20:51:22
D
call: DLL_PROCESS_DETACH
18/11/12 20:51:32
D
call: DLL_PROCESS_ATTACH
18/11/12 20:51:33
D
call: DLL_PROCESS_ATTACH
18/11/12 20:51:33
D
call: DLL_PROCESS_ATTACH
18/11/12 20:51:35
A
18/11/12 20:51:35
D
call: DLL_PROCESS_DETACH
18/11/12 20:51:43
A
18/11/12 20:51:43
D
call: DLL_PROCESS_DETACH
18/11/12 20:55:35
D
call: DLL_PROCESS_ATTACH
18/11/12 20:55:46
A
18/11/12 20:55:46
R
18/11/12 20:55:47
A
18/11/12 20:55:47
D
call: DLL_PROCESS_DETACH
18/11/12 20:55:47
A
18/11/12 20:55:47
D
call: DLL_PROCESS_DETACH
18/11/12 20:55:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:55:48
D
call: DLL_PROCESS_ATTACH
18/11/12 20:55:55
D
call: DLL_PROCESS_ATTACH
18/11/12 20:55:55
A
18/11/12 20:55:55
R
18/11/12 20:56:41
D
call: DLL_PROCESS_ATTACH
18/11/12 20:56:41
D
call: DLL_PROCESS_ATTACH
18/11/12 20:56:51
A
18/11/12 20:56:51
D
call: DLL_PROCESS_DETACH
18/11/12 20:58:10
D
call: DLL_PROCESS_ATTACH
18/11/12 20:58:10
A
18/11/12 20:58:10
F
18/11/12 20:58:10
A
18/11/12 20:58:10
F
18/11/12 20:58:10
A
18/11/12 20:58:10
F
18/11/12 20:58:10
A
18/11/12 20:58:10
F
18/11/12 20:59:05
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:10
A
18/11/12 20:59:10
A
18/11/12 20:59:10
D
call: DLL_PROCESS_DETACH
18/11/12 20:59:20
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:28
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:33
A

Enter DllMain -> Handle: 1941241856 - Reason for

Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtSuspendProcessCallback
La victima es chrome.exe Asesino werfault.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback

18/11/12 20:59:33
A
18/11/12 20:59:33
D
call: DLL_PROCESS_DETACH
18/11/12 20:59:36
A
18/11/12 20:59:36
R
18/11/12 20:59:37
A
18/11/12 20:59:37
D
call: DLL_PROCESS_DETACH
18/11/12 20:59:37
A
18/11/12 20:59:37
D
call: DLL_PROCESS_DETACH
18/11/12 20:59:38
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:39
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:47
D
call: DLL_PROCESS_ATTACH
18/11/12 20:59:47
A
18/11/12 20:59:47
R
18/11/12 20:59:49
A
18/11/12 20:59:49
D
call: DLL_PROCESS_DETACH
18/11/12 21:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 21:00:01
A
18/11/12 21:00:01
D
call: DLL_PROCESS_DETACH
18/11/12 21:00:31
D
call: DLL_PROCESS_ATTACH
18/11/12 21:00:31
D
call: DLL_PROCESS_ATTACH
18/11/12 21:00:41
A
18/11/12 21:00:41
D
call: DLL_PROCESS_DETACH
18/11/12 21:01:40
D
call: DLL_PROCESS_ATTACH
18/11/12 21:01:41
D
call: DLL_PROCESS_ATTACH
18/11/12 21:01:45
A
18/11/12 21:02:02
A
18/11/12 21:02:02
D
call: DLL_PROCESS_DETACH
18/11/12 21:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 21:02:42
A
18/11/12 21:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 21:04:11
A
18/11/12 21:04:11
R
18/11/12 21:04:21
A
18/11/12 21:04:21
R
18/11/12 21:04:22
A
18/11/12 21:04:22
R
18/11/12 21:04:22
A
18/11/12 21:04:22
D
call: DLL_PROCESS_DETACH
18/11/12 21:06:31
D
call: DLL_PROCESS_ATTACH
18/11/12 21:06:31
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtSuspendProcessCallback
La victima es chrome.exe Asesino werfault.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for

18/11/12 21:06:41
A
18/11/12 21:06:41
D
call: DLL_PROCESS_DETACH
18/11/12 21:10:41
A
18/11/12 21:10:41
D
call: DLL_PROCESS_DETACH
18/11/12 21:10:56
D
call: DLL_PROCESS_ATTACH
18/11/12 21:11:01
A
18/11/12 21:11:01
A
18/11/12 21:11:01
D
call: DLL_PROCESS_DETACH
18/11/12 21:11:32
D
call: DLL_PROCESS_ATTACH
18/11/12 21:11:33
D
call: DLL_PROCESS_ATTACH
18/11/12 21:11:38
A
18/11/12 21:11:38
A
18/11/12 21:11:38
D
call: DLL_PROCESS_DETACH
18/11/12 21:11:49
D
call: DLL_PROCESS_ATTACH
18/11/12 21:11:51
A
18/11/12 21:12:01
A
18/11/12 21:12:01
D
call: DLL_PROCESS_ATTACH
18/11/12 21:12:01
A
18/11/12 21:12:01
O
18/11/12 21:12:01
V
18/11/12 21:12:01
V
18/11/12 21:12:01
A
18/11/12 21:12:02
A
18/11/12 21:12:02
A
18/11/12 21:12:02
O
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:12:02
F
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:12:02
A
18/11/12 21:12:02
A
18/11/12 21:12:02
A
18/11/12 21:12:02
O
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:12:02
F
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:12:02
A
18/11/12 21:12:02
A
18/11/12 21:12:02
A
18/11/12 21:12:02
O
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:12:02
F
18/11/12 21:12:02
V
18/11/12 21:12:02
V
18/11/12 21:17:02
D
call: DLL_PROCESS_ATTACH
18/11/12 21:17:26
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4123328512 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback

18/11/12 21:17:26
D
call: DLL_PROCESS_DETACH
18/11/12 21:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 21:17:42
A
18/11/12 21:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 21:18:09
D
call: DLL_PROCESS_ATTACH
18/11/12 21:18:14
A
18/11/12 21:18:14
A
18/11/12 21:18:14
D
call: DLL_PROCESS_DETACH
18/11/12 21:19:44
D
call: DLL_PROCESS_ATTACH
18/11/12 21:19:44
D
call: DLL_PROCESS_ATTACH
18/11/12 21:19:55
A
18/11/12 21:19:55
D
call: DLL_PROCESS_DETACH
18/11/12 21:19:56
A
18/11/12 21:19:56
D
call: DLL_PROCESS_DETACH
18/11/12 21:20:01
A
18/11/12 21:20:01
D
call: DLL_PROCESS_DETACH
18/11/12 21:21:57
D
call: DLL_PROCESS_ATTACH
18/11/12 21:21:58
A
18/11/12 21:21:58
F
18/11/12 21:21:58
A
18/11/12 21:21:58
F
18/11/12 21:22:01
A
18/11/12 21:22:01
D
call: DLL_PROCESS_DETACH
18/11/12 21:22:36
A
18/11/12 21:22:36
F
18/11/12 21:23:39
A
18/11/12 21:23:39
F
18/11/12 21:23:39
A
18/11/12 21:23:39
F
18/11/12 21:24:10
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:11
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:13
A
18/11/12 21:24:13
F
18/11/12 21:24:14
A
18/11/12 21:24:14
F
18/11/12 21:24:25
A
18/11/12 21:24:25
D
call: DLL_PROCESS_DETACH
18/11/12 21:24:26
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:33
A
18/11/12 21:24:33
D
call: DLL_PROCESS_DETACH
18/11/12 21:24:38
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:42
A

Enter DllMain -> Handle: 4123328512 - Reason for

Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback

18/11/12 21:24:42
A
18/11/12 21:24:42
D
call: DLL_PROCESS_DETACH
18/11/12 21:24:42
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:57
A
18/11/12 21:24:57
A
18/11/12 21:24:57
D
call: DLL_PROCESS_DETACH
18/11/12 21:24:58
D
call: DLL_PROCESS_ATTACH
18/11/12 21:24:58
A
18/11/12 21:24:58
D
call: DLL_PROCESS_DETACH
18/11/12 21:24:58
D
call: DLL_PROCESS_ATTACH
18/11/12 21:25:03
A
18/11/12 21:25:03
F
18/11/12 21:25:03
A
18/11/12 21:25:03
F
18/11/12 21:25:03
A
18/11/12 21:25:03
A
18/11/12 21:25:03
D
call: DLL_PROCESS_DETACH
18/11/12 21:25:29
A
18/11/12 21:25:29
F
18/11/12 21:25:30
D
call: DLL_PROCESS_ATTACH
18/11/12 21:25:30
A
18/11/12 21:25:30
F
18/11/12 21:25:35
A
18/11/12 21:25:35
A
18/11/12 21:25:35
D
call: DLL_PROCESS_DETACH
18/11/12 21:25:39
D
call: DLL_PROCESS_ATTACH
18/11/12 21:25:44
A
18/11/12 21:25:44
A
18/11/12 21:25:44
D
call: DLL_PROCESS_DETACH
18/11/12 21:25:46
D
call: DLL_PROCESS_ATTACH
18/11/12 21:25:51
A
18/11/12 21:25:51
A
18/11/12 21:25:51
D
call: DLL_PROCESS_DETACH
18/11/12 21:25:56
D
call: DLL_PROCESS_ATTACH
18/11/12 21:26:06
A
18/11/12 21:26:06
A
18/11/12 21:26:06
D
call: DLL_PROCESS_DETACH
18/11/12 21:26:06
A
18/11/12 21:26:06
F
18/11/12 21:26:06
A
18/11/12 21:26:06
F
18/11/12 21:26:07
A
18/11/12 21:26:07
F
18/11/12 21:26:14
A
18/11/12 21:26:14
F

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

18/11/12 21:26:15
A
18/11/12 21:26:15
F
18/11/12 21:26:25
D
call: DLL_PROCESS_ATTACH
18/11/12 21:26:28
A
18/11/12 21:26:28
D
call: DLL_PROCESS_DETACH
18/11/12 21:27:07
D
call: DLL_PROCESS_ATTACH
18/11/12 21:27:14
A
18/11/12 21:27:14
A
18/11/12 21:27:14
D
call: DLL_PROCESS_DETACH
18/11/12 21:27:21
D
call: DLL_PROCESS_ATTACH
18/11/12 21:27:26
A
18/11/12 21:27:26
A
18/11/12 21:27:26
D
call: DLL_PROCESS_DETACH
18/11/12 21:27:30
D
call: DLL_PROCESS_ATTACH
18/11/12 21:27:35
A
18/11/12 21:27:35
A
18/11/12 21:27:35
D
call: DLL_PROCESS_DETACH
18/11/12 21:28:10
D
call: DLL_PROCESS_ATTACH
18/11/12 21:28:15
A
18/11/12 21:28:15
A
18/11/12 21:28:15
D
call: DLL_PROCESS_DETACH
18/11/12 21:28:38
D
call: DLL_PROCESS_ATTACH
18/11/12 21:28:43
A
18/11/12 21:28:43
A
18/11/12 21:28:43
D
call: DLL_PROCESS_DETACH
18/11/12 21:28:49
D
call: DLL_PROCESS_ATTACH
18/11/12 21:28:56
A
18/11/12 21:28:56
A
18/11/12 21:28:56
D
call: DLL_PROCESS_DETACH
18/11/12 21:29:02
A
18/11/12 21:29:02
F
18/11/12 21:29:03
A
18/11/12 21:29:03
F
18/11/12 21:29:03
A
18/11/12 21:29:03
F
18/11/12 21:29:30
A
18/11/12 21:29:30
F
18/11/12 21:29:30
A
18/11/12 21:29:30
F
18/11/12 21:29:42
D
call: DLL_PROCESS_ATTACH
18/11/12 21:29:46
D
call: DLL_PROCESS_ATTACH
18/11/12 21:29:50
A
18/11/12 21:29:50
A
18/11/12 21:29:50
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for

call: DLL_PROCESS_DETACH
18/11/12 21:29:53
D
call: DLL_PROCESS_ATTACH
18/11/12 21:29:53
A
18/11/12 21:29:53
D
call: DLL_PROCESS_DETACH
18/11/12 21:29:53
D
call: DLL_PROCESS_ATTACH
18/11/12 21:29:54
A
18/11/12 21:29:54
F
18/11/12 21:29:54
A
18/11/12 21:29:54
F
18/11/12 21:29:55
A
18/11/12 21:29:55
F
18/11/12 21:29:58
A
18/11/12 21:29:58
A
18/11/12 21:29:58
D
call: DLL_PROCESS_DETACH
18/11/12 21:32:33
D
call: DLL_PROCESS_ATTACH
18/11/12 21:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 21:32:43
A
18/11/12 21:32:43
D
call: DLL_PROCESS_DETACH
18/11/12 21:34:01
A
18/11/12 21:34:01
D
call: DLL_PROCESS_DETACH
18/11/12 21:47:43
D
call: DLL_PROCESS_ATTACH
18/11/12 21:47:43
A
18/11/12 21:47:43
D
call: DLL_PROCESS_DETACH
18/11/12 21:47:55
A
18/11/12 21:47:55
F
18/11/12 21:47:56
A
18/11/12 21:47:56
F
18/11/12 21:47:58
A
18/11/12 21:47:58
F
18/11/12 21:48:09
D
call: DLL_PROCESS_ATTACH
18/11/12 21:48:09
D
call: DLL_PROCESS_ATTACH
18/11/12 21:48:29
D
call: DLL_PROCESS_ATTACH
18/11/12 21:48:29
A
18/11/12 21:48:29
R
18/11/12 21:48:48
D
call: DLL_PROCESS_ATTACH
18/11/12 21:48:58
D
call: DLL_PROCESS_ATTACH
18/11/12 21:49:29
A
18/11/12 21:49:29
D
call: DLL_PROCESS_DETACH
18/11/12 21:51:49
A
18/11/12 21:51:49
F
18/11/12 22:00:01
D
call: DLL_PROCESS_ATTACH
18/11/12 22:00:02
A
18/11/12 22:00:02
D

Enter DllMain -> Handle: 1941241856 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for

call: DLL_PROCESS_DETACH
18/11/12 22:02:42
D
call: DLL_PROCESS_ATTACH
18/11/12 22:02:42
A
18/11/12 22:02:42
D
call: DLL_PROCESS_DETACH
18/11/12 22:04:29
D
call: DLL_PROCESS_ATTACH
18/11/12 22:04:30
A
18/11/12 22:04:30
D
call: DLL_PROCESS_DETACH
18/11/12 22:17:42
D
call: DLL_PROCESS_ATTACH
18/11/12 22:17:42
A
18/11/12 22:17:42
D
call: DLL_PROCESS_DETACH
18/11/12 22:19:29
D
call: DLL_PROCESS_ATTACH
18/11/12 22:19:32
A
18/11/12 22:19:32
D
call: DLL_PROCESS_DETACH
18/11/12 22:21:59
A
18/11/12 22:21:59
R
18/11/12 22:21:59
A
18/11/12 22:21:59
R
18/11/12 22:21:59
A
18/11/12 22:21:59
D
call: DLL_PROCESS_DETACH
18/11/12 22:21:59
A
18/11/12 22:21:59
D
call: DLL_PROCESS_DETACH
18/11/12 22:22:17
A
18/11/12 22:22:17
D
call: DLL_PROCESS_DETACH
18/11/12 22:22:17
A
18/11/12 22:22:17
D
call: DLL_PROCESS_DETACH
18/11/12 22:22:19
A
18/11/12 22:22:19
F
18/11/12 22:22:19
A
18/11/12 22:22:20
D
call: DLL_PROCESS_ATTACH
18/11/12 22:22:20
D
call: DLL_PROCESS_ATTACH
18/11/12 22:22:27
D
call: DLL_PROCESS_ATTACH
18/11/12 22:22:28
A
18/11/12 22:22:28
R
18/11/12 22:28:40
A
18/11/12 22:28:40
R
18/11/12 22:28:41
A
18/11/12 22:28:41
D
call: DLL_PROCESS_DETACH
18/11/12 22:32:42
D
call: DLL_PROCESS_ATTACH
18/11/12 22:32:42
A
18/11/12 22:32:42
D
call: DLL_PROCESS_DETACH
18/11/12 22:34:32
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4123328512 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for

18/11/12 22:34:38
A
18/11/12 22:34:38
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:43
D
call: DLL_PROCESS_DETACH
18/11/12 22:35:44
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
A
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
A
19/11/12 13:08:01
A
19/11/12 13:08:01
A
19/11/12 13:08:01
A
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:01
A
19/11/12 13:08:01
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 4123328512 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 1941241856 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 13:08:01
A
19/11/12 13:08:01
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:04
A
19/11/12 13:08:04
A
19/11/12 13:08:04
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:05
A
19/11/12 13:08:05
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:05
A
19/11/12 13:08:05
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:05
A
19/11/12 13:08:05
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:09
D
call: DLL_PROCESS_ATTACH
19/11/12 13:08:09
A
19/11/12 13:08:09
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:21
A
19/11/12 13:08:21
D
call: DLL_PROCESS_DETACH
19/11/12 13:08:32
D
call: DLL_PROCESS_ATTACH
19/11/12 13:09:21
A
19/11/12 13:09:21
D
call: DLL_PROCESS_DETACH
19/11/12 13:09:21
A
19/11/12 13:09:21
D
call: DLL_PROCESS_DETACH
19/11/12 13:09:32
D
call: DLL_PROCESS_ATTACH
19/11/12 13:09:33
A
19/11/12 13:09:33
F
19/11/12 13:09:33
A
19/11/12 13:09:33
F
19/11/12 13:09:33
A
19/11/12 13:09:33
F
19/11/12 13:09:33
A
19/11/12 13:09:33
F
19/11/12 13:09:40
D
call: DLL_PROCESS_ATTACH
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1944977408 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:41
A
19/11/12 13:09:41
F
19/11/12 13:09:42
A
19/11/12 13:09:42
F
19/11/12 13:09:52
D
call: DLL_PROCESS_ATTACH
19/11/12 13:09:54
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:07
A
19/11/12 13:10:11
A
19/11/12 13:10:11
D
call: DLL_PROCESS_DETACH
19/11/12 13:10:14
A
19/11/12 13:10:14
F
19/11/12 13:10:15
A
19/11/12 13:10:15
F
19/11/12 13:10:15
A
19/11/12 13:10:15
F
19/11/12 13:10:22
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:23
A
19/11/12 13:10:23
F
19/11/12 13:10:23
A
19/11/12 13:10:23
F
19/11/12 13:10:24
A
19/11/12 13:10:24
F
19/11/12 13:10:24
A
19/11/12 13:10:24
F
19/11/12 13:10:24
A
19/11/12 13:10:24
F
19/11/12 13:10:24
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:31
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:31
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:31
A
19/11/12 13:10:31
A
19/11/12 13:10:31
D
call: DLL_PROCESS_DETACH
19/11/12 13:10:56
D
call: DLL_PROCESS_ATTACH
19/11/12 13:10:57
D
call: DLL_PROCESS_ATTACH
19/11/12 13:11:01
A
19/11/12 13:11:01
A
19/11/12 13:11:01
D
call: DLL_PROCESS_DETACH
19/11/12 13:11:02
A
19/11/12 13:11:02
A
19/11/12 13:11:02
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:02
D

lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4122411008 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for

call: DLL_PROCESS_ATTACH
19/11/12 13:14:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:14:05
A
19/11/12 13:14:05
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:08
A
19/11/12 13:14:08
F
19/11/12 13:14:08
D
call: DLL_PROCESS_ATTACH
19/11/12 13:14:09
A
19/11/12 13:14:09
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:10
D
call: DLL_PROCESS_ATTACH
19/11/12 13:14:15
A
19/11/12 13:14:15
A
19/11/12 13:14:15
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:34
A
19/11/12 13:14:34
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:34
A
19/11/12 13:14:34
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:34
A
19/11/12 13:14:34
D
call: DLL_PROCESS_DETACH
19/11/12 13:14:36
D
call: DLL_PROCESS_ATTACH
19/11/12 13:16:06
A
19/11/12 13:16:06
D
call: DLL_PROCESS_DETACH
19/11/12 13:17:51
D
call: DLL_PROCESS_ATTACH
19/11/12 13:17:56
A
19/11/12 13:20:51
D
call: DLL_PROCESS_ATTACH
19/11/12 13:20:52
A
19/11/12 13:20:52
D
call: DLL_PROCESS_DETACH
19/11/12 13:22:52
D
call: DLL_PROCESS_ATTACH
19/11/12 13:22:57
A
19/11/12 13:24:17
D
call: DLL_PROCESS_ATTACH
19/11/12 13:24:22
A
19/11/12 13:24:22
A
19/11/12 13:24:22
D
call: DLL_PROCESS_DETACH
19/11/12 13:25:53
D
call: DLL_PROCESS_ATTACH
19/11/12 13:25:53
D
call: DLL_PROCESS_ATTACH
19/11/12 13:25:58
D
call: DLL_PROCESS_ATTACH
19/11/12 13:25:59
D
call: DLL_PROCESS_ATTACH
19/11/12 13:26:03
A
19/11/12 13:26:03
A

Enter DllMain -> Handle: 1944977408 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback

19/11/12 13:26:03
D
call: DLL_PROCESS_DETACH
19/11/12 13:26:04
A
19/11/12 13:26:04
A
19/11/12 13:26:04
D
call: DLL_PROCESS_DETACH
19/11/12 13:27:03
D
call: DLL_PROCESS_ATTACH
19/11/12 13:27:08
A
19/11/12 13:27:08
D
call: DLL_PROCESS_DETACH
19/11/12 13:27:13
D
call: DLL_PROCESS_ATTACH
19/11/12 13:27:18
A
19/11/12 13:27:18
D
call: DLL_PROCESS_DETACH
19/11/12 13:27:19
D
call: DLL_PROCESS_ATTACH
19/11/12 13:27:19
D
call: DLL_PROCESS_ATTACH
19/11/12 13:27:19
A
19/11/12 13:27:19
D
call: DLL_PROCESS_DETACH
19/11/12 13:27:22
A
19/11/12 13:27:22
D
call: DLL_PROCESS_DETACH
19/11/12 13:27:28
A
19/11/12 13:27:28
D
call: DLL_PROCESS_DETACH
19/11/12 13:29:19
A
19/11/12 13:29:19
D
call: DLL_PROCESS_DETACH
19/11/12 13:29:19
A
19/11/12 13:29:19
D
call: DLL_PROCESS_DETACH
19/11/12 13:30:55
D
call: DLL_PROCESS_ATTACH
19/11/12 13:30:57
D
call: DLL_PROCESS_ATTACH
19/11/12 13:31:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:31:05
A
19/11/12 13:31:05
D
call: DLL_PROCESS_DETACH
19/11/12 13:31:07
A
19/11/12 13:31:07
A
19/11/12 13:31:07
D
call: DLL_PROCESS_DETACH
19/11/12 13:31:10
A
19/11/12 13:31:10
D
call: DLL_PROCESS_DETACH
19/11/12 13:31:14
D
call: DLL_PROCESS_ATTACH
19/11/12 13:31:14
A
19/11/12 13:31:14
F
19/11/12 13:31:14
A
19/11/12 13:31:14
F
19/11/12 13:31:14
A
19/11/12 13:31:14
F
19/11/12 13:31:14
A

Enter DllMain -> Handle: 4122411008 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

19/11/12 13:31:14
F
19/11/12 13:31:15
A
19/11/12 13:31:15
D
call: DLL_PROCESS_DETACH
19/11/12 13:31:49
A
19/11/12 13:31:49
F
19/11/12 13:32:07
A
19/11/12 13:32:13
D
call: DLL_PROCESS_ATTACH
19/11/12 13:32:18
D
call: DLL_PROCESS_ATTACH
19/11/12 13:41:03
D
call: DLL_PROCESS_ATTACH
19/11/12 13:41:09
A
19/11/12 13:41:09
D
call: DLL_PROCESS_DETACH
19/11/12 13:41:09
A
19/11/12 13:41:09
D
call: DLL_PROCESS_DETACH
19/11/12 13:41:15
D
call: DLL_PROCESS_ATTACH
19/11/12 13:41:21
D
call: DLL_PROCESS_ATTACH
19/11/12 13:41:26
D
call: DLL_PROCESS_ATTACH
19/11/12 13:41:38
A
19/11/12 13:41:38
R
.exe
19/11/12 13:41:52
A
19/11/12 13:41:52
D
call: DLL_PROCESS_DETACH
19/11/12 13:42:12
D
call: DLL_PROCESS_ATTACH
19/11/12 13:42:15
D
call: DLL_PROCESS_DETACH
19/11/12 13:42:18
A
19/11/12 13:42:18
D
call: DLL_PROCESS_DETACH
19/11/12 13:43:02
D
call: DLL_PROCESS_ATTACH
19/11/12 13:43:12
D
call: DLL_PROCESS_ATTACH
19/11/12 13:43:13
A
19/11/12 13:43:13
D
call: DLL_PROCESS_DETACH
19/11/12 13:43:18
A
19/11/12 13:43:18
A
19/11/12 13:43:18
D
call: DLL_PROCESS_DETACH
19/11/12 13:54:08
A
19/11/12 13:55:07
D
call: DLL_PROCESS_ATTACH
19/11/12 13:55:07
A
19/11/12 13:55:07
D
call: DLL_PROCESS_DETACH
19/11/12 13:58:39
A
19/11/12 13:58:39
D
call: DLL_PROCESS_DETACH
19/11/12 13:58:40
A
19/11/12 13:58:40
D

lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
La victima es CMStarterCore.exe Asesino taskmgr
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4122411008 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944977408 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 13:58:43
A
19/11/12 13:58:43
F
19/11/12 13:58:43
A
19/11/12 13:58:43
F
19/11/12 13:58:43
A
19/11/12 13:58:43
F
19/11/12 13:58:43
A
19/11/12 13:58:43
F
19/11/12 14:01:10
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:10
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
A
19/11/12 14:01:11
A
19/11/12 14:01:11
A
19/11/12 14:01:11
A
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:11
A
19/11/12 14:01:11
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:11
A
19/11/12 14:01:11
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:11
A
19/11/12 14:01:11
A
19/11/12 14:01:11
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:13
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:13
D
call: DLL_PROCESS_ATTACH
19/11/12 14:01:15
A
19/11/12 14:01:15
A
19/11/12 14:01:15
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:15
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:16
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback

19/11/12 14:01:16
F
19/11/12 14:01:16
A
19/11/12 14:01:16
F
19/11/12 14:01:16
A
19/11/12 14:01:16
F
19/11/12 14:01:17
A
19/11/12 14:01:17
F
19/11/12 14:01:17
A
19/11/12 14:01:17
F
19/11/12 14:01:17
A
19/11/12 14:01:17
F
19/11/12 14:01:24
A
19/11/12 14:01:24
D
call: DLL_PROCESS_DETACH
19/11/12 14:01:29
A
19/11/12 14:01:29
D
call: DLL_PROCESS_DETACH
19/11/12 14:07:01
D
call: DLL_PROCESS_ATTACH
19/11/12 14:07:02
D
call: DLL_PROCESS_ATTACH
19/11/12 14:07:09
D
call: DLL_PROCESS_ATTACH
19/11/12 14:07:10
A
19/11/12 14:07:10
R
19/11/12 14:07:30
D
call: DLL_PROCESS_ATTACH
19/11/12 14:13:59
D
call: DLL_PROCESS_ATTACH
19/11/12 14:13:59
A
19/11/12 14:13:59
D
call: DLL_PROCESS_DETACH
19/11/12 14:16:00
D
call: DLL_PROCESS_ATTACH
19/11/12 14:16:05
A
19/11/12 14:43:25
A
19/11/12 14:43:25
R
19/11/12 14:43:26
A
19/11/12 14:43:26
D
call: DLL_PROCESS_DETACH
19/11/12 14:43:26
A
19/11/12 14:43:26
D
call: DLL_PROCESS_DETACH
19/11/12 14:44:51
A
19/11/12 14:44:51
D
call: DLL_PROCESS_DETACH
19/11/12 14:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 14:48:05
A
19/11/12 14:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 15:00:01
D
call: DLL_PROCESS_ATTACH
19/11/12 15:00:01
A
19/11/12 15:00:01
D
call: DLL_PROCESS_DETACH
19/11/12 15:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 15:03:05
A
19/11/12 15:03:05
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 15:14:21
D
call: DLL_PROCESS_ATTACH
19/11/12 15:14:21
D
call: DLL_PROCESS_ATTACH
19/11/12 15:14:27
D
call: DLL_PROCESS_ATTACH
19/11/12 15:14:57
A
19/11/12 15:14:57
R
19/11/12 15:15:23
D
call: DLL_PROCESS_ATTACH
19/11/12 15:17:45
D
call: DLL_PROCESS_ATTACH
19/11/12 15:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 15:18:05
A
19/11/12 15:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 15:18:39
A
19/11/12 15:18:39
R
19/11/12 15:21:43
A
19/11/12 15:23:26
A
19/11/12 15:23:26
D
call: DLL_PROCESS_DETACH
19/11/12 15:25:15
A
19/11/12 15:25:15
R
19/11/12 15:25:15
A
19/11/12 15:25:15
D
call: DLL_PROCESS_DETACH
19/11/12 15:25:16
A
19/11/12 15:25:16
D
call: DLL_PROCESS_DETACH
19/11/12 15:25:18
D
call: DLL_PROCESS_ATTACH
19/11/12 15:25:18
D
call: DLL_PROCESS_ATTACH
19/11/12 15:25:25
D
call: DLL_PROCESS_ATTACH
19/11/12 15:25:55
A
19/11/12 15:25:55
R
19/11/12 15:27:52
D
call: DLL_PROCESS_ATTACH
19/11/12 15:29:42
D
call: DLL_PROCESS_ATTACH
19/11/12 15:29:47
A
19/11/12 15:30:01
D
call: DLL_PROCESS_ATTACH
19/11/12 15:30:01
A
19/11/12 15:30:01
D
call: DLL_PROCESS_DETACH
19/11/12 15:30:02
D
call: DLL_PROCESS_ATTACH
19/11/12 15:30:02
A
19/11/12 15:30:02
D
call: DLL_PROCESS_DETACH
19/11/12 15:30:07
D
call: DLL_PROCESS_ATTACH
19/11/12 15:30:33
A
19/11/12 15:30:33
R
19/11/12 15:31:02
D

Enter DllMain -> Handle: 1945108480 - Reason for

Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
Enter DllMain -> Handle: 4119724032 - Reason for

call: DLL_PROCESS_ATTACH
19/11/12 15:31:07
A
19/11/12 15:31:07
A
19/11/12 15:31:07
D
call: DLL_PROCESS_DETACH
19/11/12 15:31:17
D
call: DLL_PROCESS_ATTACH
19/11/12 15:31:22
A
19/11/12 15:31:23
D
call: DLL_PROCESS_ATTACH
19/11/12 15:31:30
A
19/11/12 15:31:30
A
19/11/12 15:31:30
D
call: DLL_PROCESS_DETACH
19/11/12 15:31:39
A
19/11/12 15:31:39
D
call: DLL_PROCESS_DETACH
19/11/12 15:31:43
D
call: DLL_PROCESS_ATTACH
19/11/12 15:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 15:33:05
A
19/11/12 15:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 15:33:21
A
19/11/12 15:33:21
D
call: DLL_PROCESS_ATTACH
19/11/12 15:33:21
A
19/11/12 15:33:21
O
19/11/12 15:33:21
V
19/11/12 15:33:21
V
19/11/12 15:33:21
A
19/11/12 15:33:21
A
19/11/12 15:33:21
O
19/11/12 15:33:21
V
19/11/12 15:33:21
V
19/11/12 15:33:21
A
19/11/12 15:33:21
A
19/11/12 15:33:21
O
19/11/12 15:33:21
V
19/11/12 15:33:21
V
19/11/12 15:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 15:48:05
A
19/11/12 15:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 16:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 16:00:00
A
19/11/12 16:00:00
D
call: DLL_PROCESS_DETACH
19/11/12 16:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 16:03:05
A
19/11/12 16:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 16:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 16:18:05
A
19/11/12 16:18:05
D

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4119724032 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 16:22:23
D
call: DLL_PROCESS_ATTACH
19/11/12 16:22:30
A
19/11/12 16:22:30
A
19/11/12 16:22:30
D
call: DLL_PROCESS_DETACH
19/11/12 16:22:32
D
call: DLL_PROCESS_ATTACH
19/11/12 16:22:39
A
19/11/12 16:22:39
A
19/11/12 16:22:39
D
call: DLL_PROCESS_DETACH
19/11/12 16:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 16:33:05
A
19/11/12 16:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 16:46:30
D
call: DLL_PROCESS_ATTACH
19/11/12 16:46:37
A
19/11/12 16:46:37
A
19/11/12 16:46:37
D
call: DLL_PROCESS_DETACH
19/11/12 16:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 16:48:05
A
19/11/12 16:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 16:49:35
A
19/11/12 16:50:38
D
call: DLL_PROCESS_ATTACH
19/11/12 16:50:45
A
19/11/12 16:50:45
A
19/11/12 16:50:45
D
call: DLL_PROCESS_DETACH
19/11/12 17:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 17:00:00
A
19/11/12 17:00:00
D
call: DLL_PROCESS_DETACH
19/11/12 17:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 17:03:05
A
19/11/12 17:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 17:09:52
D
call: DLL_PROCESS_ATTACH
19/11/12 17:09:59
A
19/11/12 17:09:59
A
19/11/12 17:09:59
D
call: DLL_PROCESS_DETACH
19/11/12 17:10:54
D
call: DLL_PROCESS_ATTACH
19/11/12 17:11:00
A
19/11/12 17:11:00
A
19/11/12 17:11:01
D
call: DLL_PROCESS_DETACH
19/11/12 17:11:11
A
19/11/12 17:11:11
D

Enter DllMain -> Handle: 4119724032 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 17:11:16
D
call: DLL_PROCESS_ATTACH
19/11/12 17:11:17
D
call: DLL_PROCESS_ATTACH
19/11/12 17:11:27
A
19/11/12 17:11:27
D
call: DLL_PROCESS_DETACH
19/11/12 17:12:14
D
call: DLL_PROCESS_ATTACH
19/11/12 17:12:19
A
19/11/12 17:12:27
D
call: DLL_PROCESS_ATTACH
19/11/12 17:12:39
A
19/11/12 17:13:21
A
19/11/12 17:13:21
D
call: DLL_PROCESS_DETACH
19/11/12 17:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 17:18:05
A
19/11/12 17:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 17:25:20
A
19/11/12 17:25:20
D
call: DLL_PROCESS_DETACH
19/11/12 17:25:34
A
19/11/12 17:25:34
D
call: DLL_PROCESS_DETACH
19/11/12 17:26:34
D
call: DLL_PROCESS_ATTACH
19/11/12 17:26:58
A
19/11/12 17:26:58
R
19/11/12 17:26:59
A
19/11/12 17:26:59
D
call: DLL_PROCESS_DETACH
19/11/12 17:26:59
A
19/11/12 17:26:59
D
call: DLL_PROCESS_DETACH
19/11/12 17:27:01
D
call: DLL_PROCESS_ATTACH
19/11/12 17:27:01
D
call: DLL_PROCESS_ATTACH
19/11/12 17:27:08
A
19/11/12 17:27:08
R
19/11/12 17:27:09
A
19/11/12 17:27:09
D
call: DLL_PROCESS_DETACH
19/11/12 17:30:38
D
call: DLL_PROCESS_ATTACH
19/11/12 17:30:38
D
call: DLL_PROCESS_ATTACH
19/11/12 17:30:56
D
call: DLL_PROCESS_ATTACH
19/11/12 17:30:57
A
19/11/12 17:30:57
R
19/11/12 17:31:33
D
call: DLL_PROCESS_ATTACH
19/11/12 17:31:34
A
19/11/12 17:31:34
R
19/11/12 17:31:45
D

Enter DllMain -> Handle: 1945108480 - Reason for

Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for

call: DLL_PROCESS_ATTACH
19/11/12 17:32:12
D
call: DLL_PROCESS_ATTACH
19/11/12 17:32:19
D
call: DLL_PROCESS_ATTACH
19/11/12 17:32:21
A
19/11/12 17:32:21
R
19/11/12 17:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 17:33:05
A
19/11/12 17:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 17:33:20
D
call: DLL_PROCESS_ATTACH
19/11/12 17:34:00
A
19/11/12 17:34:00
D
call: DLL_PROCESS_DETACH
19/11/12 17:37:14
A
19/11/12 17:37:14
R
19/11/12 17:37:14
A
19/11/12 17:37:14
R
19/11/12 17:37:15
A
19/11/12 17:37:15
D
call: DLL_PROCESS_DETACH
19/11/12 17:37:15
A
19/11/12 17:37:15
D
call: DLL_PROCESS_DETACH
19/11/12 17:37:16
D
call: DLL_PROCESS_ATTACH
19/11/12 17:37:16
D
call: DLL_PROCESS_ATTACH
19/11/12 17:37:22
D
call: DLL_PROCESS_ATTACH
19/11/12 17:37:25
A
19/11/12 17:37:25
R
19/11/12 17:37:38
D
call: DLL_PROCESS_ATTACH
19/11/12 17:37:38
A
19/11/12 17:37:38
D
call: DLL_PROCESS_DETACH
19/11/12 17:37:41
D
call: DLL_PROCESS_ATTACH
19/11/12 17:37:41
A
19/11/12 17:37:41
D
call: DLL_PROCESS_DETACH
19/11/12 17:38:04
D
call: DLL_PROCESS_ATTACH
19/11/12 17:38:09
A
19/11/12 17:38:09
A
19/11/12 17:38:09
D
call: DLL_PROCESS_DETACH
19/11/12 17:38:18
D
call: DLL_PROCESS_ATTACH
19/11/12 17:40:24
A
19/11/12 17:40:24
F
19/11/12 17:41:43
D
call: DLL_PROCESS_ATTACH
19/11/12 17:41:46
D
call: DLL_PROCESS_ATTACH
19/11/12 17:41:48
A

Enter DllMain -> Handle: 1945108480 - Reason for

Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback

19/11/12 17:41:48
R
19/11/12 17:41:53
D
call: DLL_PROCESS_ATTACH
19/11/12 17:42:23
A
19/11/12 17:42:23
R
19/11/12 17:42:35
A
19/11/12 17:42:35
F
19/11/12 17:45:56
D
call: DLL_PROCESS_ATTACH
19/11/12 17:46:26
A
19/11/12 17:46:26
R
19/11/12 17:46:40
D
call: DLL_PROCESS_ATTACH
19/11/12 17:46:44
D
call: DLL_PROCESS_ATTACH
19/11/12 17:46:44
A
19/11/12 17:46:44
R
19/11/12 17:46:45
D
call: DLL_PROCESS_ATTACH
19/11/12 17:46:55
A
19/11/12 17:46:55
R
19/11/12 17:47:48
D
call: DLL_PROCESS_ATTACH
19/11/12 17:47:50
D
call: DLL_PROCESS_ATTACH
19/11/12 17:47:51
A
19/11/12 17:47:51
R
19/11/12 17:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 17:48:05
A
19/11/12 17:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 17:58:21
A
19/11/12 17:58:21
R
19/11/12 17:58:23
D
call: DLL_PROCESS_ATTACH
19/11/12 17:58:24
D
call: DLL_PROCESS_ATTACH
19/11/12 17:58:29
A
19/11/12 17:58:29
R
19/11/12 17:58:47
D
call: DLL_PROCESS_ATTACH
19/11/12 17:59:17
A
19/11/12 17:59:17
R
19/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
19/11/12 18:00:01
A
19/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
19/11/12 18:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 18:03:05
A
19/11/12 18:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 18:04:20
D
call: DLL_PROCESS_ATTACH
19/11/12 18:04:22
A
19/11/12 18:04:22
R
19/11/12 18:04:31
D
call: DLL_PROCESS_ATTACH

La victima es chrome.exe Asesino chrome.exe

Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for

19/11/12 18:04:31
A
19/11/12 18:04:33
D
call: DLL_PROCESS_ATTACH
19/11/12 18:04:50
A
19/11/12 18:04:50
D
call: DLL_PROCESS_ATTACH
19/11/12 18:04:51
A
19/11/12 18:04:51
O
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
O
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
F
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
O
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
F
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
A
19/11/12 18:04:51
O
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:04:51
F
19/11/12 18:04:51
V
19/11/12 18:04:51
V
19/11/12 18:05:03
A
19/11/12 18:05:03
R
19/11/12 18:05:55
D
call: DLL_PROCESS_ATTACH
19/11/12 18:06:25
A
19/11/12 18:06:25
R
19/11/12 18:07:12
D
call: DLL_PROCESS_ATTACH
19/11/12 18:07:35
A
19/11/12 18:07:35
R
19/11/12 18:07:36
A
19/11/12 18:07:36
R
19/11/12 18:07:37
A
19/11/12 18:07:37
R
19/11/12 18:07:42
A
19/11/12 18:07:42
R
19/11/12 18:09:10
D
call: DLL_PROCESS_ATTACH
19/11/12 18:09:11
D
call: DLL_PROCESS_ATTACH
19/11/12 18:09:13
A
19/11/12 18:09:13
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4119724032 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for

19/11/12 18:09:25
A
19/11/12 18:09:25
D
call: DLL_PROCESS_DETACH
19/11/12 18:10:25
A
19/11/12 18:10:25
O
19/11/12 18:10:25
V
19/11/12 18:10:25
V
19/11/12 18:10:25
A
19/11/12 18:10:25
A
19/11/12 18:10:25
A
19/11/12 18:10:25
O
19/11/12 18:10:25
V
19/11/12 18:10:25
V
19/11/12 18:10:25
F
19/11/12 18:10:25
V
19/11/12 18:10:25
V
19/11/12 18:10:26
A
19/11/12 18:10:26
D
call: DLL_PROCESS_DETACH
19/11/12 18:11:10
D
call: DLL_PROCESS_ATTACH
19/11/12 18:11:12
D
call: DLL_PROCESS_ATTACH
19/11/12 18:11:12
D
call: DLL_PROCESS_ATTACH
19/11/12 18:11:12
A
19/11/12 18:11:12
D
call: DLL_PROCESS_DETACH
19/11/12 18:11:13
A
19/11/12 18:11:13
D
call: DLL_PROCESS_DETACH
19/11/12 18:11:17
A
19/11/12 18:11:17
D
call: DLL_PROCESS_DETACH
19/11/12 18:12:45
A
19/11/12 18:12:45
R
19/11/12 18:12:45
A
19/11/12 18:12:46
D
call: DLL_PROCESS_DETACH
19/11/12 18:12:46
A
19/11/12 18:12:46
D
call: DLL_PROCESS_DETACH
19/11/12 18:12:50
A
19/11/12 18:12:50
D
call: DLL_PROCESS_DETACH
19/11/12 18:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 18:18:05
A
19/11/12 18:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 18:29:48
D
call: DLL_PROCESS_ATTACH
19/11/12 18:29:48
A
19/11/12 18:29:48
F
19/11/12 18:29:48
A
19/11/12 18:29:48
F
19/11/12 18:29:48
A
19/11/12 18:29:48
F
19/11/12 18:29:48
A
19/11/12 18:29:48
F

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

19/11/12 18:31:11
D
call: DLL_PROCESS_ATTACH
19/11/12 18:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 18:33:05
A
19/11/12 18:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 18:47:57
D
call: DLL_PROCESS_ATTACH
19/11/12 18:47:57
D
call: DLL_PROCESS_ATTACH
19/11/12 18:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 18:48:05
A
19/11/12 18:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 18:48:07
A
19/11/12 18:48:07
D
call: DLL_PROCESS_DETACH
19/11/12 18:51:01
A
19/11/12 18:51:01
D
call: DLL_PROCESS_DETACH
19/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 19:00:00
A
19/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
19/11/12 19:00:17
A
19/11/12 19:00:17
D
call: DLL_PROCESS_DETACH
19/11/12 19:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 19:03:05
A
19/11/12 19:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 19:15:17
D
call: DLL_PROCESS_ATTACH
19/11/12 19:15:37
A
19/11/12 19:15:37
D
call: DLL_PROCESS_DETACH
19/11/12 19:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 19:18:05
A
19/11/12 19:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 19:19:53
A
19/11/12 19:19:53
D
call: DLL_PROCESS_DETACH
19/11/12 19:19:53
A
19/11/12 19:19:53
D
call: DLL_PROCESS_DETACH
19/11/12 19:23:52
D
call: DLL_PROCESS_ATTACH
19/11/12 19:23:52
D
call: DLL_PROCESS_ATTACH
19/11/12 19:23:59
D
call: DLL_PROCESS_ATTACH
19/11/12 19:24:00
A

Enter DllMain -> Handle: 1945108480 - Reason for

Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback

19/11/12 19:24:00
R
19/11/12 19:24:34
D
call: DLL_PROCESS_ATTACH
19/11/12 19:25:14
D
call: DLL_PROCESS_ATTACH
19/11/12 19:29:33
D
call: DLL_PROCESS_ATTACH
19/11/12 19:30:37
D
call: DLL_PROCESS_ATTACH
19/11/12 19:31:01
A
19/11/12 19:31:01
D
call: DLL_PROCESS_DETACH
19/11/12 19:31:06
D
call: DLL_PROCESS_ATTACH
19/11/12 19:31:06
A
19/11/12 19:31:06
A
19/11/12 19:31:06
A
19/11/12 19:31:06
A
19/11/12 19:31:06
D
call: DLL_PROCESS_ATTACH
19/11/12 19:31:39
A
19/11/12 19:31:39
D
call: DLL_PROCESS_DETACH
19/11/12 19:31:41
A
19/11/12 19:31:41
D
call: DLL_PROCESS_DETACH
19/11/12 19:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 19:33:05
A
19/11/12 19:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 19:39:10
A
19/11/12 19:39:10
R
19/11/12 19:39:18
D
call: DLL_PROCESS_ATTACH
19/11/12 19:39:18
A
19/11/12 19:39:18
D
call: DLL_PROCESS_DETACH
19/11/12 19:39:18
D
call: DLL_PROCESS_ATTACH
19/11/12 19:39:19
A
19/11/12 19:39:19
F
19/11/12 19:39:41
A
19/11/12 19:39:41
F
19/11/12 19:39:41
A
19/11/12 19:39:41
F
19/11/12 19:39:41
A
19/11/12 19:39:41
F
19/11/12 19:40:52
A
19/11/12 19:40:52
F
19/11/12 19:45:23
A
19/11/12 19:45:23
F
19/11/12 19:45:23
A
19/11/12 19:45:23
F
19/11/12 19:45:24
A
19/11/12 19:45:24
F
19/11/12 19:45:42
A
19/11/12 19:45:42
F
19/11/12 19:45:48
A
19/11/12 19:45:48
D

La victima es chrome.exe Asesino chrome.exe

Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for

call: DLL_PROCESS_DETACH
19/11/12 19:45:50
A
19/11/12 19:45:50
F
19/11/12 19:45:50
A
19/11/12 19:45:50
F
19/11/12 19:45:50
A
19/11/12 19:45:50
F
19/11/12 19:46:01
D
call: DLL_PROCESS_ATTACH
19/11/12 19:46:03
A
19/11/12 19:46:03
F
19/11/12 19:46:09
A
19/11/12 19:46:09
F
19/11/12 19:46:09
A
19/11/12 19:46:09
F
19/11/12 19:46:09
A
19/11/12 19:46:09
F
19/11/12 19:46:16
D
call: DLL_PROCESS_ATTACH
19/11/12 19:46:18
A
19/11/12 19:46:18
R
19/11/12 19:46:27
A
19/11/12 19:46:27
D
call: DLL_PROCESS_DETACH
19/11/12 19:46:32
A
19/11/12 19:46:32
F
19/11/12 19:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 19:48:05
A
19/11/12 19:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 19:49:44
A
19/11/12 19:49:44
F
19/11/12 19:49:44
A
19/11/12 19:49:44
F
19/11/12 19:49:44
A
19/11/12 19:49:44
F
19/11/12 19:49:46
D
call: DLL_PROCESS_ATTACH
19/11/12 19:50:01
A
19/11/12 19:50:01
R
19/11/12 19:50:01
A
19/11/12 19:50:01
D
call: DLL_PROCESS_DETACH
19/11/12 19:50:02
A
19/11/12 19:50:02
D
call: DLL_PROCESS_DETACH
19/11/12 19:50:02
A
19/11/12 19:50:02
F
19/11/12 19:52:08
A
19/11/12 19:52:08
F
19/11/12 19:52:08
A
19/11/12 19:52:08
F
19/11/12 19:52:09
A
19/11/12 19:52:09
F
19/11/12 19:52:10
D
call: DLL_PROCESS_ATTACH
19/11/12 19:52:10
D
call: DLL_PROCESS_ATTACH
19/11/12 19:52:15
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for

call: DLL_PROCESS_ATTACH
19/11/12 19:52:16
A
19/11/12 19:52:16
R
19/11/12 19:52:34
D
call: DLL_PROCESS_ATTACH
19/11/12 19:52:47
D
call: DLL_PROCESS_ATTACH
19/11/12 19:52:48
A
19/11/12 19:52:48
F
19/11/12 19:52:54
A
19/11/12 19:52:54
F
19/11/12 19:52:55
A
19/11/12 19:52:55
F
19/11/12 19:52:55
A
19/11/12 19:52:55
F
19/11/12 19:53:26
A
19/11/12 19:53:26
F
19/11/12 19:56:06
A
19/11/12 19:56:06
F
19/11/12 19:56:06
A
19/11/12 19:56:06
F
19/11/12 19:56:06
A
19/11/12 19:56:06
F
19/11/12 19:56:25
A
19/11/12 19:56:25
F
19/11/12 19:56:45
A
19/11/12 19:56:45
F
19/11/12 19:56:45
A
19/11/12 19:56:45
F
19/11/12 19:56:45
A
19/11/12 19:56:45
F
19/11/12 19:57:16
A
19/11/12 19:57:16
F
19/11/12 19:58:49
A
19/11/12 19:58:49
F
19/11/12 19:58:49
A
19/11/12 19:58:49
F
19/11/12 19:58:49
A
19/11/12 19:58:49
F
19/11/12 19:59:32
A
19/11/12 19:59:32
F
19/11/12 20:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 20:00:00
A
19/11/12 20:00:00
D
call: DLL_PROCESS_DETACH
19/11/12 20:01:27
D
call: DLL_PROCESS_ATTACH
19/11/12 20:01:36
A
19/11/12 20:01:36
F
19/11/12 20:01:36
A
19/11/12 20:01:36
F
19/11/12 20:01:36
A
19/11/12 20:01:36
F
19/11/12 20:02:02
A
19/11/12 20:02:02
D
call: DLL_PROCESS_DETACH
19/11/12 20:02:23
A
19/11/12 20:02:23
F
19/11/12 20:02:34
A

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

19/11/12 20:02:34
F
19/11/12 20:02:56
A
19/11/12 20:02:56
F
19/11/12 20:02:56
A
19/11/12 20:02:56
F
19/11/12 20:02:56
A
19/11/12 20:02:56
F
19/11/12 20:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 20:03:05
A
19/11/12 20:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 20:03:26
A
19/11/12 20:03:26
F
19/11/12 20:04:40
A
19/11/12 20:04:40
F
19/11/12 20:04:40
A
19/11/12 20:04:40
F
19/11/12 20:04:40
A
19/11/12 20:04:40
F
19/11/12 20:04:52
A
19/11/12 20:04:52
F
19/11/12 20:04:54
A
19/11/12 20:04:54
F
19/11/12 20:04:54
A
19/11/12 20:04:54
F
19/11/12 20:04:54
A
19/11/12 20:04:54
F
19/11/12 20:05:01
A
19/11/12 20:05:01
R
19/11/12 20:05:02
A
19/11/12 20:05:02
R
19/11/12 20:05:03
A
19/11/12 20:05:03
D
call: DLL_PROCESS_DETACH
19/11/12 20:05:03
A
19/11/12 20:05:03
D
call: DLL_PROCESS_DETACH
19/11/12 20:05:04
A
19/11/12 20:05:04
F
19/11/12 20:05:13
A
19/11/12 20:05:13
F
19/11/12 20:05:13
A
19/11/12 20:05:13
D
call: DLL_PROCESS_DETACH
19/11/12 20:05:14
A
19/11/12 20:05:14
F
19/11/12 20:17:02
D
call: DLL_PROCESS_ATTACH
19/11/12 20:17:34
A
19/11/12 20:17:34
D
call: DLL_PROCESS_DETACH
19/11/12 20:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 20:18:05
A
19/11/12 20:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 20:32:34
D
call: DLL_PROCESS_ATTACH
19/11/12 20:32:36
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback

19/11/12 20:32:36
D
call: DLL_PROCESS_DETACH
19/11/12 20:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 20:33:05
A
19/11/12 20:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 20:47:36
D
call: DLL_PROCESS_ATTACH
19/11/12 20:47:41
A
19/11/12 20:47:41
D
call: DLL_PROCESS_DETACH
19/11/12 20:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 20:48:05
A
19/11/12 20:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 21:00:00
D
call: DLL_PROCESS_ATTACH
19/11/12 21:00:00
A
19/11/12 21:00:00
D
call: DLL_PROCESS_DETACH
19/11/12 21:02:41
D
call: DLL_PROCESS_ATTACH
19/11/12 21:02:49
A
19/11/12 21:02:49
D
call: DLL_PROCESS_DETACH
19/11/12 21:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 21:03:05
A
19/11/12 21:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 21:17:49
D
call: DLL_PROCESS_ATTACH
19/11/12 21:18:00
A
19/11/12 21:18:00
D
call: DLL_PROCESS_DETACH
19/11/12 21:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 21:18:05
A
19/11/12 21:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 21:33:00
D
call: DLL_PROCESS_ATTACH
19/11/12 21:33:05
D
call: DLL_PROCESS_ATTACH
19/11/12 21:33:05
A
19/11/12 21:33:05
D
call: DLL_PROCESS_DETACH
19/11/12 21:33:14
A
19/11/12 21:33:14
D
call: DLL_PROCESS_DETACH
19/11/12 21:48:05
D
call: DLL_PROCESS_ATTACH
19/11/12 21:48:05
A
19/11/12 21:48:05
D
call: DLL_PROCESS_DETACH
19/11/12 21:48:14
D
call: DLL_PROCESS_ATTACH
19/11/12 21:48:31
A

Enter DllMain -> Handle: 4119724032 - Reason for

Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback

19/11/12 21:48:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:00:02
D
call: DLL_PROCESS_ATTACH
19/11/12 22:00:02
A
19/11/12 22:00:02
D
call: DLL_PROCESS_DETACH
19/11/12 22:03:05
D
call: DLL_PROCESS_ATTACH
19/11/12 22:03:05
A
19/11/12 22:03:05
D
call: DLL_PROCESS_DETACH
19/11/12 22:03:31
D
call: DLL_PROCESS_ATTACH
19/11/12 22:03:51
A
19/11/12 22:03:51
D
call: DLL_PROCESS_DETACH
19/11/12 22:18:05
D
call: DLL_PROCESS_ATTACH
19/11/12 22:18:05
A
19/11/12 22:18:05
D
call: DLL_PROCESS_DETACH
19/11/12 22:18:51
D
call: DLL_PROCESS_ATTACH
19/11/12 22:19:14
A
19/11/12 22:19:14
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
19/11/12 22:32:31
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D

Enter DllMain -> Handle: 4119724032 - Reason for

Enter DllMain -> Handle: 1945108480 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 4119724032 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 1945108480 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
A
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
A
20/11/12 10:58:32
A
20/11/12 10:58:32
A
20/11/12 10:58:32
A
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:32
A
20/11/12 10:58:32
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:32
A
20/11/12 10:58:32
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:32
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:33
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:34
A
20/11/12 10:58:34
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:34
A
20/11/12 10:58:34
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:34
A
20/11/12 10:58:34
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:35
D
call: DLL_PROCESS_ATTACH
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:37
A
20/11/12 10:58:37
F
20/11/12 10:58:40
A
20/11/12 10:58:40
A
20/11/12 10:58:40
D
call: DLL_PROCESS_DETACH
20/11/12 10:58:44
A
20/11/12 10:58:44
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for

20/11/12 10:58:51
A
20/11/12 10:58:51
D
call: DLL_PROCESS_DETACH
20/11/12 11:00:02
D
call: DLL_PROCESS_ATTACH
20/11/12 11:00:02
A
20/11/12 11:00:02
D
call: DLL_PROCESS_DETACH
20/11/12 11:00:03
A
20/11/12 11:00:03
D
call: DLL_PROCESS_DETACH
20/11/12 11:00:08
D
call: DLL_PROCESS_ATTACH
20/11/12 11:00:09
D
call: DLL_PROCESS_ATTACH
20/11/12 11:01:17
D
call: DLL_PROCESS_ATTACH
20/11/12 11:11:22
D
call: DLL_PROCESS_ATTACH
20/11/12 11:11:22
A
20/11/12 11:11:22
D
call: DLL_PROCESS_DETACH
20/11/12 11:13:22
D
call: DLL_PROCESS_ATTACH
20/11/12 11:13:27
A
20/11/12 11:13:38
D
call: DLL_PROCESS_ATTACH
20/11/12 11:13:39
A
20/11/12 11:13:39
R
20/11/12 11:14:05
D
call: DLL_PROCESS_ATTACH
20/11/12 11:14:06
A
20/11/12 11:14:06
R
20/11/12 11:14:10
D
call: DLL_PROCESS_ATTACH
20/11/12 11:14:11
A
20/11/12 11:14:11
R
20/11/12 11:14:11
D
call: DLL_PROCESS_ATTACH
20/11/12 11:14:12
A
20/11/12 11:14:12
R
20/11/12 11:15:26
D
call: DLL_PROCESS_ATTACH
20/11/12 11:15:27
A
20/11/12 11:15:27
R
20/11/12 11:15:28
D
call: DLL_PROCESS_ATTACH
20/11/12 11:15:29
A
20/11/12 11:15:29
R
20/11/12 11:15:38
A
20/11/12 11:15:38
R
20/11/12 11:15:39
A
20/11/12 11:15:39
R
20/11/12 11:15:39
A
20/11/12 11:15:39
D
call: DLL_PROCESS_DETACH
20/11/12 11:15:39
A
20/11/12 11:15:39
D
call: DLL_PROCESS_DETACH
20/11/12 11:15:40
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

call: DLL_PROCESS_ATTACH
20/11/12 11:15:40
D
call: DLL_PROCESS_ATTACH
20/11/12 11:16:00
D
call: DLL_PROCESS_ATTACH
20/11/12 11:16:30
A
20/11/12 11:16:30
R
20/11/12 11:16:58
D
call: DLL_PROCESS_ATTACH
20/11/12 11:25:04
D
call: DLL_PROCESS_ATTACH
20/11/12 11:25:14
A
20/11/12 11:25:14
R
20/11/12 11:31:24
D
call: DLL_PROCESS_ATTACH
20/11/12 11:31:24
A
20/11/12 11:31:24
D
call: DLL_PROCESS_DETACH
20/11/12 11:31:24
D
call: DLL_PROCESS_ATTACH
20/11/12 11:31:24
A
20/11/12 11:31:24
D
call: DLL_PROCESS_DETACH
20/11/12 11:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 11:45:29
A
20/11/12 11:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 11:53:09
A
20/11/12 11:53:09
R
20/11/12 11:53:10
A
20/11/12 11:53:10
D
call: DLL_PROCESS_DETACH
20/11/12 11:53:10
A
20/11/12 11:53:10
D
call: DLL_PROCESS_DETACH
20/11/12 11:53:11
D
call: DLL_PROCESS_ATTACH
20/11/12 11:53:11
D
call: DLL_PROCESS_ATTACH
20/11/12 11:53:55
A
20/11/12 11:53:55
R
20/11/12 11:53:56
A
20/11/12 11:53:56
D
call: DLL_PROCESS_DETACH
20/11/12 11:54:09
D
call: DLL_PROCESS_ATTACH
20/11/12 11:54:09
D
call: DLL_PROCESS_ATTACH
20/11/12 11:54:19
D
call: DLL_PROCESS_ATTACH
20/11/12 11:54:49
A
20/11/12 11:54:49
R
20/11/12 11:56:48
A
20/11/12 11:56:48
R
20/11/12 11:56:49
A
20/11/12 11:56:49
D
call: DLL_PROCESS_DETACH
20/11/12 11:56:50
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

20/11/12 11:56:50
D
call: DLL_PROCESS_ATTACH
20/11/12 11:57:23
A
20/11/12 11:57:23
R
20/11/12 11:57:23
A
20/11/12 11:57:23
D
call: DLL_PROCESS_DETACH
20/11/12 11:57:25
D
call: DLL_PROCESS_ATTACH
20/11/12 11:57:25
A
20/11/12 11:57:25
D
call: DLL_PROCESS_DETACH
20/11/12 12:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 12:00:01
A
20/11/12 12:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 12:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 12:00:29
A
20/11/12 12:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 12:01:19
D
call: DLL_PROCESS_ATTACH
20/11/12 12:01:42
A
20/11/12 12:01:42
D
call: DLL_PROCESS_DETACH
20/11/12 12:05:35
A
20/11/12 12:05:35
D
call: DLL_PROCESS_DETACH
20/11/12 12:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 12:15:29
A
20/11/12 12:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 12:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 12:30:29
A
20/11/12 12:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 12:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 12:45:29
A
20/11/12 12:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 13:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 13:00:01
A
20/11/12 13:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 13:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 13:00:29
A
20/11/12 13:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 13:06:00
D
call: DLL_PROCESS_ATTACH
20/11/12 13:06:01
D
call: DLL_PROCESS_ATTACH
20/11/12 13:06:11
D

Enter DllMain -> Handle: 1955463168 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

call: DLL_PROCESS_ATTACH
20/11/12 13:06:41
A
20/11/12 13:06:41
R
20/11/12 13:07:57
D
call: DLL_PROCESS_ATTACH
20/11/12 13:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 13:15:29
A
20/11/12 13:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 13:21:54
A
20/11/12 13:21:54
R
20/11/12 13:21:55
A
20/11/12 13:21:55
D
call: DLL_PROCESS_DETACH
20/11/12 13:21:55
A
20/11/12 13:21:55
D
call: DLL_PROCESS_DETACH
20/11/12 13:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 13:30:29
A
20/11/12 13:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 13:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 13:45:29
A
20/11/12 13:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 14:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 14:00:02
A
20/11/12 14:00:02
D
call: DLL_PROCESS_DETACH
20/11/12 14:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 14:00:29
A
20/11/12 14:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 14:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 14:15:29
A
20/11/12 14:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 14:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 14:30:29
A
20/11/12 14:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 14:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 14:45:29
A
20/11/12 14:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 15:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 15:00:01
A
20/11/12 15:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 15:00:29
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for

20/11/12 15:00:29
A
20/11/12 15:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 15:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 15:15:29
A
20/11/12 15:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 15:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 15:30:29
A
20/11/12 15:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 15:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 15:45:29
A
20/11/12 15:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 15:59:29
D
call: DLL_PROCESS_ATTACH
20/11/12 15:59:31
A
20/11/12 15:59:31
F
20/11/12 15:59:31
A
20/11/12 15:59:31
F
20/11/12 16:00:00
D
call: DLL_PROCESS_ATTACH
20/11/12 16:00:01
A
20/11/12 16:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 16:00:13
A
20/11/12 16:00:13
F
20/11/12 16:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 16:00:29
A
20/11/12 16:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 16:00:47
D
call: DLL_PROCESS_ATTACH
20/11/12 16:00:48
A
20/11/12 16:00:48
F
20/11/12 16:00:48
A
20/11/12 16:00:48
F
20/11/12 16:00:48
A
20/11/12 16:00:48
F
20/11/12 16:00:48
A
20/11/12 16:00:48
F
20/11/12 16:00:49
A
20/11/12 16:00:49
F
20/11/12 16:00:49
A
20/11/12 16:00:49
F
20/11/12 16:01:02
A
20/11/12 16:01:02
F
20/11/12 16:01:02
A
20/11/12 16:01:02
F
20/11/12 16:05:04
A
20/11/12 16:05:04
A
20/11/12 16:05:04
F
20/11/12 16:05:05
A
20/11/12 16:05:05
F
20/11/12 16:05:10
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback

20/11/12 16:05:10
D
call: DLL_PROCESS_DETACH
20/11/12 16:05:16
D
call: DLL_PROCESS_ATTACH
20/11/12 16:05:16
D
call: DLL_PROCESS_ATTACH
20/11/12 16:05:16
D
call: DLL_PROCESS_ATTACH
20/11/12 16:05:17
A
20/11/12 16:05:17
F
20/11/12 16:05:17
A
20/11/12 16:05:17
F
20/11/12 16:05:55
A
20/11/12 16:05:55
F
20/11/12 16:14:21
D
call: DLL_PROCESS_ATTACH
20/11/12 16:14:21
A
20/11/12 16:14:21
F
20/11/12 16:14:21
A
20/11/12 16:14:21
F
20/11/12 16:14:21
A
20/11/12 16:14:21
F
20/11/12 16:14:21
A
20/11/12 16:14:21
F
20/11/12 16:14:22
A
20/11/12 16:14:22
F
20/11/12 16:14:23
A
20/11/12 16:14:23
F
20/11/12 16:14:30
D
call: DLL_PROCESS_ATTACH
20/11/12 16:15:05
A
20/11/12 16:15:05
F
20/11/12 16:15:05
A
20/11/12 16:15:05
F
20/11/12 16:15:06
A
20/11/12 16:15:06
F
20/11/12 16:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 16:15:29
A
20/11/12 16:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 16:16:12
A
20/11/12 16:16:12
F
20/11/12 16:16:13
A
20/11/12 16:16:13
F
20/11/12 16:16:15
A
20/11/12 16:16:15
F
20/11/12 16:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 16:30:29
A
20/11/12 16:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 16:39:23
A
20/11/12 16:39:23
F
20/11/12 16:39:23
A
20/11/12 16:39:23
F
20/11/12 16:40:35
A
20/11/12 16:40:35
D
call: DLL_PROCESS_DETACH
20/11/12 16:40:35
A

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback

20/11/12 16:40:35
D
call: DLL_PROCESS_DETACH
20/11/12 16:40:37
A
20/11/12 16:40:37
D
call: DLL_PROCESS_DETACH
20/11/12 16:40:38
A
20/11/12 16:40:38
D
call: DLL_PROCESS_DETACH
20/11/12 16:40:41
A
20/11/12 16:40:41
F
20/11/12 16:40:41
A
20/11/12 16:40:41
F
20/11/12 16:43:07
A
20/11/12 16:43:07
F
20/11/12 16:43:07
A
20/11/12 16:43:07
F
20/11/12 16:43:07
A
20/11/12 16:43:08
A
20/11/12 16:43:08
F
20/11/12 16:43:14
D
call: DLL_PROCESS_ATTACH
20/11/12 16:43:15
A
20/11/12 16:43:15
D
call: DLL_PROCESS_DETACH
20/11/12 16:43:15
D
call: DLL_PROCESS_ATTACH
20/11/12 16:43:15
D
call: DLL_PROCESS_ATTACH
20/11/12 16:43:15
A
20/11/12 16:43:15
D
call: DLL_PROCESS_DETACH
20/11/12 16:43:15
D
call: DLL_PROCESS_ATTACH
20/11/12 16:43:15
A
20/11/12 16:43:15
F
20/11/12 16:43:16
A
20/11/12 16:43:16
F
20/11/12 16:43:17
A
20/11/12 16:43:17
F
20/11/12 16:43:17
A
20/11/12 16:43:17
F
20/11/12 16:43:18
A
20/11/12 16:43:18
A
20/11/12 16:43:18
A
20/11/12 16:43:18
F
20/11/12 16:43:18
A
20/11/12 16:43:18
F
20/11/12 16:43:18
A
20/11/12 16:43:18
F
20/11/12 16:43:26
A
20/11/12 16:43:26
D
call: DLL_PROCESS_DETACH
20/11/12 16:43:27
A
20/11/12 16:43:27
F
20/11/12 16:43:28
A
20/11/12 16:43:28
F
20/11/12 16:43:29
A
20/11/12 16:43:29
F
20/11/12 16:43:29
A
20/11/12 16:43:29
F

Enter DllMain -> Handle: 1955463168 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

20/11/12 16:43:29
A
20/11/12 16:43:29
F
20/11/12 16:43:29
A
20/11/12 16:43:29
F
20/11/12 16:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 16:45:29
A
20/11/12 16:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 16:59:43
A
20/11/12 16:59:43
F
20/11/12 16:59:43
A
20/11/12 16:59:43
F
20/11/12 16:59:44
A
20/11/12 16:59:44
F
20/11/12 17:00:00
D
call: DLL_PROCESS_ATTACH
20/11/12 17:00:00
A
20/11/12 17:00:00
D
call: DLL_PROCESS_DETACH
20/11/12 17:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 17:00:29
A
20/11/12 17:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 17:05:11
A
20/11/12 17:05:11
D
call: DLL_PROCESS_DETACH
20/11/12 17:05:12
A
20/11/12 17:05:12
F
20/11/12 17:05:38
D
call: DLL_PROCESS_ATTACH
20/11/12 17:05:38
D
call: DLL_PROCESS_ATTACH
20/11/12 17:05:57
D
call: DLL_PROCESS_ATTACH
20/11/12 17:06:00
D
call: DLL_PROCESS_ATTACH
20/11/12 17:06:01
A
20/11/12 17:06:01
R
20/11/12 17:06:03
A
20/11/12 17:06:03
R
20/11/12 17:06:17
D
call: DLL_PROCESS_ATTACH
20/11/12 17:06:20
D
call: DLL_PROCESS_ATTACH
20/11/12 17:06:25
A
20/11/12 17:06:25
R
20/11/12 17:06:36
D
call: DLL_PROCESS_ATTACH
20/11/12 17:08:20
D
call: DLL_PROCESS_ATTACH
20/11/12 17:09:05
D
call: DLL_PROCESS_ATTACH
20/11/12 17:09:16
A
20/11/12 17:09:16
D
call: DLL_PROCESS_DETACH
20/11/12 17:09:44
A
20/11/12 17:09:44
R
20/11/12 17:10:01
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for

call: DLL_PROCESS_ATTACH
20/11/12 17:10:01
A
20/11/12 17:10:01
D
call: DLL_PROCESS_DETACH
20/11/12 17:10:34
D
call: DLL_PROCESS_ATTACH
20/11/12 17:10:37
D
call: DLL_PROCESS_ATTACH
20/11/12 17:10:41
A
20/11/12 17:10:41
R
20/11/12 17:10:43
D
call: DLL_PROCESS_ATTACH
20/11/12 17:10:45
A
20/11/12 17:10:45
R
20/11/12 17:12:13
D
call: DLL_PROCESS_ATTACH
20/11/12 17:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 17:15:29
A
20/11/12 17:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 17:16:03
D
call: DLL_PROCESS_ATTACH
20/11/12 17:16:13
A
20/11/12 17:16:13
R
20/11/12 17:28:34
D
call: DLL_PROCESS_ATTACH
20/11/12 17:28:42
A
20/11/12 17:28:50
D
call: DLL_PROCESS_ATTACH
20/11/12 17:28:50
A
20/11/12 17:28:50
R
20/11/12 17:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 17:30:29
A
20/11/12 17:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 17:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 17:45:29
A
20/11/12 17:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 17:50:55
D
call: DLL_PROCESS_ATTACH
20/11/12 17:50:59
A
20/11/12 17:50:59
R
20/11/12 17:51:02
A
20/11/12 17:51:12
D
call: DLL_PROCESS_ATTACH
20/11/12 17:51:26
A
20/11/12 17:51:41
D
call: DLL_PROCESS_ATTACH
20/11/12 17:51:46
A
20/11/12 17:54:31
D
call: DLL_PROCESS_ATTACH
20/11/12 17:57:41
A
20/11/12 17:57:41
R
20/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 18:00:01
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback

20/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 18:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 18:00:29
A
20/11/12 18:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 18:01:24
D
call: DLL_PROCESS_ATTACH
20/11/12 18:01:24
A
20/11/12 18:01:24
R
20/11/12 18:01:27
D
call: DLL_PROCESS_ATTACH
20/11/12 18:01:27
A
20/11/12 18:01:27
R
20/11/12 18:02:39
D
call: DLL_PROCESS_ATTACH
20/11/12 18:02:45
D
call: DLL_PROCESS_ATTACH
20/11/12 18:02:46
A
20/11/12 18:02:46
R
20/11/12 18:03:38
D
call: DLL_PROCESS_ATTACH
20/11/12 18:03:39
A
20/11/12 18:03:39
A
20/11/12 18:03:39
R
20/11/12 18:06:42
D
call: DLL_PROCESS_ATTACH
20/11/12 18:06:47
D
call: DLL_PROCESS_ATTACH
20/11/12 18:06:48
D
call: DLL_PROCESS_ATTACH
20/11/12 18:08:28
A
20/11/12 18:08:28
R
20/11/12 18:10:24
A
20/11/12 18:10:24
F
20/11/12 18:10:31
A
20/11/12 18:10:31
F
20/11/12 18:10:34
A
20/11/12 18:10:34
R
20/11/12 18:14:13
A
20/11/12 18:14:13
R
20/11/12 18:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 18:15:29
A
20/11/12 18:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 18:18:18
A
20/11/12 18:18:18
R
20/11/12 18:29:22
A
20/11/12 18:29:22
R
20/11/12 18:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 18:30:29
A
20/11/12 18:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 18:39:28
A
20/11/12 18:39:28
R
20/11/12 18:39:29
A
20/11/12 18:39:29
R

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

20/11/12 18:39:30
A
20/11/12 18:39:30
R
20/11/12 18:39:30
A
20/11/12 18:39:30
D
call: DLL_PROCESS_DETACH
20/11/12 18:39:30
A
20/11/12 18:39:30
D
call: DLL_PROCESS_DETACH
20/11/12 18:39:31
D
call: DLL_PROCESS_ATTACH
20/11/12 18:39:36
A
20/11/12 18:39:36
A
20/11/12 18:39:36
D
call: DLL_PROCESS_DETACH
20/11/12 18:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 18:45:29
A
20/11/12 18:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
20/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
20/11/12 19:00:00
A
20/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
20/11/12 19:00:05
A
20/11/12 19:00:05
D
call: DLL_PROCESS_DETACH
20/11/12 19:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 19:00:29
A
20/11/12 19:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 19:13:15
A
20/11/12 19:13:15
F
20/11/12 19:13:15
D
call: DLL_PROCESS_ATTACH
20/11/12 19:13:15
A
20/11/12 19:13:15
D
call: DLL_PROCESS_DETACH
20/11/12 19:13:15
D
call: DLL_PROCESS_ATTACH
20/11/12 19:13:15
A
20/11/12 19:13:15
A
20/11/12 19:13:15
A
20/11/12 19:13:15
A
20/11/12 19:13:15
D
call: DLL_PROCESS_ATTACH
20/11/12 19:13:16
A
20/11/12 19:13:16
D
call: DLL_PROCESS_DETACH
20/11/12 19:13:16
D
call: DLL_PROCESS_ATTACH
20/11/12 19:13:16
A
20/11/12 19:13:16
F
20/11/12 19:13:16
A
20/11/12 19:13:16
F
20/11/12 19:13:17
A
20/11/12 19:13:17
F

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

20/11/12 19:13:17
A
20/11/12 19:13:17
F
20/11/12 19:13:33
D
call: DLL_PROCESS_ATTACH
20/11/12 19:13:33
A
20/11/12 19:13:33
F
20/11/12 19:15:04
D
call: DLL_PROCESS_ATTACH
20/11/12 19:15:11
A
20/11/12 19:15:11
D
call: DLL_PROCESS_DETACH
20/11/12 19:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 19:15:29
A
20/11/12 19:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 19:30:08
A
20/11/12 19:30:08
F
20/11/12 19:30:11
D
call: DLL_PROCESS_ATTACH
20/11/12 19:30:22
A
20/11/12 19:30:22
D
call: DLL_PROCESS_DETACH
20/11/12 19:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 19:30:29
A
20/11/12 19:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 19:33:10
A
20/11/12 19:33:10
F
20/11/12 19:45:21
D
call: DLL_PROCESS_ATTACH
20/11/12 19:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 19:45:30
A
20/11/12 19:45:30
D
call: DLL_PROCESS_DETACH
20/11/12 19:45:43
A
20/11/12 19:45:43
D
call: DLL_PROCESS_DETACH
20/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 20:00:05
A
20/11/12 20:00:05
D
call: DLL_PROCESS_DETACH
20/11/12 20:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 20:00:30
A
20/11/12 20:00:30
D
call: DLL_PROCESS_DETACH
20/11/12 20:00:53
D
call: DLL_PROCESS_ATTACH
20/11/12 20:01:33
A
20/11/12 20:01:33
D
call: DLL_PROCESS_DETACH
20/11/12 20:03:12
A
20/11/12 20:03:12
D
call: DLL_PROCESS_DETACH
20/11/12 20:03:22
D
call: DLL_PROCESS_ATTACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for

20/11/12 20:03:22
D
call: DLL_PROCESS_ATTACH
20/11/12 20:03:35
D
call: DLL_PROCESS_ATTACH
20/11/12 20:03:39
A
20/11/12 20:03:39
R
20/11/12 20:04:26
D
call: DLL_PROCESS_ATTACH
20/11/12 20:07:07
D
call: DLL_PROCESS_ATTACH
20/11/12 20:10:10
D
call: DLL_PROCESS_ATTACH
20/11/12 20:10:13
D
call: DLL_PROCESS_ATTACH
20/11/12 20:10:13
A
20/11/12 20:10:13
D
call: DLL_PROCESS_DETACH
20/11/12 20:10:18
A
20/11/12 20:10:18
D
call: DLL_PROCESS_DETACH
20/11/12 20:10:46
A
20/11/12 20:10:46
R
20/11/12 20:10:46
A
20/11/12 20:10:46
R
20/11/12 20:10:47
A
20/11/12 20:10:47
D
call: DLL_PROCESS_DETACH
20/11/12 20:10:47
A
20/11/12 20:10:47
D
call: DLL_PROCESS_DETACH
20/11/12 20:14:03
D
call: DLL_PROCESS_ATTACH
20/11/12 20:14:04
D
call: DLL_PROCESS_ATTACH
20/11/12 20:14:08
D
call: DLL_PROCESS_ATTACH
20/11/12 20:14:10
A
20/11/12 20:14:10
R
20/11/12 20:14:59
D
call: DLL_PROCESS_ATTACH
20/11/12 20:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 20:15:29
A
20/11/12 20:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 20:16:32
D
call: DLL_PROCESS_ATTACH
20/11/12 20:16:51
A
20/11/12 20:16:51
D
call: DLL_PROCESS_DETACH
20/11/12 20:25:27
D
call: DLL_PROCESS_ATTACH
20/11/12 20:25:27
A
20/11/12 20:25:42
A
20/11/12 20:25:42
D
call: DLL_PROCESS_ATTACH
20/11/12 20:25:42
A
20/11/12 20:25:42
O
20/11/12 20:25:42
V
20/11/12 20:25:42
V

Enter DllMain -> Handle: 1955463168 - Reason for

Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4113956864 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1

20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
O
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:25:42
F
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
O
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:25:42
F
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
A
20/11/12 20:25:42
O
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:25:42
F
20/11/12 20:25:42
V
20/11/12 20:25:42
V
20/11/12 20:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 20:30:29
A
20/11/12 20:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 20:31:51
D
call: DLL_PROCESS_ATTACH
20/11/12 20:32:13
A
20/11/12 20:32:13
D
call: DLL_PROCESS_DETACH
20/11/12 20:32:56
D
call: DLL_PROCESS_ATTACH
20/11/12 20:44:05
A
20/11/12 20:44:05
R
20/11/12 20:44:05
A
20/11/12 20:44:05
R
20/11/12 20:44:05
A
20/11/12 20:44:05
A
20/11/12 20:44:05
D
call: DLL_PROCESS_DETACH
20/11/12 20:44:05
D
call: DLL_PROCESS_DETACH
20/11/12 20:44:08
A
20/11/12 20:44:08
O
20/11/12 20:44:08
V
20/11/12 20:44:08
V
20/11/12 20:44:08
A
20/11/12 20:44:08
A
20/11/12 20:44:08
A
20/11/12 20:44:08
O
20/11/12 20:44:08
V
20/11/12 20:44:08
V
20/11/12 20:44:08
F

-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient

20/11/12 20:44:08
V
20/11/12 20:44:08
V
20/11/12 20:44:08
A
20/11/12 20:44:08
D
call: DLL_PROCESS_DETACH
20/11/12 20:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 20:45:29
A
20/11/12 20:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 20:47:13
D
call: DLL_PROCESS_ATTACH
20/11/12 20:47:42
A
20/11/12 20:47:42
D
call: DLL_PROCESS_DETACH
20/11/12 20:47:45
A
20/11/12 20:47:45
D
call: DLL_PROCESS_DETACH
20/11/12 20:56:32
D
call: DLL_PROCESS_ATTACH
20/11/12 20:56:32
D
call: DLL_PROCESS_ATTACH
20/11/12 20:56:48
D
call: DLL_PROCESS_ATTACH
20/11/12 20:56:51
A
20/11/12 20:56:51
R
20/11/12 20:57:41
D
call: DLL_PROCESS_ATTACH
20/11/12 21:00:01
D
call: DLL_PROCESS_ATTACH
20/11/12 21:00:01
A
20/11/12 21:00:01
D
call: DLL_PROCESS_DETACH
20/11/12 21:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 21:00:29
A
20/11/12 21:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 21:02:45
D
call: DLL_PROCESS_ATTACH
20/11/12 21:03:13
A
20/11/12 21:03:13
D
call: DLL_PROCESS_DETACH
20/11/12 21:03:25
D
call: DLL_PROCESS_ATTACH
20/11/12 21:11:19
D
call: DLL_PROCESS_ATTACH
20/11/12 21:11:19
A
20/11/12 21:11:19
D
call: DLL_PROCESS_DETACH
20/11/12 21:11:21
D
call: DLL_PROCESS_ATTACH
20/11/12 21:11:21
A
20/11/12 21:11:21
D
call: DLL_PROCESS_DETACH
20/11/12 21:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 21:15:29
A
20/11/12 21:15:29
D
call: DLL_PROCESS_DETACH

DevMode Impresora: CyberClient

DevMode Copies: 1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for

20/11/12 21:18:13
D
call: DLL_PROCESS_ATTACH
20/11/12 21:18:44
A
20/11/12 21:18:44
D
call: DLL_PROCESS_DETACH
20/11/12 21:18:47
D
call: DLL_PROCESS_ATTACH
20/11/12 21:18:50
D
call: DLL_PROCESS_ATTACH
20/11/12 21:18:50
D
call: DLL_PROCESS_ATTACH
20/11/12 21:18:50
A
20/11/12 21:18:50
R
20/11/12 21:18:53
A
20/11/12 21:18:53
R
20/11/12 21:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 21:30:29
A
20/11/12 21:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 21:33:44
D
call: DLL_PROCESS_ATTACH
20/11/12 21:33:46
A
20/11/12 21:33:46
D
call: DLL_PROCESS_DETACH
20/11/12 21:38:50
A
20/11/12 21:38:50
R
20/11/12 21:43:03
D
call: DLL_PROCESS_ATTACH
20/11/12 21:43:05
D
call: DLL_PROCESS_ATTACH
20/11/12 21:43:06
A
20/11/12 21:43:06
R
20/11/12 21:43:22
A
20/11/12 21:43:22
F
20/11/12 21:43:23
A
20/11/12 21:43:23
F
20/11/12 21:45:29
D
call: DLL_PROCESS_ATTACH
20/11/12 21:45:29
A
20/11/12 21:45:29
D
call: DLL_PROCESS_DETACH
20/11/12 21:47:46
A
20/11/12 21:47:46
R
20/11/12 21:48:45
D
call: DLL_PROCESS_ATTACH
20/11/12 21:48:50
A
20/11/12 21:48:50
D
call: DLL_PROCESS_DETACH
20/11/12 21:51:45
D
call: DLL_PROCESS_ATTACH
20/11/12 21:51:46
D
call: DLL_PROCESS_ATTACH
20/11/12 21:51:47
A
20/11/12 21:51:47
F
20/11/12 21:51:47
A
20/11/12 21:51:47
R
20/11/12 21:51:47
D
call: DLL_PROCESS_ATTACH
20/11/12 21:51:47
A

Enter DllMain -> Handle: 4113956864 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback

20/11/12 21:51:47
R
20/11/12 21:51:47
D
call: DLL_PROCESS_ATTACH
20/11/12 21:51:49
A
20/11/12 21:51:49
R
20/11/12 22:00:00
D
call: DLL_PROCESS_ATTACH
20/11/12 22:00:00
A
20/11/12 22:00:00
D
call: DLL_PROCESS_DETACH
20/11/12 22:00:29
D
call: DLL_PROCESS_ATTACH
20/11/12 22:00:29
A
20/11/12 22:00:29
D
call: DLL_PROCESS_DETACH
20/11/12 22:03:49
D
call: DLL_PROCESS_ATTACH
20/11/12 22:03:57
A
20/11/12 22:03:57
D
call: DLL_PROCESS_DETACH
20/11/12 22:15:29
D
call: DLL_PROCESS_ATTACH
20/11/12 22:15:29
A
20/11/12 22:15:29
D
call: DLL_PROCESS_DETACH
20/11/12 22:18:56
D
call: DLL_PROCESS_ATTACH
20/11/12 22:19:06
A
20/11/12 22:19:06
D
call: DLL_PROCESS_DETACH
20/11/12 22:21:09
D
call: DLL_PROCESS_ATTACH
20/11/12 22:21:09
A
20/11/12 22:21:09
R
20/11/12 22:21:11
D
call: DLL_PROCESS_ATTACH
20/11/12 22:21:11
A
20/11/12 22:21:11
R
20/11/12 22:21:13
D
call: DLL_PROCESS_ATTACH
20/11/12 22:21:13
A
20/11/12 22:21:13
R
20/11/12 22:21:14
D
call: DLL_PROCESS_ATTACH
20/11/12 22:21:14
A
20/11/12 22:21:14
R
20/11/12 22:21:14
D
call: DLL_PROCESS_ATTACH
20/11/12 22:21:15
A
20/11/12 22:21:15
R
20/11/12 22:21:32
A
20/11/12 22:21:32
R
20/11/12 22:28:49
A
20/11/12 22:28:49
R
20/11/12 22:28:50
A
20/11/12 22:28:50
D
call: DLL_PROCESS_DETACH
20/11/12 22:28:50
A
20/11/12 22:28:50
D
call: DLL_PROCESS_DETACH

La victima es chrome.exe Asesino chrome.exe

Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1955463168 - Reason for

20/11/12 22:30:29
D
call: DLL_PROCESS_ATTACH
20/11/12 22:30:29
A
20/11/12 22:30:29
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
20/11/12 22:30:31
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:49
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:49
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:49
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:49
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4113956864 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 4113956864 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 1955463168 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for

21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
A
21/11/12 15:45:50
A
21/11/12 15:45:50
A
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:50
A
21/11/12 15:45:50
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:51
A
21/11/12 15:45:51
F
21/11/12 15:45:51
A
21/11/12 15:45:51
F
21/11/12 15:45:51
A
21/11/12 15:45:51
F
21/11/12 15:45:51
D
call: DLL_PROCESS_ATTACH
21/11/12 15:45:51
A
21/11/12 15:45:51
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:52
A
21/11/12 15:45:52
F
21/11/12 15:45:52
A
21/11/12 15:45:52
F
21/11/12 15:45:52
A
21/11/12 15:45:52
F
21/11/12 15:45:54
A
21/11/12 15:45:54
A
21/11/12 15:45:54
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:58
A
21/11/12 15:45:58
D
call: DLL_PROCESS_DETACH
21/11/12 15:45:58
A
21/11/12 15:45:58
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:08
D
call: DLL_PROCESS_ATTACH
21/11/12 15:46:08
A
21/11/12 15:46:08
F
21/11/12 15:46:09
A
21/11/12 15:46:09
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:18
A
21/11/12 15:46:18
F
21/11/12 15:46:18
D
call: DLL_PROCESS_ATTACH
21/11/12 15:46:18
A

Enter DllMain -> Handle: 1945960448 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback

21/11/12 15:46:18
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:22
A
21/11/12 15:46:22
A
21/11/12 15:46:22
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:23
A
21/11/12 15:46:23
F
21/11/12 15:46:23
D
call: DLL_PROCESS_ATTACH
21/11/12 15:46:23
A
21/11/12 15:46:23
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:25
D
call: DLL_PROCESS_ATTACH
21/11/12 15:46:27
A
21/11/12 15:46:27
D
call: DLL_PROCESS_DETACH
21/11/12 15:46:36
D
call: DLL_PROCESS_ATTACH
21/11/12 15:46:44
A
21/11/12 15:46:44
F
21/11/12 15:46:57
A
21/11/12 15:46:57
F
21/11/12 15:47:24
D
call: DLL_PROCESS_ATTACH
21/11/12 15:47:26
D
call: DLL_PROCESS_ATTACH
21/11/12 15:47:28
A
21/11/12 15:47:28
R
21/11/12 15:47:29
A
21/11/12 15:47:29
D
call: DLL_PROCESS_DETACH
21/11/12 15:58:39
D
call: DLL_PROCESS_ATTACH
21/11/12 15:58:39
A
21/11/12 15:58:39
D
call: DLL_PROCESS_DETACH
21/11/12 16:00:00
D
call: DLL_PROCESS_ATTACH
21/11/12 16:00:00
A
21/11/12 16:00:00
D
call: DLL_PROCESS_DETACH
21/11/12 16:00:39
D
call: DLL_PROCESS_ATTACH
21/11/12 16:00:44
A
21/11/12 16:01:53
A
21/11/12 16:01:53
F
21/11/12 16:06:03
A
21/11/12 16:06:03
F
21/11/12 16:10:02
D
call: DLL_PROCESS_ATTACH
21/11/12 16:10:25
A
21/11/12 16:10:25
D
call: DLL_PROCESS_DETACH
21/11/12 16:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 16:32:45
A
21/11/12 16:32:45
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1945960448 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for

21/11/12 16:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 16:47:45
A
21/11/12 16:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
21/11/12 17:00:01
A
21/11/12 17:00:01
D
call: DLL_PROCESS_DETACH
21/11/12 17:02:45
D
call: DLL_PROCESS_ATTACH
21/11/12 17:02:45
A
21/11/12 17:02:45
D
call: DLL_PROCESS_DETACH
21/11/12 17:17:45
D
call: DLL_PROCESS_ATTACH
21/11/12 17:17:45
A
21/11/12 17:17:45
D
call: DLL_PROCESS_DETACH
21/11/12 17:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 17:32:45
A
21/11/12 17:32:45
D
call: DLL_PROCESS_DETACH
21/11/12 17:40:58
D
call: DLL_PROCESS_ATTACH
21/11/12 17:40:59
A
21/11/12 17:40:59
D
call: DLL_PROCESS_DETACH
21/11/12 17:40:59
D
call: DLL_PROCESS_ATTACH
21/11/12 17:40:59
D
call: DLL_PROCESS_ATTACH
21/11/12 17:41:04
D
call: DLL_PROCESS_ATTACH
21/11/12 17:41:04
A
21/11/12 17:41:04
D
call: DLL_PROCESS_DETACH
21/11/12 17:41:05
D
call: DLL_PROCESS_ATTACH
21/11/12 17:41:05
A
21/11/12 17:41:05
D
call: DLL_PROCESS_DETACH
21/11/12 17:41:25
D
call: DLL_PROCESS_ATTACH
21/11/12 17:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 17:47:45
A
21/11/12 17:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 17:57:33
A
21/11/12 17:57:33
F
21/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
21/11/12 18:00:01
A
21/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
21/11/12 18:02:45
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4092657664 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for

21/11/12 18:02:45
A
21/11/12 18:02:45
D
call: DLL_PROCESS_DETACH
21/11/12 18:11:01
A
21/11/12 18:11:01
R
21/11/12 18:11:02
A
21/11/12 18:11:02
D
call: DLL_PROCESS_DETACH
21/11/12 18:11:02
A
21/11/12 18:11:02
D
call: DLL_PROCESS_DETACH
21/11/12 18:17:45
D
call: DLL_PROCESS_ATTACH
21/11/12 18:17:45
A
21/11/12 18:17:45
D
call: DLL_PROCESS_DETACH
21/11/12 18:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 18:32:45
A
21/11/12 18:32:45
D
call: DLL_PROCESS_DETACH
21/11/12 18:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 18:47:45
A
21/11/12 18:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 18:58:36
D
call: DLL_PROCESS_ATTACH
21/11/12 18:58:54
A
21/11/12 18:58:54
F
21/11/12 18:59:03
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:06
A
21/11/12 18:59:06
D
call: DLL_PROCESS_DETACH
21/11/12 18:59:07
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:14
A
21/11/12 18:59:14
D
call: DLL_PROCESS_DETACH
21/11/12 18:59:19
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:20
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:20
A
21/11/12 18:59:20
D
call: DLL_PROCESS_DETACH
21/11/12 18:59:33
A
21/11/12 18:59:33
A
21/11/12 18:59:33
D
call: DLL_PROCESS_DETACH
21/11/12 18:59:38
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:43
A
21/11/12 18:59:43
D
call: DLL_PROCESS_DETACH
21/11/12 18:59:47
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:56
A
21/11/12 18:59:56
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for

call: DLL_PROCESS_DETACH
21/11/12 18:59:58
D
call: DLL_PROCESS_ATTACH
21/11/12 18:59:59
A
21/11/12 18:59:59
D
call: DLL_PROCESS_DETACH
21/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
21/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
21/11/12 19:00:00
A
21/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
21/11/12 19:00:02
D
call: DLL_PROCESS_ATTACH
21/11/12 19:00:02
D
call: DLL_PROCESS_ATTACH
21/11/12 19:00:02
A
21/11/12 19:00:02
D
call: DLL_PROCESS_DETACH
21/11/12 19:00:25
A
21/11/12 19:00:25
D
call: DLL_PROCESS_DETACH
21/11/12 19:00:41
D
call: DLL_PROCESS_ATTACH
21/11/12 19:02:25
A
21/11/12 19:02:25
A
21/11/12 19:02:25
D
call: DLL_PROCESS_DETACH
21/11/12 19:02:45
D
call: DLL_PROCESS_ATTACH
21/11/12 19:02:45
A
21/11/12 19:02:45
D
call: DLL_PROCESS_DETACH
21/11/12 19:06:04
A
21/11/12 19:06:04
F
21/11/12 19:06:08
D
call: DLL_PROCESS_ATTACH
21/11/12 19:06:14
A
21/11/12 19:06:14
D
call: DLL_PROCESS_DETACH
21/11/12 19:06:19
D
call: DLL_PROCESS_ATTACH
21/11/12 19:06:21
D
call: DLL_PROCESS_ATTACH
21/11/12 19:06:23
D
call: DLL_PROCESS_ATTACH
21/11/12 19:06:27
A
21/11/12 19:06:27
A
21/11/12 19:06:27
D
call: DLL_PROCESS_DETACH
21/11/12 19:07:14
D
call: DLL_PROCESS_ATTACH
21/11/12 19:07:21
A
21/11/12 19:07:21
D
call: DLL_PROCESS_ATTACH
21/11/12 19:07:21
D
call: DLL_PROCESS_DETACH
21/11/12 19:07:30
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4092657664 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for

21/11/12 19:07:30
D
call: DLL_PROCESS_ATTACH
21/11/12 19:07:30
A
21/11/12 19:07:30
D
call: DLL_PROCESS_DETACH
21/11/12 19:08:23
D
call: DLL_PROCESS_ATTACH
21/11/12 19:08:28
A
21/11/12 19:08:28
D
call: DLL_PROCESS_DETACH
21/11/12 19:08:30
A
21/11/12 19:08:30
A
21/11/12 19:08:30
D
call: DLL_PROCESS_DETACH
21/11/12 19:08:40
A
21/11/12 19:08:40
D
call: DLL_PROCESS_DETACH
21/11/12 19:08:48
D
call: DLL_PROCESS_ATTACH
21/11/12 19:08:48
D
call: DLL_PROCESS_ATTACH
21/11/12 19:08:53
A
21/11/12 19:08:53
A
21/11/12 19:08:53
D
call: DLL_PROCESS_DETACH
21/11/12 19:15:24
D
call: DLL_PROCESS_ATTACH
21/11/12 19:15:51
A
21/11/12 19:15:51
D
call: DLL_PROCESS_DETACH
21/11/12 19:17:45
D
call: DLL_PROCESS_ATTACH
21/11/12 19:17:45
A
21/11/12 19:17:45
D
call: DLL_PROCESS_DETACH
21/11/12 19:30:51
D
call: DLL_PROCESS_ATTACH
21/11/12 19:31:21
A
21/11/12 19:31:21
D
call: DLL_PROCESS_DETACH
21/11/12 19:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 19:32:45
A
21/11/12 19:32:45
D
call: DLL_PROCESS_DETACH
21/11/12 19:35:11
D
call: DLL_PROCESS_ATTACH
21/11/12 19:35:11
A
21/11/12 19:35:11
D
call: DLL_PROCESS_DETACH
21/11/12 19:35:31
A
21/11/12 19:35:31
D
call: DLL_PROCESS_DETACH
21/11/12 19:35:34
A
21/11/12 19:35:34
D
call: DLL_PROCESS_DETACH
21/11/12 19:35:40
D
call: DLL_PROCESS_ATTACH
21/11/12 19:35:41
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4092657664 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for

21/11/12 19:35:58
D
call: DLL_PROCESS_ATTACH
21/11/12 19:36:19
A
21/11/12 19:36:19
D
call: DLL_PROCESS_DETACH
21/11/12 19:36:28
A
21/11/12 19:36:28
R
21/11/12 19:36:32
D
call: DLL_PROCESS_ATTACH
21/11/12 19:38:56
D
call: DLL_PROCESS_ATTACH
21/11/12 19:40:12
A
21/11/12 19:41:58
A
21/11/12 19:41:58
R
21/11/12 19:42:01
D
call: DLL_PROCESS_ATTACH
21/11/12 19:42:01
A
21/11/12 19:42:01
D
call: DLL_PROCESS_DETACH
21/11/12 19:44:31
A
21/11/12 19:44:31
F
21/11/12 19:45:46
A
21/11/12 19:45:46
R
21/11/12 19:45:46
A
21/11/12 19:45:46
D
call: DLL_PROCESS_DETACH
21/11/12 19:46:03
A
21/11/12 19:46:03
R
21/11/12 19:46:04
A
21/11/12 19:46:04
R
21/11/12 19:46:04
A
21/11/12 19:46:04
A
21/11/12 19:46:04
D
call: DLL_PROCESS_DETACH
21/11/12 19:46:04
D
call: DLL_PROCESS_DETACH
21/11/12 19:46:21
D
call: DLL_PROCESS_ATTACH
21/11/12 19:46:23
A
21/11/12 19:46:23
D
call: DLL_PROCESS_DETACH
21/11/12 19:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 19:47:45
A
21/11/12 19:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 19:56:33
D
call: DLL_PROCESS_ATTACH
21/11/12 19:56:34
D
call: DLL_PROCESS_ATTACH
21/11/12 19:56:38
D
call: DLL_PROCESS_ATTACH
21/11/12 19:56:41
A
21/11/12 19:56:41
A
21/11/12 19:56:41
R
21/11/12 19:58:01
D
call: DLL_PROCESS_ATTACH
21/11/12 20:00:00
D
call: DLL_PROCESS_ATTACH
21/11/12 20:00:01
A

Enter DllMain -> Handle: 1945960448 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback

21/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
21/11/12 20:01:22
D
call: DLL_PROCESS_ATTACH
21/11/12 20:01:27
A
21/11/12 20:01:27
D
call: DLL_PROCESS_DETACH
21/11/12 20:02:45
D
call: DLL_PROCESS_ATTACH
21/11/12 20:02:45
A
21/11/12 20:02:45
D
call: DLL_PROCESS_DETACH
21/11/12 20:10:20
A
21/11/12 20:10:20
F
21/11/12 20:15:05
A
21/11/12 20:15:05
R
21/11/12 20:15:06
A
21/11/12 20:15:06
D
call: DLL_PROCESS_DETACH
21/11/12 20:15:06
A
21/11/12 20:15:06
D
call: DLL_PROCESS_DETACH
21/11/12 20:16:26
D
call: DLL_PROCESS_ATTACH
21/11/12 20:16:33
A
21/11/12 20:16:33
D
call: DLL_PROCESS_DETACH
21/11/12 20:17:45
D
call: DLL_PROCESS_ATTACH
21/11/12 20:17:45
A
21/11/12 20:17:45
D
call: DLL_PROCESS_DETACH
21/11/12 20:27:44
A
21/11/12 20:27:44
D
call: DLL_PROCESS_DETACH
21/11/12 20:27:44
A
21/11/12 20:27:44
F
21/11/12 20:31:33
D
call: DLL_PROCESS_ATTACH
21/11/12 20:31:43
A
21/11/12 20:31:43
D
call: DLL_PROCESS_DETACH
21/11/12 20:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 20:32:45
A
21/11/12 20:32:45
D
call: DLL_PROCESS_DETACH
21/11/12 20:46:42
D
call: DLL_PROCESS_ATTACH
21/11/12 20:46:54
A
21/11/12 20:46:54
D
call: DLL_PROCESS_DETACH
21/11/12 20:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 20:47:45
A
21/11/12 20:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 21:00:02
D
call: DLL_PROCESS_ATTACH
21/11/12 21:00:02
A

Enter DllMain -> Handle: 1945960448 - Reason for

Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945960448 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
-> NtTerminateProcessCallback

21/11/12 21:00:02
D
call: DLL_PROCESS_DETACH
21/11/12 21:01:54
D
call: DLL_PROCESS_ATTACH
21/11/12 21:02:09
A
21/11/12 21:02:09
D
call: DLL_PROCESS_DETACH
21/11/12 21:02:45
D
call: DLL_PROCESS_ATTACH
21/11/12 21:02:45
A
21/11/12 21:02:45
D
call: DLL_PROCESS_DETACH
21/11/12 21:17:09
D
call: DLL_PROCESS_ATTACH
21/11/12 21:17:27
A
21/11/12 21:17:27
D
call: DLL_PROCESS_DETACH
21/11/12 21:17:45
D
call: DLL_PROCESS_ATTACH
21/11/12 21:17:45
A
21/11/12 21:17:45
D
call: DLL_PROCESS_DETACH
21/11/12 21:32:27
D
call: DLL_PROCESS_ATTACH
21/11/12 21:32:45
D
call: DLL_PROCESS_ATTACH
21/11/12 21:32:45
A
21/11/12 21:32:45
D
call: DLL_PROCESS_DETACH
21/11/12 21:32:51
A
21/11/12 21:32:51
D
call: DLL_PROCESS_DETACH
21/11/12 21:47:45
D
call: DLL_PROCESS_ATTACH
21/11/12 21:47:45
A
21/11/12 21:47:45
D
call: DLL_PROCESS_DETACH
21/11/12 21:47:50
D
call: DLL_PROCESS_ATTACH
21/11/12 21:48:14
A
21/11/12 21:48:14
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1945960448 - Reason for

Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 4092657664 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for

21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
21/11/12 21:56:41
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
A
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
A
22/11/12 10:18:34
A
22/11/12 10:18:34
A
22/11/12 10:18:34
A
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
D
call: DLL_PROCESS_ATTACH
22/11/12 10:18:34
A
22/11/12 10:18:34
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:34
A
22/11/12 10:18:34
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:35
A
22/11/12 10:18:35
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:35
A
22/11/12 10:18:35
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:35
A
22/11/12 10:18:35
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:37
A
22/11/12 10:18:37
F
22/11/12 10:18:37
A
22/11/12 10:18:37
F
22/11/12 10:18:37
A
22/11/12 10:18:37
F
22/11/12 10:18:37
A
22/11/12 10:18:37
F
22/11/12 10:18:37
A
22/11/12 10:18:37
F

Enter DllMain -> Handle: 1945960448 - Reason for

Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 1945960448 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

22/11/12 10:18:37
A
22/11/12 10:18:37
F
22/11/12 10:18:38
A
22/11/12 10:18:38
A
22/11/12 10:18:38
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:43
A
22/11/12 10:18:43
D
call: DLL_PROCESS_DETACH
22/11/12 10:18:54
A
22/11/12 10:18:54
D
call: DLL_PROCESS_DETACH
22/11/12 10:31:25
D
call: DLL_PROCESS_ATTACH
22/11/12 10:31:25
A
22/11/12 10:31:25
D
call: DLL_PROCESS_DETACH
22/11/12 10:33:24
D
call: DLL_PROCESS_ATTACH
22/11/12 10:33:29
A
22/11/12 10:43:03
D
call: DLL_PROCESS_ATTACH
22/11/12 10:43:06
A
22/11/12 10:43:06
D
call: DLL_PROCESS_DETACH
22/11/12 11:00:00
D
call: DLL_PROCESS_ATTACH
22/11/12 11:00:00
A
22/11/12 11:00:00
D
call: DLL_PROCESS_DETACH
22/11/12 11:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 11:05:29
A
22/11/12 11:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 11:11:07
D
call: DLL_PROCESS_ATTACH
22/11/12 11:11:25
A
22/11/12 11:11:25
D
call: DLL_PROCESS_DETACH
22/11/12 11:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 11:20:29
A
22/11/12 11:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 11:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 11:35:29
A
22/11/12 11:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 11:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 11:50:29
A
22/11/12 11:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 12:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 12:00:01
A
22/11/12 12:00:01
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for

22/11/12 12:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 12:05:29
A
22/11/12 12:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 12:16:48
D
call: DLL_PROCESS_ATTACH
22/11/12 12:16:48
A
22/11/12 12:16:48
D
call: DLL_PROCESS_DETACH
22/11/12 12:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 12:20:29
A
22/11/12 12:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 12:25:37
A
22/11/12 12:25:37
D
call: DLL_PROCESS_DETACH
22/11/12 12:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 12:35:29
A
22/11/12 12:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 12:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 12:50:29
A
22/11/12 12:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 13:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 13:00:01
A
22/11/12 13:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 13:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 13:05:29
A
22/11/12 13:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 13:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 13:20:29
A
22/11/12 13:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 13:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 13:35:29
A
22/11/12 13:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 13:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 13:50:29
A
22/11/12 13:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 14:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 14:00:01
A
22/11/12 14:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 14:05:29
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4109565952 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for

22/11/12 14:05:29
A
22/11/12 14:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 14:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 14:20:29
A
22/11/12 14:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 14:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 14:35:29
A
22/11/12 14:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 14:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 14:50:29
A
22/11/12 14:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 15:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 15:00:01
A
22/11/12 15:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 15:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 15:05:29
A
22/11/12 15:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 15:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 15:20:29
A
22/11/12 15:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 15:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 15:35:29
A
22/11/12 15:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 15:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 15:50:29
A
22/11/12 15:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 16:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 16:00:01
A
22/11/12 16:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 16:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 16:05:29
A
22/11/12 16:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 16:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 16:20:29
A
22/11/12 16:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 16:35:29
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for

22/11/12 16:35:29
A
22/11/12 16:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 16:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 16:50:29
A
22/11/12 16:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 17:00:01
A
22/11/12 17:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 17:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 17:05:29
A
22/11/12 17:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 17:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 17:20:29
A
22/11/12 17:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 17:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 17:35:29
A
22/11/12 17:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 17:38:23
A
22/11/12 17:38:23
F
22/11/12 17:39:21
D
call: DLL_PROCESS_ATTACH
22/11/12 17:39:21
A
22/11/12 17:39:21
D
call: DLL_PROCESS_DETACH
22/11/12 17:39:21
D
call: DLL_PROCESS_ATTACH
22/11/12 17:39:22
D
call: DLL_PROCESS_ATTACH
22/11/12 17:39:32
A
22/11/12 17:39:32
R
22/11/12 17:39:32
A
22/11/12 17:39:32
D
call: DLL_PROCESS_DETACH
22/11/12 17:39:41
D
call: DLL_PROCESS_ATTACH
22/11/12 17:39:41
A
22/11/12 17:39:41
D
call: DLL_PROCESS_DETACH
22/11/12 17:39:41
D
call: DLL_PROCESS_ATTACH
22/11/12 17:39:41
D
call: DLL_PROCESS_ATTACH
22/11/12 17:41:54
D
call: DLL_PROCESS_ATTACH
22/11/12 17:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 17:50:29
A
22/11/12 17:50:29
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for

22/11/12 18:00:00
D
call: DLL_PROCESS_ATTACH
22/11/12 18:00:00
A
22/11/12 18:00:00
D
call: DLL_PROCESS_DETACH
22/11/12 18:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 18:05:29
A
22/11/12 18:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 18:09:08
A
22/11/12 18:09:08
R
22/11/12 18:09:08
A
22/11/12 18:09:08
D
call: DLL_PROCESS_DETACH
22/11/12 18:09:08
A
22/11/12 18:09:08
D
call: DLL_PROCESS_DETACH
22/11/12 18:09:37
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:37
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:46
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:47
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:49
A
22/11/12 18:09:49
D
call: DLL_PROCESS_DETACH
22/11/12 18:09:51
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:52
D
call: DLL_PROCESS_ATTACH
22/11/12 18:09:58
D
call: DLL_PROCESS_ATTACH
22/11/12 18:10:00
A
22/11/12 18:10:00
D
call: DLL_PROCESS_DETACH
22/11/12 18:10:02
A
22/11/12 18:10:02
A
22/11/12 18:10:02
D
call: DLL_PROCESS_DETACH
22/11/12 18:10:21
D
call: DLL_PROCESS_ATTACH
22/11/12 18:10:27
A
22/11/12 18:10:27
A
22/11/12 18:10:27
R
22/11/12 18:10:31
D
call: DLL_PROCESS_ATTACH
22/11/12 18:11:05
D
call: DLL_PROCESS_ATTACH
22/11/12 18:11:08
A
22/11/12 18:11:08
D
call: DLL_PROCESS_DETACH
22/11/12 18:11:27
A
22/11/12 18:11:27
D
call: DLL_PROCESS_DETACH
22/11/12 18:11:27
D
call: DLL_PROCESS_ATTACH
22/11/12 18:11:33
D

Enter DllMain -> Handle: 1957298176 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for

call: DLL_PROCESS_ATTACH
22/11/12 18:11:34
A
22/11/12 18:11:34
D
call: DLL_PROCESS_ATTACH
22/11/12 18:11:34
D
call: DLL_PROCESS_DETACH
22/11/12 18:11:51
A
22/11/12 18:11:51
R
22/11/12 18:11:51
A
22/11/12 18:11:51
D
call: DLL_PROCESS_DETACH
22/11/12 18:11:51
A
22/11/12 18:11:51
D
call: DLL_PROCESS_DETACH
22/11/12 18:11:54
D
call: DLL_PROCESS_ATTACH
22/11/12 18:11:54
A
22/11/12 18:11:54
D
call: DLL_PROCESS_DETACH
22/11/12 18:12:51
A
22/11/12 18:12:51
D
call: DLL_PROCESS_DETACH
22/11/12 18:18:18
A
22/11/12 18:18:18
D
call: DLL_PROCESS_DETACH
22/11/12 18:18:32
D
call: DLL_PROCESS_ATTACH
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:40
A
22/11/12 18:18:40
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45
18:18:45

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:45
A
22/11/12 18:18:45
F
22/11/12 18:18:46
A
22/11/12 18:18:46
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:47
A
22/11/12 18:18:47
F
22/11/12 18:18:50
A
22/11/12 18:18:50
F
22/11/12 18:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 18:20:29
A

lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback

22/11/12 18:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 18:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 18:35:29
A
22/11/12 18:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 18:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 18:50:29
A
22/11/12 18:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
22/11/12 19:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 19:00:01
A
22/11/12 19:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 19:00:14
A
22/11/12 19:00:14
D
call: DLL_PROCESS_DETACH
22/11/12 19:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 19:05:29
A
22/11/12 19:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A
22/11/12 19:10:05
F
22/11/12 19:10:05
A

Enter DllMain -> Handle: 4109565952 - Reason for

Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:10:05
19:10:05
19:10:05
19:10:05
19:10:05
19:10:05
19:10:05
19:10:05
19:10:05
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:07
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:10:08
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:01
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:03
19:12:04
19:12:04
19:12:04

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:04
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:06
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07
19:12:07

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:07
19:12:07
19:12:07
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:08
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:35
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:38
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:39
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback

22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12
22/11/12

19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:44
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45
19:12:45

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback

22/11/12 19:12:45
F
22/11/12 19:12:45
A
22/11/12 19:12:45
F
22/11/12 19:12:45
A
22/11/12 19:12:45
F
22/11/12 19:12:45
A
22/11/12 19:12:45
F
22/11/12 19:12:45
A
22/11/12 19:12:45
F
22/11/12 19:12:45
D
call: DLL_PROCESS_ATTACH
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A

lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:46
A
22/11/12 19:12:46
F
22/11/12 19:12:49
A
22/11/12 19:12:49
D
call: DLL_PROCESS_DETACH
22/11/12 19:12:50
A
22/11/12 19:12:50
F
22/11/12 19:12:51
A
22/11/12 19:12:51
D
call: DLL_PROCESS_DETACH
22/11/12 19:15:14
D
call: DLL_PROCESS_ATTACH
22/11/12 19:15:29
A
22/11/12 19:15:29
D
call: DLL_PROCESS_DETACH
22/11/12 19:18:57
D
call: DLL_PROCESS_ATTACH
22/11/12 19:20:25
D
call: DLL_PROCESS_ATTACH
22/11/12 19:20:25
A
22/11/12 19:20:25
A
22/11/12 19:20:25
A
22/11/12 19:20:25
A
22/11/12 19:20:25
D
call: DLL_PROCESS_ATTACH
22/11/12 19:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 19:20:29
A
22/11/12 19:20:29
D

lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for

call: DLL_PROCESS_DETACH
22/11/12 19:20:51
A
22/11/12 19:20:51
D
call: DLL_PROCESS_DETACH
22/11/12 19:20:52
A
22/11/12 19:20:52
D
call: DLL_PROCESS_DETACH
22/11/12 19:30:29
D
call: DLL_PROCESS_ATTACH
22/11/12 19:30:47
A
22/11/12 19:30:47
D
call: DLL_PROCESS_DETACH
22/11/12 19:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 19:35:29
A
22/11/12 19:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 19:45:46
D
call: DLL_PROCESS_ATTACH
22/11/12 19:46:06
A
22/11/12 19:46:06
D
call: DLL_PROCESS_DETACH
22/11/12 19:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 19:50:29
A
22/11/12 19:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
22/11/12 20:00:01
A
22/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 20:01:06
D
call: DLL_PROCESS_ATTACH
22/11/12 20:01:29
A
22/11/12 20:01:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 20:05:29
A
22/11/12 20:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:16:29
D
call: DLL_PROCESS_ATTACH
22/11/12 20:16:55
A
22/11/12 20:16:55
D
call: DLL_PROCESS_DETACH
22/11/12 20:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 20:20:29
A
22/11/12 20:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:31:55
D
call: DLL_PROCESS_ATTACH
22/11/12 20:32:24
A
22/11/12 20:32:24
D
call: DLL_PROCESS_DETACH
22/11/12 20:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 20:35:29
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback

22/11/12 20:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:41:04
D
call: DLL_PROCESS_ATTACH
22/11/12 20:41:05
D
call: DLL_PROCESS_ATTACH
22/11/12 20:41:11
D
call: DLL_PROCESS_ATTACH
22/11/12 20:41:13
A
22/11/12 20:41:13
A
22/11/12 20:41:13
R
22/11/12 20:41:43
D
call: DLL_PROCESS_ATTACH
22/11/12 20:47:24
D
call: DLL_PROCESS_ATTACH
22/11/12 20:47:57
A
22/11/12 20:47:57
D
call: DLL_PROCESS_DETACH
22/11/12 20:50:29
D
call: DLL_PROCESS_ATTACH
22/11/12 20:50:29
A
22/11/12 20:50:29
D
call: DLL_PROCESS_DETACH
22/11/12 20:56:45
D
call: DLL_PROCESS_ATTACH
22/11/12 20:56:46
A
22/11/12 20:56:46
D
call: DLL_PROCESS_DETACH
22/11/12 20:56:46
D
call: DLL_PROCESS_ATTACH
22/11/12 20:56:46
A
22/11/12 20:56:46
D
call: DLL_PROCESS_DETACH
22/11/12 21:00:00
D
call: DLL_PROCESS_ATTACH
22/11/12 21:00:01
A
22/11/12 21:00:01
D
call: DLL_PROCESS_DETACH
22/11/12 21:02:56
D
call: DLL_PROCESS_ATTACH
22/11/12 21:02:59
A
22/11/12 21:02:59
D
call: DLL_PROCESS_DETACH
22/11/12 21:05:29
D
call: DLL_PROCESS_ATTACH
22/11/12 21:05:29
A
22/11/12 21:05:29
D
call: DLL_PROCESS_DETACH
22/11/12 21:11:36
A
22/11/12 21:11:36
R
22/11/12 21:11:36
A
22/11/12 21:11:36
D
call: DLL_PROCESS_DETACH
22/11/12 21:11:36
A
22/11/12 21:11:36
D
call: DLL_PROCESS_DETACH
22/11/12 21:12:39
D
call: DLL_PROCESS_ATTACH
22/11/12 21:12:40
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4109565952 - Reason for

Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for

22/11/12 21:12:44
D
call: DLL_PROCESS_ATTACH
22/11/12 21:13:10
D
call: DLL_PROCESS_ATTACH
22/11/12 21:13:15
A
22/11/12 21:13:15
R
22/11/12 21:14:21
D
call: DLL_PROCESS_ATTACH
22/11/12 21:15:03
A
22/11/12 21:15:03
F
22/11/12 21:17:36
D
call: DLL_PROCESS_ATTACH
22/11/12 21:17:37
D
call: DLL_PROCESS_ATTACH
22/11/12 21:17:51
A
22/11/12 21:17:51
D
call: DLL_PROCESS_DETACH
22/11/12 21:17:54
A
22/11/12 21:17:55
D
call: DLL_PROCESS_DETACH
22/11/12 21:17:59
D
call: DLL_PROCESS_ATTACH
22/11/12 21:18:05
A
22/11/12 21:18:05
D
call: DLL_PROCESS_DETACH
22/11/12 21:18:47
A
22/11/12 21:20:29
D
call: DLL_PROCESS_ATTACH
22/11/12 21:20:29
A
22/11/12 21:20:29
D
call: DLL_PROCESS_DETACH
22/11/12 21:21:05
A
22/11/12 21:21:05
R
22/11/12 21:33:05
D
call: DLL_PROCESS_ATTACH
22/11/12 21:33:14
A
22/11/12 21:33:14
D
call: DLL_PROCESS_DETACH
22/11/12 21:35:29
D
call: DLL_PROCESS_ATTACH
22/11/12 21:35:29
A
22/11/12 21:35:29
D
call: DLL_PROCESS_DETACH
22/11/12 21:39:54
A
22/11/12 21:39:54
R
22/11/12 21:39:54
A
22/11/12 21:39:54
D
call: DLL_PROCESS_DETACH
22/11/12 21:39:54
A
22/11/12 21:39:54
D
call: DLL_PROCESS_DETACH
22/11/12 21:39:56
D
call: DLL_PROCESS_ATTACH
22/11/12 21:39:56
D
call: DLL_PROCESS_ATTACH
22/11/12 21:40:04
D
call: DLL_PROCESS_ATTACH
22/11/12 21:40:17
A
22/11/12 21:40:17
R
22/11/12 21:40:17
A

Enter DllMain -> Handle: 1957298176 - Reason for

Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1957298176 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4109565952 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 1957298176 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback

22/11/12 21:40:17
R
22/11/12 21:40:18
A
22/11/12 21:40:18
D
call: DLL_PROCESS_DETACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
A
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
A
23/11/12 15:59:58
A
23/11/12 15:59:58
A
23/11/12 15:59:58
A
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
D
call: DLL_PROCESS_ATTACH
23/11/12 15:59:58
A
23/11/12 15:59:58
D
call: DLL_PROCESS_DETACH
23/11/12 15:59:58
A
23/11/12 15:59:58
D
call: DLL_PROCESS_DETACH
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:58
A
23/11/12 15:59:58
F
23/11/12 15:59:59
A
23/11/12 15:59:59
A
23/11/12 15:59:59
D
call: DLL_PROCESS_DETACH
23/11/12 16:00:02
D
call: DLL_PROCESS_ATTACH
23/11/12 16:00:02
A
23/11/12 16:00:02
D
call: DLL_PROCESS_DETACH

La victima es chrome.exe Asesino chrome.exe

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1957298176 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 16:00:04
A
23/11/12 16:00:04
D
call: DLL_PROCESS_DETACH
23/11/12 16:00:16
A
23/11/12 16:00:16
D
call: DLL_PROCESS_DETACH
23/11/12 16:00:46
D
call: DLL_PROCESS_ATTACH
23/11/12 16:00:48
D
call: DLL_PROCESS_ATTACH
23/11/12 16:00:48
A
23/11/12 16:00:48
A
23/11/12 16:00:48
A
23/11/12 16:00:48
A
23/11/12 16:00:48
D
call: DLL_PROCESS_ATTACH
23/11/12 16:00:48
D
call: DLL_PROCESS_ATTACH
23/11/12 16:01:06
A
23/11/12 16:01:06
D
call: DLL_PROCESS_DETACH
23/11/12 16:01:06
A
23/11/12 16:01:06
D
call: DLL_PROCESS_DETACH
23/11/12 16:01:08
D
call: DLL_PROCESS_ATTACH
23/11/12 16:01:10
D
call: DLL_PROCESS_ATTACH
23/11/12 16:01:10
A
23/11/12 16:01:10
A
23/11/12 16:01:10
A
23/11/12 16:01:10
A
23/11/12 16:01:10
D
call: DLL_PROCESS_ATTACH
23/11/12 16:01:10
D
call: DLL_PROCESS_ATTACH
23/11/12 16:01:13
A
23/11/12 16:01:13
D
call: DLL_PROCESS_DETACH
23/11/12 16:09:31
A
23/11/12 16:09:31
D
call: DLL_PROCESS_DETACH
23/11/12 16:09:31
A
23/11/12 16:09:31
D
call: DLL_PROCESS_DETACH
23/11/12 16:09:32
D
call: DLL_PROCESS_ATTACH
23/11/12 16:09:34
D
call: DLL_PROCESS_ATTACH
23/11/12 16:09:34
A
23/11/12 16:09:34
A
23/11/12 16:09:34
A
23/11/12 16:09:34
A
23/11/12 16:09:34
D
call: DLL_PROCESS_ATTACH
23/11/12 16:09:35
D
call: DLL_PROCESS_ATTACH
23/11/12 16:09:38
A
23/11/12 16:09:38
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 16:12:46
D
call: DLL_PROCESS_ATTACH
23/11/12 16:12:46
A
23/11/12 16:12:46
D
call: DLL_PROCESS_DETACH
23/11/12 16:14:31
A
23/11/12 16:14:31
D
call: DLL_PROCESS_DETACH
23/11/12 16:14:31
A
23/11/12 16:14:31
D
call: DLL_PROCESS_DETACH
23/11/12 16:14:38
A
23/11/12 16:14:38
D
call: DLL_PROCESS_DETACH
23/11/12 16:14:40
D
call: DLL_PROCESS_ATTACH
23/11/12 16:14:40
A
23/11/12 16:14:40
F
23/11/12 16:14:47
D
call: DLL_PROCESS_ATTACH
23/11/12 16:14:52
A
23/11/12 16:15:17
A
23/11/12 16:15:17
F
23/11/12 16:15:17
A
23/11/12 16:15:17
F
23/11/12 16:15:17
A
23/11/12 16:15:17
F
23/11/12 16:15:19
A
23/11/12 16:15:19
D
call: DLL_PROCESS_DETACH
23/11/12 16:15:19
A
23/11/12 16:15:19
F
23/11/12 16:15:21
D
call: DLL_PROCESS_ATTACH
23/11/12 16:15:23
D
call: DLL_PROCESS_ATTACH
23/11/12 16:15:23
A
23/11/12 16:15:23
A
23/11/12 16:15:23
A
23/11/12 16:15:23
A
23/11/12 16:15:23
D
call: DLL_PROCESS_ATTACH
23/11/12 16:15:23
D
call: DLL_PROCESS_ATTACH
23/11/12 16:23:35
A
23/11/12 16:23:35
D
call: DLL_PROCESS_DETACH
23/11/12 16:23:35
A
23/11/12 16:23:35
D
call: DLL_PROCESS_DETACH
23/11/12 16:23:37
D
call: DLL_PROCESS_ATTACH
23/11/12 16:23:40
A
23/11/12 16:23:40
F
23/11/12 16:23:40
A
23/11/12 16:23:40
F
23/11/12 16:23:42
A
23/11/12 16:23:42
D
call: DLL_PROCESS_DETACH
23/11/12 16:24:21
A

Enter DllMain -> Handle: 4081254400 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback

23/11/12 16:24:21
F
23/11/12 16:24:55
A
23/11/12 16:24:55
F
23/11/12 16:24:55
A
23/11/12 16:24:55
F
23/11/12 16:25:05
A
23/11/12 16:25:05
F
23/11/12 16:25:05
A
23/11/12 16:25:15
D
call: DLL_PROCESS_ATTACH
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:16
A
23/11/12 16:25:16
F
23/11/12 16:25:30
A
23/11/12 16:31:25
A
23/11/12 16:31:25
F
23/11/12 16:31:25
A
23/11/12 16:31:25
F
23/11/12 16:31:25
A
23/11/12 16:31:25
F
23/11/12 16:31:33
A
23/11/12 16:31:33
D
call: DLL_PROCESS_DETACH
23/11/12 16:31:33
A
23/11/12 16:31:33
F
23/11/12 16:31:38
D
call: DLL_PROCESS_ATTACH
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:39
A
23/11/12 16:31:39
F
23/11/12 16:31:49
A
23/11/12 16:33:00
A
23/11/12 16:33:00
F
23/11/12 16:33:00
A
23/11/12 16:33:00
F
23/11/12 16:33:01
A
23/11/12 16:33:01
F
23/11/12 16:33:14
A
23/11/12 16:33:14
D
call: DLL_PROCESS_DETACH
23/11/12 16:33:14
A
23/11/12 16:33:14
D
call: DLL_PROCESS_DETACH
23/11/12 16:33:14
A
23/11/12 16:33:14
F
23/11/12 16:36:16
D
call: DLL_PROCESS_ATTACH
23/11/12 16:36:37
A
23/11/12 16:36:37
D
call: DLL_PROCESS_DETACH
23/11/12 16:46:50
D
call: DLL_PROCESS_ATTACH
23/11/12 16:46:50
A
23/11/12 16:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
23/11/12 17:00:02
A
23/11/12 17:00:02
D
call: DLL_PROCESS_DETACH
23/11/12 17:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 17:01:50
A
23/11/12 17:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 17:04:54
D
call: DLL_PROCESS_ATTACH
23/11/12 17:04:56
A
23/11/12 17:04:56
F
23/11/12 17:04:56
A
23/11/12 17:04:56
F
23/11/12 17:05:33
A
23/11/12 17:05:33
F
23/11/12 17:11:48
A
23/11/12 17:11:48
F
23/11/12 17:11:48
A
23/11/12 17:11:48
F
23/11/12 17:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 17:16:50
A
23/11/12 17:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 17:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 17:31:50
A
23/11/12 17:31:50
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for

call: DLL_PROCESS_DETACH
23/11/12 17:44:40
D
call: DLL_PROCESS_ATTACH
23/11/12 17:44:40
D
call: DLL_PROCESS_ATTACH
23/11/12 17:44:45
D
call: DLL_PROCESS_ATTACH
23/11/12 17:44:45
A
23/11/12 17:44:45
D
call: DLL_PROCESS_DETACH
23/11/12 17:44:46
D
call: DLL_PROCESS_ATTACH
23/11/12 17:44:46
A
23/11/12 17:44:46
D
call: DLL_PROCESS_DETACH
23/11/12 17:45:56
D
call: DLL_PROCESS_ATTACH
23/11/12 17:46:02
A
23/11/12 17:46:02
R
23/11/12 17:46:02
D
call: DLL_PROCESS_ATTACH
23/11/12 17:46:45
D
call: DLL_PROCESS_ATTACH
23/11/12 17:46:46
A
23/11/12 17:46:50
D
call: DLL_PROCESS_ATTACH
23/11/12 17:46:50
A
23/11/12 17:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 17:47:04
D
call: DLL_PROCESS_ATTACH
23/11/12 17:47:04
D
call: DLL_PROCESS_ATTACH
23/11/12 17:47:16
A
23/11/12 17:47:16
D
call: DLL_PROCESS_DETACH
23/11/12 17:47:19
A
23/11/12 17:47:19
D
call: DLL_PROCESS_DETACH
23/11/12 17:47:35
A
23/11/12 17:47:35
F
23/11/12 17:47:35
D
call: DLL_PROCESS_ATTACH
23/11/12 17:47:40
A
23/11/12 17:47:42
A
23/11/12 17:47:42
D
call: DLL_PROCESS_DETACH
23/11/12 17:47:47
D
call: DLL_PROCESS_ATTACH
23/11/12 17:47:48
A
23/11/12 17:47:48
R
23/11/12 17:47:59
D
call: DLL_PROCESS_ATTACH
23/11/12 17:48:19
A
23/11/12 17:48:19
R
23/11/12 17:48:19
D
call: DLL_PROCESS_ATTACH
23/11/12 17:48:20
A
23/11/12 17:48:20
R
23/11/12 17:48:20
D

Enter DllMain -> Handle: 1949368320 - Reason for

Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for

call: DLL_PROCESS_ATTACH
23/11/12 17:48:23
A
23/11/12 17:48:23
R
23/11/12 17:49:25
D
call: DLL_PROCESS_ATTACH
23/11/12 17:49:25
A
23/11/12 17:49:25
R
23/11/12 17:50:40
D
call: DLL_PROCESS_ATTACH
23/11/12 17:51:10
A
23/11/12 17:51:10
R
23/11/12 17:52:18
D
call: DLL_PROCESS_ATTACH
23/11/12 17:52:22
A
23/11/12 17:52:22
R
23/11/12 17:52:22
D
call: DLL_PROCESS_ATTACH
23/11/12 17:52:45
A
23/11/12 17:52:45
R
23/11/12 17:52:45
D
call: DLL_PROCESS_ATTACH
23/11/12 17:53:01
A
23/11/12 17:53:01
R
23/11/12 17:53:01
D
call: DLL_PROCESS_ATTACH
23/11/12 17:53:31
A
23/11/12 17:53:31
R
23/11/12 17:54:26
D
call: DLL_PROCESS_ATTACH
23/11/12 17:54:39
A
23/11/12 17:54:39
R
23/11/12 17:55:17
D
call: DLL_PROCESS_ATTACH
23/11/12 17:55:17
A
23/11/12 17:55:17
R
23/11/12 17:55:35
D
call: DLL_PROCESS_ATTACH
23/11/12 17:55:50
A
23/11/12 17:55:50
R
23/11/12 17:55:50
D
call: DLL_PROCESS_ATTACH
23/11/12 17:56:20
A
23/11/12 17:56:20
R
23/11/12 17:58:00
D
call: DLL_PROCESS_ATTACH
23/11/12 17:58:11
A
23/11/12 17:58:11
R
23/11/12 17:58:11
D
call: DLL_PROCESS_ATTACH
23/11/12 17:58:17
A
23/11/12 17:58:17
R
23/11/12 17:58:17
D
call: DLL_PROCESS_ATTACH
23/11/12 17:58:38
A
23/11/12 17:58:38
R
23/11/12 17:58:38
D
call: DLL_PROCESS_ATTACH
23/11/12 17:58:42
A
23/11/12 17:58:42
A
23/11/12 17:58:42
R

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

23/11/12 17:59:11
D
call: DLL_PROCESS_ATTACH
23/11/12 17:59:11
A
23/11/12 17:59:11
R
23/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
23/11/12 18:00:01
A
23/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
23/11/12 18:00:08
D
call: DLL_PROCESS_ATTACH
23/11/12 18:00:08
A
23/11/12 18:00:26
A
23/11/12 18:00:26
D
call: DLL_PROCESS_ATTACH
23/11/12 18:00:26
A
23/11/12 18:00:26
O
23/11/12 18:00:26
V
23/11/12 18:00:26
V
23/11/12 18:00:26
A
23/11/12 18:00:26
A
23/11/12 18:00:26
A
23/11/12 18:00:26
O
23/11/12 18:00:26
V
23/11/12 18:00:26
V
23/11/12 18:00:26
F
23/11/12 18:00:26
V
23/11/12 18:00:26
V
23/11/12 18:00:27
A
23/11/12 18:00:27
A
23/11/12 18:00:27
A
23/11/12 18:00:27
O
23/11/12 18:00:27
V
23/11/12 18:00:27
V
23/11/12 18:00:27
F
23/11/12 18:00:27
V
23/11/12 18:00:27
V
23/11/12 18:00:27
A
23/11/12 18:00:27
A
23/11/12 18:00:27
A
23/11/12 18:00:27
O
23/11/12 18:00:27
V
23/11/12 18:00:27
V
23/11/12 18:00:27
F
23/11/12 18:00:27
V
23/11/12 18:00:27
V
23/11/12 18:00:48
D
call: DLL_PROCESS_ATTACH
23/11/12 18:00:51
A
23/11/12 18:00:51
R
23/11/12 18:00:51
D
call: DLL_PROCESS_ATTACH
23/11/12 18:01:22
A
23/11/12 18:01:22
R
23/11/12 18:01:23
D
call: DLL_PROCESS_ATTACH
23/11/12 18:01:35
A
23/11/12 18:01:35
R
23/11/12 18:01:35
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1949368320 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4081254400 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 18:01:46
A
23/11/12 18:01:46
R
23/11/12 18:01:46
D
call: DLL_PROCESS_ATTACH
23/11/12 18:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 18:01:50
A
23/11/12 18:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:02:03
A
23/11/12 18:02:03
R
23/11/12 18:02:03
D
call: DLL_PROCESS_ATTACH
23/11/12 18:02:34
A
23/11/12 18:02:34
R
23/11/12 18:02:51
A
23/11/12 18:02:51
D
call: DLL_PROCESS_DETACH
23/11/12 18:02:52
D
call: DLL_PROCESS_ATTACH
23/11/12 18:03:22
A
23/11/12 18:03:22
R
23/11/12 18:03:25
D
call: DLL_PROCESS_ATTACH
23/11/12 18:03:26
A
23/11/12 18:03:26
R
23/11/12 18:03:26
D
call: DLL_PROCESS_ATTACH
23/11/12 18:03:37
A
23/11/12 18:03:37
R
23/11/12 18:03:37
D
call: DLL_PROCESS_ATTACH
23/11/12 18:03:56
A
23/11/12 18:03:56
R
23/11/12 18:03:56
D
call: DLL_PROCESS_ATTACH
23/11/12 18:04:27
A
23/11/12 18:04:27
R
23/11/12 18:05:09
D
call: DLL_PROCESS_ATTACH
23/11/12 18:05:39
A
23/11/12 18:05:39
R
23/11/12 18:05:50
A
23/11/12 18:05:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:06:14
D
call: DLL_PROCESS_ATTACH
23/11/12 18:06:20
A
23/11/12 18:06:20
R
23/11/12 18:06:23
D
call: DLL_PROCESS_ATTACH
23/11/12 18:06:26
A
23/11/12 18:06:26
D
call: DLL_PROCESS_DETACH
23/11/12 18:06:55
A
23/11/12 18:06:55
F
23/11/12 18:06:55
D
call: DLL_PROCESS_ATTACH
23/11/12 18:06:56
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:56
A
23/11/12 18:06:56
F
23/11/12 18:06:57
A
23/11/12 18:06:57
F
23/11/12 18:07:00
A
23/11/12 18:07:00
A
23/11/12 18:07:00
D
call: DLL_PROCESS_DETACH
23/11/12 18:07:03
A
23/11/12 18:07:03
A
23/11/12 18:07:03
F
23/11/12 18:07:03
D
call: DLL_PROCESS_DETACH
23/11/12 18:07:03
A
23/11/12 18:07:03
F
23/11/12 18:07:03
A
23/11/12 18:07:03
F
23/11/12 18:07:03
D
call: DLL_PROCESS_ATTACH
23/11/12 18:07:08
A
23/11/12 18:07:08
A
23/11/12 18:07:08
D
call: DLL_PROCESS_DETACH
23/11/12 18:07:14
D
call: DLL_PROCESS_ATTACH
23/11/12 18:07:15
A
23/11/12 18:07:41
D
call: DLL_PROCESS_ATTACH
23/11/12 18:07:42
A
23/11/12 18:07:42
R
23/11/12 18:07:42
A
23/11/12 18:07:42
D
call: DLL_PROCESS_ATTACH
23/11/12 18:07:42
A
23/11/12 18:07:42
O
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
O
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
F

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4081254400 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient

23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
O
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
F
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
A
23/11/12 18:07:42
O
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:42
F
23/11/12 18:07:42
V
23/11/12 18:07:42
V
23/11/12 18:07:54
D
call: DLL_PROCESS_ATTACH
23/11/12 18:08:04
A
23/11/12 18:08:04
R
23/11/12 18:08:04
D
call: DLL_PROCESS_ATTACH
23/11/12 18:08:10
A
23/11/12 18:08:10
F
23/11/12 18:08:10
A
23/11/12 18:08:10
F
23/11/12 18:08:35
A
23/11/12 18:08:35
R
23/11/12 18:08:40
A
23/11/12 18:08:40
F
23/11/12 18:08:41
A
23/11/12 18:08:41
F
23/11/12 18:08:41
A
23/11/12 18:08:41
A
23/11/12 18:08:41
F
23/11/12 18:08:52
D
call: DLL_PROCESS_ATTACH
23/11/12 18:09:22
A
23/11/12 18:09:22
R
23/11/12 18:09:38
D
call: DLL_PROCESS_ATTACH
23/11/12 18:10:08
A
23/11/12 18:10:08
R
23/11/12 18:10:22
D
call: DLL_PROCESS_ATTACH
23/11/12 18:10:52
A
23/11/12 18:10:52
R
23/11/12 18:12:29
A
23/11/12 18:12:29
D
call: DLL_PROCESS_DETACH
23/11/12 18:12:53
D
call: DLL_PROCESS_ATTACH
23/11/12 18:13:23
A
23/11/12 18:13:23
R
23/11/12 18:13:29
D
call: DLL_PROCESS_ATTACH

DevMode Impresora: CyberClient

DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 18:13:30
A
23/11/12 18:13:42
A
23/11/12 18:13:42
D
call: DLL_PROCESS_DETACH
23/11/12 18:13:49
A
23/11/12 18:13:49
D
call: DLL_PROCESS_DETACH
23/11/12 18:14:10
D
call: DLL_PROCESS_ATTACH
23/11/12 18:14:10
D
call: DLL_PROCESS_ATTACH
23/11/12 18:14:10
A
23/11/12 18:14:10
D
call: DLL_PROCESS_DETACH
23/11/12 18:14:32
D
call: DLL_PROCESS_ATTACH
23/11/12 18:15:02
A
23/11/12 18:15:02
R
23/11/12 18:15:20
A
23/11/12 18:15:20
F
23/11/12 18:15:20
D
call: DLL_PROCESS_ATTACH
23/11/12 18:15:21
D
call: DLL_PROCESS_ATTACH
23/11/12 18:15:21
A
23/11/12 18:15:25
A
23/11/12 18:15:25
A
23/11/12 18:15:25
D
call: DLL_PROCESS_DETACH
23/11/12 18:16:29
A
23/11/12 18:16:29
D
call: DLL_PROCESS_DETACH
23/11/12 18:16:41
D
call: DLL_PROCESS_ATTACH
23/11/12 18:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 18:16:50
A
23/11/12 18:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:17:00
A
23/11/12 18:17:00
F
23/11/12 18:17:08
A
23/11/12 18:17:08
R
23/11/12 18:17:08
D
call: DLL_PROCESS_ATTACH
23/11/12 18:17:13
A
23/11/12 18:17:13
R
23/11/12 18:17:13
D
call: DLL_PROCESS_ATTACH
23/11/12 18:17:43
A
23/11/12 18:17:43
A
23/11/12 18:17:43
R
23/11/12 18:18:26
D
call: DLL_PROCESS_ATTACH
23/11/12 18:18:27
A
23/11/12 18:18:38
A
23/11/12 18:18:38
F
23/11/12 18:18:38
D
call: DLL_PROCESS_ATTACH
23/11/12 18:18:43
A

-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback

23/11/12 18:18:50
A
23/11/12 18:18:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:20:05
D
call: DLL_PROCESS_ATTACH
23/11/12 18:20:35
A
23/11/12 18:20:35
R
23/11/12 18:20:50
D
call: DLL_PROCESS_ATTACH
23/11/12 18:20:50
A
23/11/12 18:21:13
A
23/11/12 18:21:13
D
call: DLL_PROCESS_DETACH
23/11/12 18:21:56
D
call: DLL_PROCESS_ATTACH
23/11/12 18:22:26
A
23/11/12 18:22:26
D
call: DLL_PROCESS_DETACH
23/11/12 18:22:26
A
23/11/12 18:22:26
R
23/11/12 18:22:29
D
call: DLL_PROCESS_ATTACH
23/11/12 18:22:29
A
23/11/12 18:22:30
A
23/11/12 18:22:30
D
call: DLL_PROCESS_ATTACH
23/11/12 18:22:30
A
23/11/12 18:22:30
O
23/11/12 18:22:30
V
23/11/12 18:22:30
V
23/11/12 18:22:31
A
23/11/12 18:22:31
O
23/11/12 18:22:31
V
23/11/12 18:22:31
V
23/11/12 18:22:31
A
23/11/12 18:22:31
A
23/11/12 18:22:31
A
23/11/12 18:22:31
O
23/11/12 18:22:31
V
23/11/12 18:22:31
V
23/11/12 18:22:31
F
23/11/12 18:22:31
V
23/11/12 18:22:31
V
23/11/12 18:22:35
A
23/11/12 18:22:35
O
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
A
23/11/12 18:22:35
A
23/11/12 18:22:35
A
23/11/12 18:22:35
O
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
A
23/11/12 18:22:35
O
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4081254400 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> ResetDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
DevMode Impresora: CyberClient
DevMode Copies: 1
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> ResetDCWCallback

23/11/12 18:22:35
A
23/11/12 18:22:35
A
23/11/12 18:22:35
O
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:35
V
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
O
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:22:40
F
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
O
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:22:40
F
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
A
23/11/12 18:22:40
O
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:22:40
F
23/11/12 18:22:40
V
23/11/12 18:22:40
V
23/11/12 18:23:09
D
call: DLL_PROCESS_ATTACH
23/11/12 18:23:14
A
23/11/12 18:23:17
A
23/11/12 18:23:17
D
call: DLL_PROCESS_DETACH
23/11/12 18:23:47
D
call: DLL_PROCESS_ATTACH
23/11/12 18:24:00
A
23/11/12 18:24:00
R
23/11/12 18:24:11
D
call: DLL_PROCESS_ATTACH
23/11/12 18:24:11
A
23/11/12 18:24:31
A
23/11/12 18:24:31
D
call: DLL_PROCESS_DETACH
23/11/12 18:24:59
A
23/11/12 18:24:59
F
23/11/12 18:25:10
D
call: DLL_PROCESS_ATTACH
23/11/12 18:25:10
A
23/11/12 18:25:33
A
23/11/12 18:25:33
D
call: DLL_PROCESS_DETACH
23/11/12 18:25:39
D
call: DLL_PROCESS_ATTACH

-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 18:25:39
A
23/11/12 18:25:39
R
23/11/12 18:25:49
D
call: DLL_PROCESS_ATTACH
23/11/12 18:25:50
D
call: DLL_PROCESS_ATTACH
23/11/12 18:25:51
A
23/11/12 18:25:51
D
call: DLL_PROCESS_DETACH
23/11/12 18:25:51
A
23/11/12 18:25:51
R
23/11/12 18:26:19
A
23/11/12 18:26:19
R
23/11/12 18:26:30
A
23/11/12 18:26:30
D
call: DLL_PROCESS_DETACH
23/11/12 18:27:00
A
23/11/12 18:27:00
R
23/11/12 18:27:11
D
call: DLL_PROCESS_ATTACH
23/11/12 18:27:13
A
23/11/12 18:27:13
R
23/11/12 18:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 18:31:50
A
23/11/12 18:31:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:32:49
A
23/11/12 18:32:49
R
23/11/12 18:32:49
A
23/11/12 18:32:49
R
23/11/12 18:32:49
A
23/11/12 18:32:49
D
call: DLL_PROCESS_DETACH
23/11/12 18:32:49
A
23/11/12 18:32:49
D
call: DLL_PROCESS_DETACH
23/11/12 18:32:59
D
call: DLL_PROCESS_ATTACH
23/11/12 18:32:59
A
23/11/12 18:32:59
D
call: DLL_PROCESS_DETACH
23/11/12 18:33:00
D
call: DLL_PROCESS_ATTACH
23/11/12 18:33:05
A
23/11/12 18:33:05
A
23/11/12 18:33:05
D
call: DLL_PROCESS_DETACH
23/11/12 18:33:47
D
call: DLL_PROCESS_ATTACH
23/11/12 18:33:48
A
23/11/12 18:33:48
D
call: DLL_PROCESS_DETACH
23/11/12 18:33:48
D
call: DLL_PROCESS_ATTACH
23/11/12 18:33:48
A
23/11/12 18:33:48
F
23/11/12 18:33:49
A
23/11/12 18:33:54
A
23/11/12 18:46:50
D

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4081254400 - Reason for

call: DLL_PROCESS_ATTACH
23/11/12 18:46:50
A
23/11/12 18:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 18:57:58
A
23/11/12 18:57:58
F
23/11/12 18:57:58
A
23/11/12 18:57:58
A
23/11/12 18:57:58
F
23/11/12 18:57:58
F
23/11/12 18:57:58
D
call: DLL_PROCESS_ATTACH
23/11/12 18:58:03
A
23/11/12 18:58:03
A
23/11/12 18:58:03
D
call: DLL_PROCESS_DETACH
23/11/12 18:58:15
D
call: DLL_PROCESS_ATTACH
23/11/12 18:58:17
A
23/11/12 18:58:17
F
23/11/12 18:58:17
A
23/11/12 18:58:17
F
23/11/12 18:58:54
A
23/11/12 18:58:54
F
23/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
23/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
23/11/12 19:00:00
A
23/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
23/11/12 19:00:39
A
23/11/12 19:00:39
D
call: DLL_PROCESS_DETACH
23/11/12 19:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 19:01:50
A
23/11/12 19:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 19:07:40
A
23/11/12 19:07:40
D
call: DLL_PROCESS_DETACH
23/11/12 19:07:40
A
23/11/12 19:07:40
F
23/11/12 19:07:41
A
23/11/12 19:07:41
F
23/11/12 19:15:39
D
call: DLL_PROCESS_ATTACH
23/11/12 19:15:41
A
23/11/12 19:15:41
D
call: DLL_PROCESS_DETACH
23/11/12 19:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 19:16:50
A
23/11/12 19:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 19:30:41
D
call: DLL_PROCESS_ATTACH
23/11/12 19:30:46
A
23/11/12 19:30:46
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for

call: DLL_PROCESS_DETACH
23/11/12 19:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 19:31:50
A
23/11/12 19:31:50
D
call: DLL_PROCESS_DETACH
23/11/12 19:45:46
D
call: DLL_PROCESS_ATTACH
23/11/12 19:45:54
A
23/11/12 19:45:54
D
call: DLL_PROCESS_DETACH
23/11/12 19:46:50
D
call: DLL_PROCESS_ATTACH
23/11/12 19:46:50
A
23/11/12 19:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 19:55:32
D
call: DLL_PROCESS_ATTACH
23/11/12 19:55:32
A
23/11/12 19:55:32
D
call: DLL_PROCESS_DETACH
23/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
23/11/12 20:00:01
A
23/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
23/11/12 20:00:53
D
call: DLL_PROCESS_ATTACH
23/11/12 20:01:04
A
23/11/12 20:01:04
D
call: DLL_PROCESS_DETACH
23/11/12 20:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 20:01:50
A
23/11/12 20:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 20:16:03
D
call: DLL_PROCESS_ATTACH
23/11/12 20:16:17
A
23/11/12 20:16:17
D
call: DLL_PROCESS_DETACH
23/11/12 20:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 20:16:50
A
23/11/12 20:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 20:31:16
D
call: DLL_PROCESS_ATTACH
23/11/12 20:31:33
A
23/11/12 20:31:33
D
call: DLL_PROCESS_DETACH
23/11/12 20:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 20:31:50
A
23/11/12 20:31:50
D
call: DLL_PROCESS_DETACH
23/11/12 20:34:10
D
call: DLL_PROCESS_ATTACH
23/11/12 20:34:10
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4081254400 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for

23/11/12 20:34:24
D
call: DLL_PROCESS_ATTACH
23/11/12 20:34:26
A
23/11/12 20:34:26
R
23/11/12 20:34:32
D
call: DLL_PROCESS_ATTACH
23/11/12 20:34:42
D
call: DLL_PROCESS_ATTACH
23/11/12 20:35:02
A
23/11/12 20:35:02
D
call: DLL_PROCESS_DETACH
23/11/12 20:35:04
A
23/11/12 20:35:04
R
23/11/12 20:40:48
D
call: DLL_PROCESS_ATTACH
23/11/12 20:40:48
A
23/11/12 20:40:48
D
call: DLL_PROCESS_DETACH
23/11/12 20:40:49
D
call: DLL_PROCESS_ATTACH
23/11/12 20:40:49
A
23/11/12 20:40:49
D
call: DLL_PROCESS_DETACH
23/11/12 20:43:45
D
call: DLL_PROCESS_ATTACH
23/11/12 20:43:49
D
call: DLL_PROCESS_ATTACH
23/11/12 20:43:52
A
23/11/12 20:43:52
D
call: DLL_PROCESS_DETACH
23/11/12 20:43:52
A
23/11/12 20:43:52
R
23/11/12 20:43:54
D
call: DLL_PROCESS_ATTACH
23/11/12 20:43:55
A
23/11/12 20:43:55
R
23/11/12 20:44:18
D
call: DLL_PROCESS_ATTACH
23/11/12 20:46:22
D
call: DLL_PROCESS_ATTACH
23/11/12 20:46:32
D
call: DLL_PROCESS_ATTACH
23/11/12 20:46:50
D
call: DLL_PROCESS_ATTACH
23/11/12 20:46:50
A
23/11/12 20:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 20:46:52
A
23/11/12 20:46:52
D
call: DLL_PROCESS_DETACH
23/11/12 20:50:01
A
23/11/12 20:50:01
R
23/11/12 20:52:18
A
23/11/12 20:52:18
R
23/11/12 20:52:18
A
23/11/12 20:52:18
R
23/11/12 20:52:22
A
23/11/12 20:52:22
R
23/11/12 20:52:22
A
23/11/12 20:52:22
D

Enter DllMain -> Handle: 1949368320 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for

call: DLL_PROCESS_DETACH
23/11/12 20:52:22
A
23/11/12 20:52:22
D
call: DLL_PROCESS_DETACH
23/11/12 21:00:01
D
call: DLL_PROCESS_ATTACH
23/11/12 21:00:01
A
23/11/12 21:00:01
D
call: DLL_PROCESS_DETACH
23/11/12 21:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 21:01:50
A
23/11/12 21:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 21:01:51
D
call: DLL_PROCESS_ATTACH
23/11/12 21:02:14
A
23/11/12 21:02:14
D
call: DLL_PROCESS_DETACH
23/11/12 21:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 21:16:50
A
23/11/12 21:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 21:17:13
D
call: DLL_PROCESS_ATTACH
23/11/12 21:17:39
A
23/11/12 21:17:39
D
call: DLL_PROCESS_DETACH
23/11/12 21:23:05
D
call: DLL_PROCESS_ATTACH
23/11/12 21:23:05
D
call: DLL_PROCESS_ATTACH
23/11/12 21:23:13
D
call: DLL_PROCESS_ATTACH
23/11/12 21:23:13
A
23/11/12 21:23:13
A
23/11/12 21:23:13
R
23/11/12 21:23:20
D
call: DLL_PROCESS_ATTACH
23/11/12 21:30:24
D
call: DLL_PROCESS_ATTACH
23/11/12 21:30:28
D
call: DLL_PROCESS_ATTACH
23/11/12 21:30:29
A
23/11/12 21:30:29
A
23/11/12 21:30:29
R
23/11/12 21:30:36
D
call: DLL_PROCESS_ATTACH
23/11/12 21:30:36
A
23/11/12 21:30:36
R
23/11/12 21:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 21:31:50
A
23/11/12 21:31:50
D
call: DLL_PROCESS_DETACH
23/11/12 21:32:38
D
call: DLL_PROCESS_ATTACH
23/11/12 21:33:07
A
23/11/12 21:33:07
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for

call: DLL_PROCESS_DETACH
23/11/12 21:46:50
D
call: DLL_PROCESS_ATTACH
23/11/12 21:46:50
A
23/11/12 21:46:50
D
call: DLL_PROCESS_DETACH
23/11/12 21:48:07
D
call: DLL_PROCESS_ATTACH
23/11/12 21:48:39
A
23/11/12 21:48:39
D
call: DLL_PROCESS_DETACH
23/11/12 22:00:00
D
call: DLL_PROCESS_ATTACH
23/11/12 22:00:00
A
23/11/12 22:00:00
D
call: DLL_PROCESS_DETACH
23/11/12 22:01:50
D
call: DLL_PROCESS_ATTACH
23/11/12 22:01:50
A
23/11/12 22:01:50
D
call: DLL_PROCESS_DETACH
23/11/12 22:03:39
D
call: DLL_PROCESS_ATTACH
23/11/12 22:03:41
A
23/11/12 22:03:41
D
call: DLL_PROCESS_DETACH
23/11/12 22:05:26
A
23/11/12 22:05:26
R
23/11/12 22:16:50
D
call: DLL_PROCESS_ATTACH
23/11/12 22:16:50
A
23/11/12 22:16:50
D
call: DLL_PROCESS_DETACH
23/11/12 22:18:41
D
call: DLL_PROCESS_ATTACH
23/11/12 22:18:46
A
23/11/12 22:18:46
D
call: DLL_PROCESS_DETACH
23/11/12 22:31:50
D
call: DLL_PROCESS_ATTACH
23/11/12 22:31:50
A
23/11/12 22:31:50
D
call: DLL_PROCESS_DETACH
23/11/12 22:33:08
A
23/11/12 22:33:08
R
23/11/12 22:33:09
A
23/11/12 22:33:09
D
call: DLL_PROCESS_DETACH
23/11/12 22:33:09
A
23/11/12 22:33:09
D
call: DLL_PROCESS_DETACH
23/11/12 22:33:46
D
call: DLL_PROCESS_ATTACH
23/11/12 22:33:54
A
23/11/12 22:33:54
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4081254400 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for

23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
23/11/12 22:38:28
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
A
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:39
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:40
A
24/11/12 10:31:40
A
24/11/12 10:31:40
A
24/11/12 10:31:40
A
24/11/12 10:31:40
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:40
D
call: DLL_PROCESS_ATTACH
24/11/12 10:31:40
A
24/11/12 10:31:40
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:40
A
24/11/12 10:31:40
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:40
A
24/11/12 10:31:40
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:42
A
24/11/12 10:31:42
F
24/11/12 10:31:42
A
24/11/12 10:31:42
F

Enter DllMain -> Handle: 4081254400 - Reason for

Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 4081254400 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 1949368320 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

24/11/12 10:31:42
A
24/11/12 10:31:42
F
24/11/12 10:31:43
A
24/11/12 10:31:43
F
24/11/12 10:31:43
A
24/11/12 10:31:43
F
24/11/12 10:31:43
A
24/11/12 10:31:43
F
24/11/12 10:31:44
A
24/11/12 10:31:44
A
24/11/12 10:31:44
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:48
A
24/11/12 10:31:48
D
call: DLL_PROCESS_DETACH
24/11/12 10:31:59
A
24/11/12 10:31:59
D
call: DLL_PROCESS_DETACH
24/11/12 10:44:31
D
call: DLL_PROCESS_ATTACH
24/11/12 10:44:31
A
24/11/12 10:44:31
D
call: DLL_PROCESS_DETACH
24/11/12 10:46:30
D
call: DLL_PROCESS_ATTACH
24/11/12 10:46:36
A
24/11/12 11:00:01
D
call: DLL_PROCESS_ATTACH
24/11/12 11:00:01
A
24/11/12 11:00:01
D
call: DLL_PROCESS_DETACH
24/11/12 11:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 11:18:35
A
24/11/12 11:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 11:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 11:33:35
A
24/11/12 11:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 11:38:16
D
call: DLL_PROCESS_ATTACH
24/11/12 11:38:39
A
24/11/12 11:38:39
D
call: DLL_PROCESS_DETACH
24/11/12 11:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 11:48:35
A
24/11/12 11:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 11:48:47
A
24/11/12 11:48:47
F
24/11/12 11:48:49
D
call: DLL_PROCESS_ATTACH
24/11/12 11:48:50
A
24/11/12 11:48:50
F
24/11/12 11:48:50
A
24/11/12 11:48:50
F
24/11/12 11:49:29
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

24/11/12 11:49:29
F
24/11/12 11:50:52
A
24/11/12 11:50:52
F
24/11/12 11:50:52
A
24/11/12 11:50:53
A
24/11/12 11:50:53
F
24/11/12 11:50:56
D
call: DLL_PROCESS_ATTACH
24/11/12 11:50:57
A
24/11/12 11:50:57
F
24/11/12 11:50:57
A
24/11/12 11:50:57
F
24/11/12 11:51:35
A
24/11/12 11:51:35
F
24/11/12 12:00:01
D
call: DLL_PROCESS_ATTACH
24/11/12 12:00:01
A
24/11/12 12:00:01
D
call: DLL_PROCESS_DETACH
24/11/12 12:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 12:03:35
A
24/11/12 12:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 12:04:51
D
call: DLL_PROCESS_ATTACH
24/11/12 12:04:52
A
24/11/12 12:04:52
F
24/11/12 12:04:52
A
24/11/12 12:04:52
F
24/11/12 12:04:52
A
24/11/12 12:04:52
F
24/11/12 12:04:52
A
24/11/12 12:04:52
F
24/11/12 12:04:53
A
24/11/12 12:04:53
F
24/11/12 12:04:53
A
24/11/12 12:04:53
F
24/11/12 12:04:59
D
call: DLL_PROCESS_ATTACH
24/11/12 12:05:29
A
24/11/12 12:05:29
F
24/11/12 12:15:25
D
call: DLL_PROCESS_ATTACH
24/11/12 12:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 12:18:35
A
24/11/12 12:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 12:25:53
A
24/11/12 12:25:53
D
call: DLL_PROCESS_DETACH
24/11/12 12:25:53
A
24/11/12 12:25:53
D
call: DLL_PROCESS_DETACH
24/11/12 12:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 12:33:35
A
24/11/12 12:33:35
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for

24/11/12 12:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 12:48:35
A
24/11/12 12:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 13:00:02
D
call: DLL_PROCESS_ATTACH
24/11/12 13:00:02
A
24/11/12 13:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 13:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 13:03:35
A
24/11/12 13:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 13:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 13:18:35
A
24/11/12 13:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 13:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 13:33:35
A
24/11/12 13:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 13:45:27
D
call: DLL_PROCESS_ATTACH
24/11/12 13:45:27
A
24/11/12 13:45:27
D
call: DLL_PROCESS_DETACH
24/11/12 13:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 13:48:35
A
24/11/12 13:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 14:00:02
D
call: DLL_PROCESS_ATTACH
24/11/12 14:00:02
A
24/11/12 14:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 14:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 14:03:35
A
24/11/12 14:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 14:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 14:18:35
A
24/11/12 14:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 14:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 14:33:35
A
24/11/12 14:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 14:41:21
D
call: DLL_PROCESS_ATTACH
24/11/12 14:41:22
D
call: DLL_PROCESS_ATTACH
24/11/12 14:41:27
D

Enter DllMain -> Handle: 4111269888 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 14:41:28
A
24/11/12 14:41:28
R
24/11/12 14:41:51
D
call: DLL_PROCESS_ATTACH
24/11/12 14:44:08
D
call: DLL_PROCESS_ATTACH
24/11/12 14:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 14:48:35
A
24/11/12 14:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 15:00:02
D
call: DLL_PROCESS_ATTACH
24/11/12 15:00:02
A
24/11/12 15:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 15:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 15:03:35
A
24/11/12 15:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 15:06:27
A
24/11/12 15:06:27
R
24/11/12 15:06:32
A
24/11/12 15:06:32
R
24/11/12 15:06:33
A
24/11/12 15:06:33
R
24/11/12 15:06:33
A
24/11/12 15:06:33
D
call: DLL_PROCESS_DETACH
24/11/12 15:06:33
A
24/11/12 15:06:33
D
call: DLL_PROCESS_DETACH
24/11/12 15:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 15:18:35
A
24/11/12 15:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 15:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 15:33:35
A
24/11/12 15:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 15:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 15:48:35
A
24/11/12 15:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 16:00:02
D
call: DLL_PROCESS_ATTACH
24/11/12 16:00:02
A
24/11/12 16:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 16:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 16:03:35
A
24/11/12 16:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 16:18:35
D

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 16:18:35
A
24/11/12 16:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 16:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 16:33:35
A
24/11/12 16:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 16:44:52
D
call: DLL_PROCESS_ATTACH
24/11/12 16:44:53
A
24/11/12 16:44:53
D
call: DLL_PROCESS_ATTACH
24/11/12 16:44:53
D
call: DLL_PROCESS_DETACH
24/11/12 16:44:53
A
24/11/12 16:44:53
D
call: DLL_PROCESS_DETACH
24/11/12 16:44:53
D
call: DLL_PROCESS_ATTACH
24/11/12 16:44:54
D
call: DLL_PROCESS_ATTACH
24/11/12 16:44:54
D
call: DLL_PROCESS_ATTACH
24/11/12 16:44:54
A
24/11/12 16:44:54
A
24/11/12 16:44:54
A
24/11/12 16:44:54
A
24/11/12 16:45:00
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:01
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:01
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:01
A
24/11/12 16:45:01
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:14
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback

24/11/12 16:45:14
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:14
A
24/11/12 16:45:14
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:14
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:15
A
24/11/12 16:45:15
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:15
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:15
A
24/11/12 16:45:15
D
call: DLL_PROCESS_DETACH
24/11/12 16:45:15
D
call: DLL_PROCESS_ATTACH
24/11/12 16:45:25
A
24/11/12 16:45:25
D
call: DLL_PROCESS_DETACH
24/11/12 16:46:40
D
call: DLL_PROCESS_ATTACH
24/11/12 16:46:41
A
24/11/12 16:46:41
D
call: DLL_PROCESS_DETACH
24/11/12 16:46:41
D
call: DLL_PROCESS_ATTACH
24/11/12 16:46:41
A
24/11/12 16:46:41
D
call: DLL_PROCESS_DETACH
24/11/12 16:46:42
D
call: DLL_PROCESS_ATTACH
24/11/12 16:46:42
A
24/11/12 16:46:42
D
call: DLL_PROCESS_DETACH
24/11/12 16:46:42
D
call: DLL_PROCESS_ATTACH
24/11/12 16:46:42
A
24/11/12 16:46:42
F
24/11/12 16:46:43
A
24/11/12 16:46:46
A
24/11/12 16:47:47
A
24/11/12 16:47:47
F
24/11/12 16:47:47
A
24/11/12 16:47:48
D
call: DLL_PROCESS_DETACH
24/11/12 16:47:48
A
24/11/12 16:47:48
F
24/11/12 16:47:48
A
24/11/12 16:47:48
F
24/11/12 16:47:53
D
call: DLL_PROCESS_ATTACH
24/11/12 16:47:54
A
24/11/12 16:47:54
D
call: DLL_PROCESS_DETACH
24/11/12 16:47:54
D
call: DLL_PROCESS_ATTACH
24/11/12 16:47:54
A
24/11/12 16:47:54
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 4111269888 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for

24/11/12 16:47:55
D
call: DLL_PROCESS_ATTACH
24/11/12 16:47:56
A
24/11/12 16:47:56
F
24/11/12 16:47:56
A
24/11/12 16:47:56
F
24/11/12 16:48:34
A
24/11/12 16:48:34
F
24/11/12 16:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 16:48:35
A
24/11/12 16:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 16:59:47
A
24/11/12 16:59:47
F
24/11/12 16:59:47
A
24/11/12 16:59:47
F
24/11/12 16:59:47
A
24/11/12 16:59:48
A
24/11/12 16:59:48
F
24/11/12 17:00:00
D
call: DLL_PROCESS_ATTACH
24/11/12 17:00:00
A
24/11/12 17:00:00
D
call: DLL_PROCESS_DETACH
24/11/12 17:00:02
D
call: DLL_PROCESS_ATTACH
24/11/12 17:00:03
A
24/11/12 17:00:03
D
call: DLL_PROCESS_DETACH
24/11/12 17:00:03
D
call: DLL_PROCESS_ATTACH
24/11/12 17:00:03
A
24/11/12 17:00:03
D
call: DLL_PROCESS_DETACH
24/11/12 17:00:03
D
call: DLL_PROCESS_ATTACH
24/11/12 17:00:46
D
call: DLL_PROCESS_ATTACH
24/11/12 17:00:47
D
call: DLL_PROCESS_ATTACH
24/11/12 17:01:06
A
24/11/12 17:01:06
R
24/11/12 17:01:06
A
24/11/12 17:01:06
D
call: DLL_PROCESS_DETACH
24/11/12 17:02:14
A
24/11/12 17:02:14
D
call: DLL_PROCESS_DETACH
24/11/12 17:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 17:03:35
A
24/11/12 17:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 17:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 17:18:35
A
24/11/12 17:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 17:33:35
D

Enter DllMain -> Handle: 1963130880 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 17:33:35
A
24/11/12 17:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 17:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 17:48:35
A
24/11/12 17:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:00:00
D
call: DLL_PROCESS_ATTACH
24/11/12 18:00:00
A
24/11/12 18:00:00
D
call: DLL_PROCESS_DETACH
24/11/12 18:00:44
D
call: DLL_PROCESS_ATTACH
24/11/12 18:01:31
D
call: DLL_PROCESS_ATTACH
24/11/12 18:01:31
D
call: DLL_PROCESS_ATTACH
24/11/12 18:01:57
D
call: DLL_PROCESS_ATTACH
24/11/12 18:02:00
A
24/11/12 18:02:00
A
24/11/12 18:02:00
R
24/11/12 18:02:26
D
call: DLL_PROCESS_ATTACH
24/11/12 18:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 18:03:35
A
24/11/12 18:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:05:22
D
call: DLL_PROCESS_ATTACH
24/11/12 18:05:22
D
call: DLL_PROCESS_ATTACH
24/11/12 18:05:27
A
24/11/12 18:05:27
A
24/11/12 18:05:27
D
call: DLL_PROCESS_DETACH
24/11/12 18:06:14
D
call: DLL_PROCESS_ATTACH
24/11/12 18:06:14
A
24/11/12 18:06:14
D
call: DLL_PROCESS_DETACH
24/11/12 18:06:22
A
24/11/12 18:06:22
D
call: DLL_PROCESS_DETACH
24/11/12 18:10:55
A
24/11/12 18:10:55
R
24/11/12 18:10:55
A
24/11/12 18:10:55
D
call: DLL_PROCESS_DETACH
24/11/12 18:10:55
A
24/11/12 18:10:55
D
call: DLL_PROCESS_DETACH
24/11/12 18:10:58
A
24/11/12 18:10:58
D
call: DLL_PROCESS_DETACH
24/11/12 18:18:35
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 18:18:35
A
24/11/12 18:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:19:16
D
call: DLL_PROCESS_ATTACH
24/11/12 18:19:16
D
call: DLL_PROCESS_ATTACH
24/11/12 18:19:22
D
call: DLL_PROCESS_ATTACH
24/11/12 18:19:23
A
24/11/12 18:19:23
A
24/11/12 18:19:23
R
24/11/12 18:20:41
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:19
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:20
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:27
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:27
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:32
A
24/11/12 18:23:32
D
call: DLL_PROCESS_DETACH
24/11/12 18:23:36
A
24/11/12 18:23:36
D
call: DLL_PROCESS_DETACH
24/11/12 18:23:45
A
24/11/12 18:23:45
F
24/11/12 18:23:46
D
call: DLL_PROCESS_ATTACH
24/11/12 18:23:48
A
24/11/12 18:23:48
D
call: DLL_PROCESS_DETACH
24/11/12 18:25:09
A
24/11/12 18:25:09
A
24/11/12 18:25:09
D
call: DLL_PROCESS_DETACH
24/11/12 18:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 18:33:35
A
24/11/12 18:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:35:42
D
call: DLL_PROCESS_ATTACH
24/11/12 18:35:51
A
24/11/12 18:35:51
A
24/11/12 18:35:51
D
call: DLL_PROCESS_DETACH
24/11/12 18:36:28
D
call: DLL_PROCESS_ATTACH
24/11/12 18:36:40
D
call: DLL_PROCESS_ATTACH
24/11/12 18:36:42
A
24/11/12 18:36:42
F
24/11/12 18:36:42
A
24/11/12 18:36:42
F
24/11/12 18:36:59
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback

24/11/12 18:36:59
D
call: DLL_PROCESS_DETACH
24/11/12 18:37:19
A
24/11/12 18:37:19
F
24/11/12 18:39:46
D
call: DLL_PROCESS_ATTACH
24/11/12 18:39:51
A
24/11/12 18:39:51
A
24/11/12 18:39:51
D
call: DLL_PROCESS_DETACH
24/11/12 18:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 18:48:35
A
24/11/12 18:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:54:48
A
24/11/12 18:54:48
F
24/11/12 18:54:48
A
24/11/12 18:54:49
A
24/11/12 18:54:49
F
24/11/12 18:54:53
D
call: DLL_PROCESS_ATTACH
24/11/12 18:56:01
D
call: DLL_PROCESS_ATTACH
24/11/12 18:56:13
A
24/11/12 18:56:13
A
24/11/12 18:56:13
D
call: DLL_PROCESS_DETACH
24/11/12 18:56:22
D
call: DLL_PROCESS_ATTACH
24/11/12 18:56:39
D
call: DLL_PROCESS_ATTACH
24/11/12 18:56:55
A
24/11/12 18:56:55
D
call: DLL_PROCESS_DETACH
24/11/12 18:56:56
D
call: DLL_PROCESS_ATTACH
24/11/12 18:56:57
A
24/11/12 18:56:57
F
24/11/12 18:56:57
A
24/11/12 18:56:57
F
24/11/12 18:56:57
A
24/11/12 18:56:57
F
24/11/12 18:56:57
A
24/11/12 18:56:57
F
24/11/12 18:56:57
A
24/11/12 18:56:57
D
call: DLL_PROCESS_DETACH
24/11/12 18:56:57
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:05
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:06
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:09
A
24/11/12 18:57:09
F
24/11/12 18:57:09
A
24/11/12 18:57:09
F
24/11/12 18:57:09
A
24/11/12 18:57:09
F

Enter DllMain -> Handle: 4111269888 - Reason for

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

24/11/12 18:57:09
A
24/11/12 18:57:09
F
24/11/12 18:57:09
A
24/11/12 18:57:09
F
24/11/12 18:57:14
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:29
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:30
A
24/11/12 18:57:30
D
call: DLL_PROCESS_DETACH
24/11/12 18:57:30
A
24/11/12 18:57:30
D
call: DLL_PROCESS_DETACH
24/11/12 18:57:35
A
24/11/12 18:57:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:57:35
A
24/11/12 18:57:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:57:35
A
24/11/12 18:57:35
D
call: DLL_PROCESS_DETACH
24/11/12 18:57:50
D
call: DLL_PROCESS_ATTACH
24/11/12 18:57:50
A
24/11/12 18:57:50
D
call: DLL_PROCESS_DETACH
24/11/12 18:58:04
D
call: DLL_PROCESS_ATTACH
24/11/12 18:58:10
A
24/11/12 18:58:10
D
call: DLL_PROCESS_DETACH
24/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
24/11/12 19:00:01
D
call: DLL_PROCESS_ATTACH
24/11/12 19:00:02
A
24/11/12 19:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 19:00:43
A
24/11/12 19:00:43
D
call: DLL_PROCESS_DETACH
24/11/12 19:01:33
D
call: DLL_PROCESS_ATTACH
24/11/12 19:02:35
D
call: DLL_PROCESS_ATTACH
24/11/12 19:02:35
A
24/11/12 19:02:35
D
call: DLL_PROCESS_DETACH
24/11/12 19:02:36
D
call: DLL_PROCESS_ATTACH
24/11/12 19:02:50
A
24/11/12 19:02:50
D
call: DLL_PROCESS_DETACH
24/11/12 19:02:50
D
call: DLL_PROCESS_ATTACH
24/11/12 19:02:51
A
24/11/12 19:02:51
D
call: DLL_PROCESS_DETACH

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for

24/11/12 19:03:03
A
24/11/12 19:03:03
F
24/11/12 19:03:03
A
24/11/12 19:03:03
F
24/11/12 19:03:04
A
24/11/12 19:03:04
F
24/11/12 19:03:16
A
24/11/12 19:03:16
F
24/11/12 19:03:16
A
24/11/12 19:03:16
F
24/11/12 19:03:16
A
24/11/12 19:03:16
F
24/11/12 19:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 19:03:35
A
24/11/12 19:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 19:04:48
A
24/11/12 19:04:48
F
24/11/12 19:05:02
A
24/11/12 19:05:02
F
24/11/12 19:05:02
A
24/11/12 19:05:02
F
24/11/12 19:05:02
A
24/11/12 19:05:02
F
24/11/12 19:07:31
A
24/11/12 19:07:31
F
24/11/12 19:07:52
A
24/11/12 19:07:52
F
24/11/12 19:07:52
A
24/11/12 19:07:52
F
24/11/12 19:07:52
A
24/11/12 19:07:52
F
24/11/12 19:08:03
A
24/11/12 19:08:03
R
24/11/12 19:08:04
A
24/11/12 19:08:04
R
24/11/12 19:08:04
A
24/11/12 19:08:04
D
call: DLL_PROCESS_DETACH
24/11/12 19:08:04
A
24/11/12 19:08:04
D
call: DLL_PROCESS_DETACH
24/11/12 19:08:10
A
24/11/12 19:08:10
F
24/11/12 19:08:27
A
24/11/12 19:08:27
D
call: DLL_PROCESS_DETACH
24/11/12 19:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 19:18:35
A
24/11/12 19:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 19:19:07
A
24/11/12 19:19:07
F
24/11/12 19:19:07
A
24/11/12 19:19:07
F
24/11/12 19:19:07
A
24/11/12 19:19:07
F
24/11/12 19:19:18
A

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

24/11/12 19:19:18
F
24/11/12 19:32:58
D
call: DLL_PROCESS_ATTACH
24/11/12 19:32:58
A
24/11/12 19:32:58
D
call: DLL_PROCESS_DETACH
24/11/12 19:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 19:33:35
A
24/11/12 19:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 19:41:39
D
call: DLL_PROCESS_ATTACH
24/11/12 19:42:08
A
24/11/12 19:42:08
D
call: DLL_PROCESS_DETACH
24/11/12 19:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 19:48:35
A
24/11/12 19:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 19:49:16
A
24/11/12 19:49:16
F
24/11/12 19:49:16
A
24/11/12 19:49:16
F
24/11/12 19:49:16
A
24/11/12 19:49:16
F
24/11/12 19:49:30
A
24/11/12 19:49:30
D
call: DLL_PROCESS_DETACH
24/11/12 19:49:31
A
24/11/12 19:49:31
F
24/11/12 20:00:00
D
call: DLL_PROCESS_ATTACH
24/11/12 20:00:01
A
24/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
24/11/12 20:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 20:03:35
A
24/11/12 20:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 20:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 20:18:35
A
24/11/12 20:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 20:19:26
A
24/11/12 20:19:26
F
24/11/12 20:19:26
A
24/11/12 20:19:26
F
24/11/12 20:19:26
A
24/11/12 20:19:26
F
24/11/12 20:19:51
A
24/11/12 20:19:51
F
24/11/12 20:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 20:33:35
A
24/11/12 20:33:35
D
call: DLL_PROCESS_DETACH

lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for

24/11/12 20:37:54
A
24/11/12 20:37:54
D
call: DLL_PROCESS_DETACH
24/11/12 20:37:55
A
24/11/12 20:37:55
F
24/11/12 20:37:55
A
24/11/12 20:37:55
F
24/11/12 20:37:55
A
24/11/12 20:37:55
F
24/11/12 20:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 20:48:35
A
24/11/12 20:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 20:59:17
D
call: DLL_PROCESS_ATTACH
24/11/12 20:59:18
D
call: DLL_PROCESS_ATTACH
24/11/12 20:59:36
D
call: DLL_PROCESS_ATTACH
24/11/12 20:59:37
D
call: DLL_PROCESS_ATTACH
24/11/12 20:59:44
A
24/11/12 20:59:44
A
24/11/12 20:59:44
D
call: DLL_PROCESS_DETACH
24/11/12 20:59:48
A
24/11/12 20:59:48
D
call: DLL_PROCESS_DETACH
24/11/12 20:59:49
A
24/11/12 20:59:49
D
call: DLL_PROCESS_DETACH
24/11/12 20:59:49
D
call: DLL_PROCESS_ATTACH
24/11/12 20:59:49
A
24/11/12 20:59:49
A
24/11/12 20:59:49
D
call: DLL_PROCESS_DETACH
24/11/12 20:59:49
D
call: DLL_PROCESS_ATTACH
24/11/12 21:00:00
D
call: DLL_PROCESS_ATTACH
24/11/12 21:00:00
A
24/11/12 21:00:00
D
call: DLL_PROCESS_DETACH
24/11/12 21:00:12
A
24/11/12 21:00:12
A
24/11/12 21:00:12
D
call: DLL_PROCESS_DETACH
24/11/12 21:00:27
D
call: DLL_PROCESS_ATTACH
24/11/12 21:00:29
A
24/11/12 21:00:29
D
call: DLL_PROCESS_DETACH
24/11/12 21:00:44
D
call: DLL_PROCESS_ATTACH
24/11/12 21:00:49
A
24/11/12 21:00:49
A
24/11/12 21:00:49
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for

24/11/12 21:01:16
D
call: DLL_PROCESS_ATTACH
24/11/12 21:01:17
A
24/11/12 21:01:17
D
call: DLL_PROCESS_DETACH
24/11/12 21:01:17
D
call: DLL_PROCESS_ATTACH
24/11/12 21:01:19
A
24/11/12 21:01:19
D
call: DLL_PROCESS_DETACH
24/11/12 21:01:22
D
call: DLL_PROCESS_ATTACH
24/11/12 21:01:25
A
24/11/12 21:01:25
D
call: DLL_PROCESS_DETACH
24/11/12 21:01:34
D
call: DLL_PROCESS_ATTACH
24/11/12 21:01:34
D
call: DLL_PROCESS_ATTACH
24/11/12 21:01:44
D
call: DLL_PROCESS_ATTACH
24/11/12 21:02:14
A
24/11/12 21:02:14
R
24/11/12 21:03:19
D
call: DLL_PROCESS_ATTACH
24/11/12 21:03:24
A
24/11/12 21:03:24
A
24/11/12 21:03:24
D
call: DLL_PROCESS_DETACH
24/11/12 21:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:03:35
A
24/11/12 21:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:04:06
D
call: DLL_PROCESS_ATTACH
24/11/12 21:09:58
D
call: DLL_PROCESS_ATTACH
24/11/12 21:09:59
A
24/11/12 21:09:59
F
24/11/12 21:10:04
A
24/11/12 21:10:04
A
24/11/12 21:10:04
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:08
D
call: DLL_PROCESS_ATTACH
24/11/12 21:10:08
A
24/11/12 21:10:08
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:13
D
call: DLL_PROCESS_ATTACH
24/11/12 21:10:18
A
24/11/12 21:10:18
A
24/11/12 21:10:18
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:24
D
call: DLL_PROCESS_ATTACH
24/11/12 21:10:24
A
24/11/12 21:10:24
F
24/11/12 21:10:29
D

Enter DllMain -> Handle: 1963130880 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 21:10:29
A
24/11/12 21:10:29
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:36
A
24/11/12 21:10:36
A
24/11/12 21:10:36
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:43
D
call: DLL_PROCESS_ATTACH
24/11/12 21:10:43
A
24/11/12 21:10:43
F
24/11/12 21:10:48
D
call: DLL_PROCESS_ATTACH
24/11/12 21:10:48
A
24/11/12 21:10:48
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:52
A
24/11/12 21:10:52
A
24/11/12 21:10:52
D
call: DLL_PROCESS_DETACH
24/11/12 21:10:55
D
call: DLL_PROCESS_ATTACH
24/11/12 21:11:02
A
24/11/12 21:11:02
A
24/11/12 21:11:02
D
call: DLL_PROCESS_DETACH
24/11/12 21:11:32
D
call: DLL_PROCESS_ATTACH
24/11/12 21:11:38
A
24/11/12 21:11:38
A
24/11/12 21:11:38
D
call: DLL_PROCESS_DETACH
24/11/12 21:12:31
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:31
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:33
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:37
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:40
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:40
A
24/11/12 21:12:40
D
call: DLL_PROCESS_DETACH
24/11/12 21:12:41
D
call: DLL_PROCESS_ATTACH
24/11/12 21:12:41
A
24/11/12 21:12:41
D
call: DLL_PROCESS_DETACH
24/11/12 21:12:44
A
24/11/12 21:12:44
D
call: DLL_PROCESS_DETACH
24/11/12 21:13:18
D
call: DLL_PROCESS_ATTACH
24/11/12 21:13:18
A
24/11/12 21:13:18
D
call: DLL_PROCESS_DETACH
24/11/12 21:13:36
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback

24/11/12 21:13:36
A
24/11/12 21:13:36
D
call: DLL_PROCESS_DETACH
24/11/12 21:13:36
D
call: DLL_PROCESS_DETACH
24/11/12 21:13:38
D
call: DLL_PROCESS_ATTACH
24/11/12 21:13:43
A
24/11/12 21:13:43
A
24/11/12 21:13:43
D
call: DLL_PROCESS_DETACH
24/11/12 21:16:22
A
24/11/12 21:16:22
D
call: DLL_PROCESS_DETACH
24/11/12 21:16:43
A
24/11/12 21:16:43
F
24/11/12 21:17:29
A
24/11/12 21:17:29
F
24/11/12 21:17:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:17:35
A
24/11/12 21:17:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:17:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:17:41
A
24/11/12 21:17:41
A
24/11/12 21:17:41
D
call: DLL_PROCESS_DETACH
24/11/12 21:18:01
A
24/11/12 21:18:01
R
24/11/12 21:18:01
A
24/11/12 21:18:01
D
call: DLL_PROCESS_DETACH
24/11/12 21:18:02
A
24/11/12 21:18:02
D
call: DLL_PROCESS_DETACH
24/11/12 21:18:08
D
call: DLL_PROCESS_ATTACH
24/11/12 21:18:08
D
call: DLL_PROCESS_ATTACH
24/11/12 21:18:10
A
24/11/12 21:18:10
A
24/11/12 21:18:10
R
24/11/12 21:18:11
A
24/11/12 21:18:11
D
call: DLL_PROCESS_DETACH
24/11/12 21:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:18:35
A
24/11/12 21:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:18:36
A
24/11/12 21:18:36
D
call: DLL_PROCESS_DETACH
24/11/12 21:19:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:19:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:19:46
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback

24/11/12 21:19:46
D
call: DLL_PROCESS_DETACH
24/11/12 21:19:49
A
24/11/12 21:19:49
D
call: DLL_PROCESS_DETACH
24/11/12 21:20:05
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:05
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:10
A
24/11/12 21:20:10
A
24/11/12 21:20:10
D
call: DLL_PROCESS_DETACH
24/11/12 21:20:12
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:26
A
24/11/12 21:20:26
A
24/11/12 21:20:26
D
call: DLL_PROCESS_DETACH
24/11/12 21:20:37
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:42
A
24/11/12 21:20:42
A
24/11/12 21:20:42
D
call: DLL_PROCESS_DETACH
24/11/12 21:20:42
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:48
D
call: DLL_PROCESS_ATTACH
24/11/12 21:20:51
A
24/11/12 21:20:51
A
24/11/12 21:20:51
D
call: DLL_PROCESS_DETACH
24/11/12 21:20:52
A
24/11/12 21:20:52
D
call: DLL_PROCESS_DETACH
24/11/12 21:21:37
D
call: DLL_PROCESS_ATTACH
24/11/12 21:21:42
A
24/11/12 21:21:42
A
24/11/12 21:21:42
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:05
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:15
A
24/11/12 21:22:15
A
24/11/12 21:22:15
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:16
A
24/11/12 21:22:16
F
24/11/12 21:22:17
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:17
A
24/11/12 21:22:17
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:17
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:21
A
24/11/12 21:22:21
F
24/11/12 21:22:23
A

Enter DllMain -> Handle: 4111269888 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback

24/11/12 21:22:23
A
24/11/12 21:22:23
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:32
A
24/11/12 21:22:32
F
24/11/12 21:22:32
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:32
A
24/11/12 21:22:32
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:33
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:38
A
24/11/12 21:22:38
A
24/11/12 21:22:38
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:39
A
24/11/12 21:22:39
F
24/11/12 21:22:40
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:40
A
24/11/12 21:22:40
D
call: DLL_PROCESS_DETACH
24/11/12 21:22:41
D
call: DLL_PROCESS_ATTACH
24/11/12 21:22:47
A
24/11/12 21:22:47
A
24/11/12 21:22:47
D
call: DLL_PROCESS_DETACH
24/11/12 21:23:05
A
24/11/12 21:23:05
D
call: DLL_PROCESS_DETACH
24/11/12 21:23:07
D
call: DLL_PROCESS_ATTACH
24/11/12 21:23:07
D
call: DLL_PROCESS_ATTACH
24/11/12 21:23:15
D
call: DLL_PROCESS_ATTACH
24/11/12 21:23:15
A
24/11/12 21:23:15
A
24/11/12 21:23:15
R
24/11/12 21:23:55
D
call: DLL_PROCESS_ATTACH
24/11/12 21:24:15
D
call: DLL_PROCESS_ATTACH
24/11/12 21:24:18
D
call: DLL_PROCESS_ATTACH
24/11/12 21:24:21
A
24/11/12 21:24:21
R
24/11/12 21:28:31
D
call: DLL_PROCESS_ATTACH
24/11/12 21:28:42
A
24/11/12 21:28:42
D
call: DLL_PROCESS_DETACH
24/11/12 21:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:33:35
A
24/11/12 21:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:47:20
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for

call: DLL_PROCESS_ATTACH
24/11/12 21:47:20
D
call: DLL_PROCESS_ATTACH
24/11/12 21:47:30
A
24/11/12 21:47:30
D
call: DLL_PROCESS_DETACH
24/11/12 21:47:51
D
call: DLL_PROCESS_ATTACH
24/11/12 21:47:56
A
24/11/12 21:48:25
D
call: DLL_PROCESS_ATTACH
24/11/12 21:48:33
A
24/11/12 21:48:35
D
call: DLL_PROCESS_ATTACH
24/11/12 21:48:35
A
24/11/12 21:48:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:48:50
A
24/11/12 21:48:50
F
24/11/12 21:48:51
A
24/11/12 21:48:51
F
24/11/12 21:48:53
D
call: DLL_PROCESS_ATTACH
24/11/12 21:49:06
A
24/11/12 21:49:06
D
call: DLL_PROCESS_DETACH
24/11/12 21:49:58
D
call: DLL_PROCESS_ATTACH
24/11/12 21:50:03
A
24/11/12 21:52:35
A
24/11/12 21:52:35
D
call: DLL_PROCESS_DETACH
24/11/12 21:53:58
D
call: DLL_PROCESS_ATTACH
24/11/12 21:53:59
A
24/11/12 21:53:59
R
24/11/12 21:54:09
D
call: DLL_PROCESS_ATTACH
24/11/12 21:54:10
A
24/11/12 21:54:10
D
call: DLL_PROCESS_ATTACH
24/11/12 21:54:10
D
call: DLL_PROCESS_DETACH
24/11/12 21:54:10
D
call: DLL_PROCESS_ATTACH
24/11/12 21:54:10
A
24/11/12 21:54:10
D
call: DLL_PROCESS_DETACH
24/11/12 21:54:15
D
call: DLL_PROCESS_ATTACH
24/11/12 21:54:16
A
24/11/12 21:54:16
A
24/11/12 21:54:16
R
24/11/12 21:54:16
D
call: DLL_PROCESS_ATTACH
24/11/12 21:54:16
A
24/11/12 21:54:16
A
24/11/12 21:54:16
R
24/11/12 21:54:16
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1963130880 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for

24/11/12 21:54:18
A
24/11/12 21:54:18
R
24/11/12 21:58:22
D
call: DLL_PROCESS_ATTACH
24/11/12 21:58:27
A
24/11/12 21:58:27
D
call: DLL_PROCESS_DETACH
24/11/12 21:59:01
A
24/11/12 21:59:01
R
24/11/12 22:00:01
D
call: DLL_PROCESS_ATTACH
24/11/12 22:00:02
A
24/11/12 22:00:02
D
call: DLL_PROCESS_DETACH
24/11/12 22:03:35
D
call: DLL_PROCESS_ATTACH
24/11/12 22:03:35
A
24/11/12 22:03:35
D
call: DLL_PROCESS_DETACH
24/11/12 22:04:31
D
call: DLL_PROCESS_ATTACH
24/11/12 22:04:31
D
call: DLL_PROCESS_ATTACH
24/11/12 22:04:41
A
24/11/12 22:04:41
D
call: DLL_PROCESS_DETACH
24/11/12 22:18:35
D
call: DLL_PROCESS_ATTACH
24/11/12 22:18:35
A
24/11/12 22:18:35
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:11
D
call: DLL_PROCESS_ATTACH
24/11/12 22:20:16
A
24/11/12 22:20:16
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:16
D
call: DLL_PROCESS_ATTACH
24/11/12 22:20:16
D
call: DLL_PROCESS_ATTACH
24/11/12 22:20:21
A
24/11/12 22:20:21
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:21
A
24/11/12 22:20:21
A
24/11/12 22:20:21
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:24
A
24/11/12 22:20:24
R
24/11/12 22:20:24
A
24/11/12 22:20:24
R
24/11/12 22:20:24
A
24/11/12 22:20:24
A
24/11/12 22:20:24
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:25
A
24/11/12 22:20:25
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:25
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for

24/11/12 22:20:28
D
call: DLL_PROCESS_ATTACH
24/11/12 22:20:30
A
24/11/12 22:20:30
D
call: DLL_PROCESS_DETACH
24/11/12 22:20:32
D
call: DLL_PROCESS_ATTACH
24/11/12 22:20:33
A
24/11/12 22:20:33
D
call: DLL_PROCESS_DETACH
24/11/12 22:33:35
D
call: DLL_PROCESS_ATTACH
24/11/12 22:33:35
A
24/11/12 22:33:35
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
24/11/12 22:36:50
D
call: DLL_PROCESS_DETACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
A
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1963130880 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 4111269888 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 1963130880 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for

25/11/12 12:19:55
A
25/11/12 12:19:55
A
25/11/12 12:19:55
A
25/11/12 12:19:55
A
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:55
A
25/11/12 12:19:55
D
call: DLL_PROCESS_DETACH
25/11/12 12:19:55
A
25/11/12 12:19:55
D
call: DLL_PROCESS_DETACH
25/11/12 12:19:55
A
25/11/12 12:19:55
F
25/11/12 12:19:55
A
25/11/12 12:19:55
F
25/11/12 12:19:55
A
25/11/12 12:19:55
F
25/11/12 12:19:56
A
25/11/12 12:19:56
F
25/11/12 12:19:56
A
25/11/12 12:19:56
F
25/11/12 12:19:56
A
25/11/12 12:19:56
F
25/11/12 12:19:58
D
call: DLL_PROCESS_ATTACH
25/11/12 12:19:58
A
25/11/12 12:19:58
D
call: DLL_PROCESS_DETACH
25/11/12 12:19:59
A
25/11/12 12:19:59
A
25/11/12 12:19:59
D
call: DLL_PROCESS_DETACH
25/11/12 12:20:02
A
25/11/12 12:20:02
D
call: DLL_PROCESS_DETACH
25/11/12 12:20:13
A
25/11/12 12:20:13
D
call: DLL_PROCESS_DETACH
25/11/12 12:20:26
D
call: DLL_PROCESS_ATTACH
25/11/12 12:20:27
D
call: DLL_PROCESS_ATTACH
25/11/12 12:20:35
D
call: DLL_PROCESS_ATTACH
25/11/12 12:20:37
A
25/11/12 12:20:37
A
25/11/12 12:20:37
R
25/11/12 12:21:05
D
call: DLL_PROCESS_ATTACH
25/11/12 12:21:56
D
call: DLL_PROCESS_ATTACH
25/11/12 12:21:59
D
call: DLL_PROCESS_ATTACH
25/11/12 12:22:01
A
25/11/12 12:22:01
A
25/11/12 12:22:01
R
25/11/12 12:22:14
D

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 12:22:14
A
25/11/12 12:22:14
R
25/11/12 12:22:14
D
call: DLL_PROCESS_ATTACH
25/11/12 12:22:17
A
25/11/12 12:22:17
A
25/11/12 12:22:17
R
25/11/12 12:22:23
D
call: DLL_PROCESS_ATTACH
25/11/12 12:22:23
A
25/11/12 12:22:23
R
25/11/12 12:22:38
D
call: DLL_PROCESS_ATTACH
25/11/12 12:22:41
A
25/11/12 12:22:41
R
25/11/12 12:22:41
D
call: DLL_PROCESS_ATTACH
25/11/12 12:22:49
A
25/11/12 12:22:49
A
25/11/12 12:22:49
R
25/11/12 12:32:47
D
call: DLL_PROCESS_ATTACH
25/11/12 12:32:47
A
25/11/12 12:32:47
D
call: DLL_PROCESS_DETACH
25/11/12 12:34:46
D
call: DLL_PROCESS_ATTACH
25/11/12 12:34:51
A
25/11/12 12:36:02
A
25/11/12 12:36:02
R
25/11/12 12:36:04
D
call: DLL_PROCESS_ATTACH
25/11/12 12:36:11
D
call: DLL_PROCESS_ATTACH
25/11/12 12:36:13
A
25/11/12 12:36:13
R
25/11/12 12:36:26
D
call: DLL_PROCESS_ATTACH
25/11/12 12:36:26
A
25/11/12 12:36:26
R
25/11/12 12:36:26
D
call: DLL_PROCESS_ATTACH
25/11/12 12:36:57
A
25/11/12 12:36:57
R
25/11/12 12:39:51
A
25/11/12 12:39:51
R
25/11/12 12:40:02
D
call: DLL_PROCESS_ATTACH
25/11/12 12:47:32
A
25/11/12 12:47:32
R
25/11/12 12:47:58
A
25/11/12 12:47:58
R
25/11/12 12:47:59
A
25/11/12 12:47:59
D
call: DLL_PROCESS_DETACH
25/11/12 12:47:59
A
25/11/12 12:47:59
D
call: DLL_PROCESS_DETACH
25/11/12 12:50:11
D

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 12:50:26
A
25/11/12 12:50:26
D
call: DLL_PROCESS_DETACH
25/11/12 12:50:35
A
25/11/12 12:50:35
D
call: DLL_PROCESS_DETACH
25/11/12 13:00:01
D
call: DLL_PROCESS_ATTACH
25/11/12 13:00:01
A
25/11/12 13:00:01
D
call: DLL_PROCESS_DETACH
25/11/12 13:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:06:49
A
25/11/12 13:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 13:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:21:49
A
25/11/12 13:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:46
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:46
A
25/11/12 13:26:46
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:47
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:49
A
25/11/12 13:26:49
A
25/11/12 13:26:49
A
25/11/12 13:26:49
A
25/11/12 13:26:50
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:50
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:50
A
25/11/12 13:26:50
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:50
A
25/11/12 13:26:50
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:50
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:50
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:50
A
25/11/12 13:26:50
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:50
A
25/11/12 13:26:50
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:52
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:52
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 13:26:52
A
25/11/12 13:26:52
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:52
A
25/11/12 13:26:52
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:53
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:53
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:53
A
25/11/12 13:26:53
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:53
A
25/11/12 13:26:53
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:54
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:54
A
25/11/12 13:26:54
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:54
D
call: DLL_PROCESS_ATTACH
25/11/12 13:26:54
A
25/11/12 13:26:54
D
call: DLL_PROCESS_DETACH
25/11/12 13:26:54
D
call: DLL_PROCESS_ATTACH
25/11/12 13:27:03
A
25/11/12 13:27:03
D
call: DLL_PROCESS_DETACH
25/11/12 13:27:04
A
25/11/12 13:27:04
D
call: DLL_PROCESS_DETACH
25/11/12 13:27:04
A
25/11/12 13:27:04
D
call: DLL_PROCESS_DETACH
25/11/12 13:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:36:49
A
25/11/12 13:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 13:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 13:51:49
A
25/11/12 13:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 14:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 14:00:00
A
25/11/12 14:00:00
D
call: DLL_PROCESS_DETACH
25/11/12 14:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 14:06:49
A
25/11/12 14:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:30
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

25/11/12 14:09:31
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:32
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:32
A
25/11/12 14:09:32
F
25/11/12 14:09:32
A
25/11/12 14:09:32
F
25/11/12 14:09:32
A
25/11/12 14:09:32
F
25/11/12 14:09:32
A
25/11/12 14:09:32
F
25/11/12 14:09:32
A
25/11/12 14:09:32
F
25/11/12 14:09:35
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:35
A
25/11/12 14:09:35
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:35
A
25/11/12 14:09:35
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:40
A
25/11/12 14:09:40
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:40
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:41
A
25/11/12 14:09:41
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:41
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:45
A
25/11/12 14:09:45
D
call: DLL_PROCESS_DETACH
25/11/12 14:09:45
D
call: DLL_PROCESS_ATTACH
25/11/12 14:09:45
A
25/11/12 14:09:45
D
call: DLL_PROCESS_DETACH
25/11/12 14:10:08
A
25/11/12 14:10:08
F
25/11/12 14:10:08
A
25/11/12 14:10:08
F
25/11/12 14:10:08
A
25/11/12 14:10:08
F
25/11/12 14:14:47
D
call: DLL_PROCESS_ATTACH
25/11/12 14:17:35
A
25/11/12 14:17:35
F
25/11/12 14:17:35
A
25/11/12 14:17:35
F
25/11/12 14:17:36
A
25/11/12 14:17:36
F
25/11/12 14:17:40
A
25/11/12 14:17:40
F
25/11/12 14:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 14:21:49
A
25/11/12 14:21:49
D

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for

call: DLL_PROCESS_DETACH
25/11/12 14:32:47
A
25/11/12 14:32:47
F
25/11/12 14:32:47
A
25/11/12 14:32:47
F
25/11/12 14:32:47
A
25/11/12 14:32:47
F
25/11/12 14:33:11
A
25/11/12 14:33:11
F
25/11/12 14:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 14:36:49
A
25/11/12 14:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 14:39:52
A
25/11/12 14:39:52
F
25/11/12 14:39:52
A
25/11/12 14:39:52
F
25/11/12 14:39:52
A
25/11/12 14:39:52
F
25/11/12 14:39:53
A
25/11/12 14:39:53
F
25/11/12 14:39:55
A
25/11/12 14:39:55
F
25/11/12 14:39:55
A
25/11/12 14:39:55
F
25/11/12 14:39:55
A
25/11/12 14:39:55
F
25/11/12 14:40:00
A
25/11/12 14:40:00
F
25/11/12 14:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 14:51:49
A
25/11/12 14:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 15:00:01
D
call: DLL_PROCESS_ATTACH
25/11/12 15:00:01
A
25/11/12 15:00:01
D
call: DLL_PROCESS_DETACH
25/11/12 15:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 15:06:49
A
25/11/12 15:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 15:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 15:21:49
A
25/11/12 15:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 15:23:28
A
25/11/12 15:23:28
F
25/11/12 15:23:28
A
25/11/12 15:23:28
F
25/11/12 15:23:28
A
25/11/12 15:23:28
F
25/11/12 15:23:31
A
25/11/12 15:23:31
F
25/11/12 15:24:42
A
25/11/12 15:24:42
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_DETACH
25/11/12 15:24:42
A
25/11/12 15:24:42
F
25/11/12 15:24:42
A
25/11/12 15:24:42
F
25/11/12 15:24:42
A
25/11/12 15:24:42
F
25/11/12 15:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 15:36:49
A
25/11/12 15:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 15:45:02
D
call: DLL_PROCESS_ATTACH
25/11/12 15:45:02
A
25/11/12 15:45:02
F
25/11/12 15:45:02
A
25/11/12 15:45:02
F
25/11/12 15:45:02
A
25/11/12 15:45:02
F
25/11/12 15:45:02
A
25/11/12 15:45:02
F
25/11/12 15:45:05
D
call: DLL_PROCESS_ATTACH
25/11/12 15:49:08
A
25/11/12 15:49:08
D
call: DLL_PROCESS_DETACH
25/11/12 15:50:14
D
call: DLL_PROCESS_ATTACH
25/11/12 15:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 15:51:49
A
25/11/12 15:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:08
A
25/11/12 15:54:08
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:08
A
25/11/12 15:54:08
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:12
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:14
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:14
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:14
A
25/11/12 15:54:14
F
25/11/12 15:54:14
A
25/11/12 15:54:14
F
25/11/12 15:54:14
A
25/11/12 15:54:14
F
25/11/12 15:54:14
A
25/11/12 15:54:14
F
25/11/12 15:54:14
A
25/11/12 15:54:14
F
25/11/12 15:54:25
A
25/11/12 15:54:25
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:25
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 15:54:26
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:31
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:31
A
25/11/12 15:54:31
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:31
A
25/11/12 15:54:31
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:33
A
25/11/12 15:54:33
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:33
D
call: DLL_PROCESS_ATTACH
25/11/12 15:54:34
A
25/11/12 15:54:34
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:37
A
25/11/12 15:54:37
D
call: DLL_PROCESS_DETACH
25/11/12 15:54:42
A
25/11/12 15:54:42
F
25/11/12 15:54:42
A
25/11/12 15:54:42
F
25/11/12 16:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 16:00:00
A
25/11/12 16:00:00
D
call: DLL_PROCESS_DETACH
25/11/12 16:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 16:06:49
A
25/11/12 16:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 16:14:12
A
25/11/12 16:14:12
F
25/11/12 16:14:12
A
25/11/12 16:14:12
F
25/11/12 16:14:12
A
25/11/12 16:14:12
F
25/11/12 16:14:37
A
25/11/12 16:14:37
F
25/11/12 16:14:57
A
25/11/12 16:14:57
D
call: DLL_PROCESS_DETACH
25/11/12 16:14:57
A
25/11/12 16:14:57
F
25/11/12 16:14:57
A
25/11/12 16:14:57
F
25/11/12 16:14:58
A
25/11/12 16:14:58
F
25/11/12 16:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 16:21:49
A
25/11/12 16:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 16:30:46
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

25/11/12 16:30:47
D
call: DLL_PROCESS_ATTACH
25/11/12 16:30:52
D
call: DLL_PROCESS_ATTACH
25/11/12 16:30:52
A
25/11/12 16:30:52
A
25/11/12 16:30:52
R
25/11/12 16:31:14
D
call: DLL_PROCESS_ATTACH
25/11/12 16:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 16:36:49
A
25/11/12 16:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 16:46:27
D
call: DLL_PROCESS_ATTACH
25/11/12 16:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 16:51:49
A
25/11/12 16:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 16:53:24
A
25/11/12 16:53:24
F
25/11/12 17:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 17:00:00
A
25/11/12 17:00:00
D
call: DLL_PROCESS_DETACH
25/11/12 17:04:57
D
call: DLL_PROCESS_ATTACH
25/11/12 17:04:57
A
25/11/12 17:04:57
D
call: DLL_PROCESS_DETACH
25/11/12 17:04:58
D
call: DLL_PROCESS_ATTACH
25/11/12 17:04:58
A
25/11/12 17:04:58
D
call: DLL_PROCESS_DETACH
25/11/12 17:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 17:06:49
A
25/11/12 17:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 17:07:27
A
25/11/12 17:07:27
R
25/11/12 17:07:52
A
25/11/12 17:07:52
R
25/11/12 17:07:53
A
25/11/12 17:07:53
D
call: DLL_PROCESS_DETACH
25/11/12 17:07:53
A
25/11/12 17:07:53
D
call: DLL_PROCESS_DETACH
25/11/12 17:08:38
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:40
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:40
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:40
A

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback

25/11/12 17:08:40
F
25/11/12 17:08:40
A
25/11/12 17:08:40
F
25/11/12 17:08:40
A
25/11/12 17:08:40
F
25/11/12 17:08:40
A
25/11/12 17:08:40
F
25/11/12 17:08:40
A
25/11/12 17:08:40
F
25/11/12 17:08:50
A
25/11/12 17:08:50
D
call: DLL_PROCESS_DETACH
25/11/12 17:08:50
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:51
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:54
A
25/11/12 17:08:54
D
call: DLL_PROCESS_DETACH
25/11/12 17:08:55
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:55
A
25/11/12 17:08:55
D
call: DLL_PROCESS_DETACH
25/11/12 17:08:56
D
call: DLL_PROCESS_ATTACH
25/11/12 17:08:56
A
25/11/12 17:08:56
D
call: DLL_PROCESS_DETACH
25/11/12 17:08:56
A
25/11/12 17:08:56
D
call: DLL_PROCESS_DETACH
25/11/12 17:09:02
A
25/11/12 17:09:02
D
call: DLL_PROCESS_DETACH
25/11/12 17:09:03
A
25/11/12 17:09:03
F
25/11/12 17:09:03
A
25/11/12 17:09:03
F
25/11/12 17:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 17:21:49
A
25/11/12 17:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 17:24:56
A
25/11/12 17:24:56
F
25/11/12 17:24:56
A
25/11/12 17:24:56
F
25/11/12 17:24:56
A
25/11/12 17:24:56
F
25/11/12 17:25:01
A
25/11/12 17:25:01
F
25/11/12 17:27:35
A
25/11/12 17:27:35
F
25/11/12 17:27:35
A
25/11/12 17:27:35
F
25/11/12 17:27:35
A
25/11/12 17:27:35
F
25/11/12 17:27:54
A
25/11/12 17:27:54
F

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

25/11/12 17:28:16
A
25/11/12 17:28:16
D
call: DLL_PROCESS_DETACH
25/11/12 17:28:17
A
25/11/12 17:28:17
F
25/11/12 17:28:17
A
25/11/12 17:28:17
F
25/11/12 17:28:17
A
25/11/12 17:28:17
F
25/11/12 17:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 17:36:49
A
25/11/12 17:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 17:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 17:51:49
A
25/11/12 17:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 18:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 18:00:00
A
25/11/12 18:00:00
D
call: DLL_PROCESS_DETACH
25/11/12 18:04:52
D
call: DLL_PROCESS_ATTACH
25/11/12 18:04:52
D
call: DLL_PROCESS_ATTACH
25/11/12 18:04:56
D
call: DLL_PROCESS_ATTACH
25/11/12 18:04:58
D
call: DLL_PROCESS_ATTACH
25/11/12 18:04:58
A
25/11/12 18:04:58
D
call: DLL_PROCESS_DETACH
25/11/12 18:04:59
D
call: DLL_PROCESS_ATTACH
25/11/12 18:05:00
A
25/11/12 18:05:00
R
25/11/12 18:05:00
D
call: DLL_PROCESS_ATTACH
25/11/12 18:05:00
A
25/11/12 18:05:00
D
call: DLL_PROCESS_DETACH
25/11/12 18:05:04
D
call: DLL_PROCESS_ATTACH
25/11/12 18:05:05
A
25/11/12 18:05:05
R
25/11/12 18:05:49
D
call: DLL_PROCESS_ATTACH
25/11/12 18:06:14
D
call: DLL_PROCESS_ATTACH
25/11/12 18:06:19
A
25/11/12 18:06:19
D
call: DLL_PROCESS_DETACH
25/11/12 18:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 18:06:49
A
25/11/12 18:06:49
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for

25/11/12 18:13:02
D
call: DLL_PROCESS_ATTACH
25/11/12 18:15:10
A
25/11/12 18:15:10
R
25/11/12 18:15:10
A
25/11/12 18:15:10
R
25/11/12 18:15:10
A
25/11/12 18:15:10
R
25/11/12 18:15:11
A
25/11/12 18:15:11
D
call: DLL_PROCESS_DETACH
25/11/12 18:15:11
A
25/11/12 18:15:11
D
call: DLL_PROCESS_DETACH
25/11/12 18:15:12
D
call: DLL_PROCESS_ATTACH
25/11/12 18:15:12
D
call: DLL_PROCESS_ATTACH
25/11/12 18:15:17
D
call: DLL_PROCESS_ATTACH
25/11/12 18:15:17
A
25/11/12 18:15:17
A
25/11/12 18:15:17
R
25/11/12 18:15:21
A
25/11/12 18:15:21
R
25/11/12 18:15:22
A
25/11/12 18:15:22
D
call: DLL_PROCESS_DETACH
25/11/12 18:17:19
D
call: DLL_PROCESS_ATTACH
25/11/12 18:17:19
D
call: DLL_PROCESS_ATTACH
25/11/12 18:17:22
D
call: DLL_PROCESS_ATTACH
25/11/12 18:17:23
A
25/11/12 18:17:23
R
25/11/12 18:17:41
D
call: DLL_PROCESS_ATTACH
25/11/12 18:17:46
D
call: DLL_PROCESS_ATTACH
25/11/12 18:21:22
A
25/11/12 18:21:22
R
25/11/12 18:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 18:21:49
A
25/11/12 18:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 18:24:17
D
call: DLL_PROCESS_ATTACH
25/11/12 18:24:39
A
25/11/12 18:24:39
R
25/11/12 18:25:03
D
call: DLL_PROCESS_ATTACH
25/11/12 18:25:28
A
25/11/12 18:25:28
R
25/11/12 18:25:30
D
call: DLL_PROCESS_ATTACH
25/11/12 18:25:43
A
25/11/12 18:25:43
R
25/11/12 18:26:03
D

Enter DllMain -> Handle: 1961426944 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 18:26:26
A
25/11/12 18:26:26
R
25/11/12 18:27:33
D
call: DLL_PROCESS_ATTACH
25/11/12 18:30:33
A
25/11/12 18:30:33
R
25/11/12 18:31:38
D
call: DLL_PROCESS_ATTACH
25/11/12 18:36:11
D
call: DLL_PROCESS_ATTACH
25/11/12 18:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 18:36:49
A
25/11/12 18:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 18:40:56
A
25/11/12 18:40:56
R
25/11/12 18:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 18:51:49
A
25/11/12 18:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
25/11/12 19:00:00
A
25/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
25/11/12 19:00:21
A
25/11/12 19:00:22
D
call: DLL_PROCESS_DETACH
25/11/12 19:06:10
A
25/11/12 19:06:10
R
25/11/12 19:06:10
A
25/11/12 19:06:10
R
25/11/12 19:06:11
A
25/11/12 19:06:11
D
call: DLL_PROCESS_DETACH
25/11/12 19:06:11
A
25/11/12 19:06:11
D
call: DLL_PROCESS_DETACH
25/11/12 19:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 19:06:49
A
25/11/12 19:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 19:07:39
D
call: DLL_PROCESS_ATTACH
25/11/12 19:07:39
D
call: DLL_PROCESS_ATTACH
25/11/12 19:07:52
A
25/11/12 19:07:52
D
call: DLL_PROCESS_DETACH
25/11/12 19:07:53
D
call: DLL_PROCESS_ATTACH
25/11/12 19:07:53
D
call: DLL_PROCESS_ATTACH
25/11/12 19:07:54
A

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback

25/11/12 19:07:54
D
call: DLL_PROCESS_DETACH
25/11/12 19:07:59
D
call: DLL_PROCESS_ATTACH
25/11/12 19:08:00
A
25/11/12 19:08:00
R
25/11/12 19:08:21
D
call: DLL_PROCESS_ATTACH
25/11/12 19:10:45
D
call: DLL_PROCESS_ATTACH
25/11/12 19:10:50
D
call: DLL_PROCESS_ATTACH
25/11/12 19:10:51
A
25/11/12 19:10:51
R
25/11/12 19:11:00
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:20
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:20
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:25
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:26
A
25/11/12 19:11:26
A
25/11/12 19:11:26
D
call: DLL_PROCESS_DETACH
25/11/12 19:11:27
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:28
D
call: DLL_PROCESS_ATTACH
25/11/12 19:11:30
A
25/11/12 19:11:30
R
25/11/12 19:11:33
A
25/11/12 19:11:33
A
25/11/12 19:11:33
D
call: DLL_PROCESS_DETACH
25/11/12 19:12:20
A
25/11/12 19:12:20
D
call: DLL_PROCESS_DETACH
25/11/12 19:12:25
D
call: DLL_PROCESS_ATTACH
25/11/12 19:12:26
A
25/11/12 19:12:40
A
25/11/12 19:12:40
D
call: DLL_PROCESS_ATTACH
25/11/12 19:12:40
A
25/11/12 19:12:40
O
25/11/12 19:12:40
V
25/11/12 19:12:40
V
25/11/12 19:12:40
A
25/11/12 19:12:40
A
25/11/12 19:12:40
A
25/11/12 19:12:40
O
25/11/12 19:12:40
V
25/11/12 19:12:40
V
25/11/12 19:12:40
F
25/11/12 19:12:40
V
25/11/12 19:12:40
V
25/11/12 19:12:40
A
25/11/12 19:12:41
A

Enter DllMain -> Handle: 4085972992 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
Enter DllMain -> Handle: 4085972992 - Reason for
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack

25/11/12 19:12:41
A
25/11/12 19:12:41
O
25/11/12 19:12:41
V
25/11/12 19:12:41
V
25/11/12 19:12:41
F
25/11/12 19:12:41
V
25/11/12 19:12:41
V
25/11/12 19:12:41
A
25/11/12 19:12:41
A
25/11/12 19:12:41
A
25/11/12 19:12:41
O
25/11/12 19:12:41
V
25/11/12 19:12:41
V
25/11/12 19:12:41
F
25/11/12 19:12:41
V
25/11/12 19:12:41
V
25/11/12 19:16:07
A
25/11/12 19:16:07
R
25/11/12 19:16:07
A
25/11/12 19:16:07
R
25/11/12 19:16:07
A
25/11/12 19:16:07
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:07
A
25/11/12 19:16:07
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:08
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:09
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:16
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:16
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:16
A
25/11/12 19:16:16
A
25/11/12 19:16:16
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:19
A
25/11/12 19:16:19
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:23
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:25
A
25/11/12 19:16:25
R
25/11/12 19:16:34
D
call: DLL_PROCESS_ATTACH
25/11/12 19:16:40
A
25/11/12 19:16:40
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:54
A
25/11/12 19:16:54
R
25/11/12 19:16:54
A
25/11/12 19:16:54
D
call: DLL_PROCESS_DETACH
25/11/12 19:16:54
A
25/11/12 19:16:54
D
call: DLL_PROCESS_DETACH
25/11/12 19:17:08
A
25/11/12 19:17:08
D

-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> CreateDCWCallback
-> DocumentPropertiesWCallBack
-> DocumentPropertiesWCallBack
Impresora Final: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
lpszDevice: CyberClient
DevMode Impresora: CyberClient
DevMode Copies: 1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for

call: DLL_PROCESS_DETACH
25/11/12 19:19:08
D
call: DLL_PROCESS_ATTACH
25/11/12 19:19:08
A
25/11/12 19:19:08
D
call: DLL_PROCESS_DETACH
25/11/12 19:19:08
D
call: DLL_PROCESS_ATTACH
25/11/12 19:19:13
A
25/11/12 19:19:13
A
25/11/12 19:19:13
D
call: DLL_PROCESS_DETACH
25/11/12 19:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 19:21:49
A
25/11/12 19:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 19:22:08
D
call: DLL_PROCESS_ATTACH
25/11/12 19:23:03
A
25/11/12 19:23:03
D
call: DLL_PROCESS_DETACH
25/11/12 19:24:32
D
call: DLL_PROCESS_ATTACH
25/11/12 19:24:32
D
call: DLL_PROCESS_ATTACH
25/11/12 19:24:39
D
call: DLL_PROCESS_ATTACH
25/11/12 19:24:39
A
25/11/12 19:24:39
A
25/11/12 19:24:39
R
25/11/12 19:25:45
D
call: DLL_PROCESS_ATTACH
25/11/12 19:27:10
A
25/11/12 19:27:10
F
25/11/12 19:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 19:36:49
A
25/11/12 19:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 19:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 19:51:49
A
25/11/12 19:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
25/11/12 20:00:01
A
25/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
25/11/12 20:04:18
A
25/11/12 20:04:18
F
25/11/12 20:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 20:06:49
A
25/11/12 20:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 20:21:49
A

Enter DllMain -> Handle: 4085972992 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback

25/11/12 20:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:26:41
A
25/11/12 20:26:41
R
25/11/12 20:26:42
A
25/11/12 20:26:42
D
call: DLL_PROCESS_DETACH
25/11/12 20:26:42
A
25/11/12 20:26:42
D
call: DLL_PROCESS_DETACH
25/11/12 20:27:16
D
call: DLL_PROCESS_ATTACH
25/11/12 20:28:23
D
call: DLL_PROCESS_ATTACH
25/11/12 20:28:23
A
25/11/12 20:28:23
A
25/11/12 20:28:23
A
25/11/12 20:28:23
A
25/11/12 20:28:23
D
call: DLL_PROCESS_ATTACH
25/11/12 20:28:44
A
25/11/12 20:28:44
D
call: DLL_PROCESS_DETACH
25/11/12 20:28:46
A
25/11/12 20:28:46
D
call: DLL_PROCESS_DETACH
25/11/12 20:36:49
D
call: DLL_PROCESS_ATTACH
25/11/12 20:36:49
A
25/11/12 20:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:41:17
D
call: DLL_PROCESS_ATTACH
25/11/12 20:41:18
D
call: DLL_PROCESS_ATTACH
25/11/12 20:41:23
A
25/11/12 20:41:23
A
25/11/12 20:41:23
D
call: DLL_PROCESS_DETACH
25/11/12 20:41:28
D
call: DLL_PROCESS_ATTACH
25/11/12 20:41:32
A
25/11/12 20:41:32
F
25/11/12 20:41:33
A
25/11/12 20:41:33
A
25/11/12 20:41:33
D
call: DLL_PROCESS_DETACH
25/11/12 20:41:33
D
call: DLL_PROCESS_ATTACH
25/11/12 20:41:33
A
25/11/12 20:41:33
D
call: DLL_PROCESS_DETACH
25/11/12 20:41:55
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:00
A
25/11/12 20:42:00
A
25/11/12 20:42:00
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:06
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4085972992 - Reason for

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

25/11/12 20:42:12
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:12
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:12
A
25/11/12 20:42:12
F
25/11/12 20:42:12
A
25/11/12 20:42:12
F
25/11/12 20:42:12
A
25/11/12 20:42:12
F
25/11/12 20:42:12
A
25/11/12 20:42:12
F
25/11/12 20:42:12
A
25/11/12 20:42:12
F
25/11/12 20:42:17
A
25/11/12 20:42:18
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:18
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:19
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:19
A
25/11/12 20:42:19
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:19
A
25/11/12 20:42:19
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:24
A
25/11/12 20:42:24
A
25/11/12 20:42:24
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:25
A
25/11/12 20:42:25
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:28
A
25/11/12 20:42:28
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:28
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:29
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:38
A
25/11/12 20:42:38
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:38
D
call: DLL_PROCESS_ATTACH
25/11/12 20:42:38
A
25/11/12 20:42:38
D
call: DLL_PROCESS_DETACH
25/11/12 20:42:48
A
25/11/12 20:42:48
F
25/11/12 20:42:48
A
25/11/12 20:42:48
F
25/11/12 20:43:21
A
25/11/12 20:43:22
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:22
A
25/11/12 20:43:22
F
25/11/12 20:43:22
A
25/11/12 20:43:22
F

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

25/11/12 20:43:22
A
25/11/12 20:43:22
F
25/11/12 20:43:25
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:30
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:30
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:30
A
25/11/12 20:43:30
F
25/11/12 20:43:30
A
25/11/12 20:43:30
F
25/11/12 20:43:30
A
25/11/12 20:43:30
F
25/11/12 20:43:30
A
25/11/12 20:43:30
F
25/11/12 20:43:30
A
25/11/12 20:43:30
F
25/11/12 20:43:31
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:31
A
25/11/12 20:43:31
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:31
A
25/11/12 20:43:31
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:37
A
25/11/12 20:43:37
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:40
A
25/11/12 20:43:40
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:40
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:41
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:49
A
25/11/12 20:43:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:49
D
call: DLL_PROCESS_ATTACH
25/11/12 20:43:49
A
25/11/12 20:43:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:43:57
A
25/11/12 20:43:57
F
25/11/12 20:43:57
A
25/11/12 20:43:57
F
25/11/12 20:43:57
A
25/11/12 20:43:57
F
25/11/12 20:44:30
A
25/11/12 20:44:31
D
call: DLL_PROCESS_DETACH
25/11/12 20:44:31
A
25/11/12 20:44:31
F
25/11/12 20:44:31
A
25/11/12 20:44:31
F
25/11/12 20:44:31
A
25/11/12 20:44:31
F
25/11/12 20:44:36
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 20:44:36
D
call: DLL_PROCESS_ATTACH
25/11/12 20:44:51
D
call: DLL_PROCESS_ATTACH
25/11/12 20:44:52
D
call: DLL_PROCESS_ATTACH
25/11/12 20:45:00
A
25/11/12 20:45:00
A
25/11/12 20:45:00
D
call: DLL_PROCESS_DETACH
25/11/12 20:45:15
D
call: DLL_PROCESS_ATTACH
25/11/12 20:45:16
A
25/11/12 20:45:16
D
call: DLL_PROCESS_DETACH
25/11/12 20:45:16
A
25/11/12 20:45:16
R
25/11/12 20:45:35
D
call: DLL_PROCESS_ATTACH
25/11/12 20:45:51
A
25/11/12 20:45:51
D
call: DLL_PROCESS_DETACH
25/11/12 20:47:41
A
25/11/12 20:47:41
F
25/11/12 20:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 20:51:49
A
25/11/12 20:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:22
A
25/11/12 20:55:22
R
25/11/12 20:55:23
A
25/11/12 20:55:23
R
25/11/12 20:55:23
A
25/11/12 20:55:23
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:23
A
25/11/12 20:55:23
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:23
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:24
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:24
A
25/11/12 20:55:24
F
25/11/12 20:55:24
A
25/11/12 20:55:24
F
25/11/12 20:55:24
A
25/11/12 20:55:24
F
25/11/12 20:55:24
A
25/11/12 20:55:24
F
25/11/12 20:55:24
A
25/11/12 20:55:24
F
25/11/12 20:55:28
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:28
A
25/11/12 20:55:28
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:28
A

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback

25/11/12 20:55:28
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:32
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:34
A
25/11/12 20:55:34
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:34
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:34
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:34
A
25/11/12 20:55:34
F
25/11/12 20:55:34
A
25/11/12 20:55:34
F
25/11/12 20:55:34
A
25/11/12 20:55:34
F
25/11/12 20:55:34
A
25/11/12 20:55:34
F
25/11/12 20:55:34
A
25/11/12 20:55:34
F
25/11/12 20:55:37
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:37
A
25/11/12 20:55:37
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:37
A
25/11/12 20:55:37
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:43
A
25/11/12 20:55:43
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:46
A
25/11/12 20:55:46
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:46
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:47
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:52
A
25/11/12 20:55:52
D
call: DLL_PROCESS_DETACH
25/11/12 20:55:52
D
call: DLL_PROCESS_ATTACH
25/11/12 20:55:52
A
25/11/12 20:55:52
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:00
A
25/11/12 20:56:00
F
25/11/12 20:56:00
A
25/11/12 20:56:00
F
25/11/12 20:56:00
A
25/11/12 20:56:00
F
25/11/12 20:56:27
A
25/11/12 20:56:28
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:28
A
25/11/12 20:56:28
F
25/11/12 20:56:28
A
25/11/12 20:56:28
F

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

25/11/12 20:56:28
A
25/11/12 20:56:28
F
25/11/12 20:56:34
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:42
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:43
A
25/11/12 20:56:43
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:46
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:51
A
25/11/12 20:56:51
A
25/11/12 20:56:51
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:54
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:54
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:54
A
25/11/12 20:56:54
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:54
D
call: DLL_PROCESS_ATTACH
25/11/12 20:56:58
A
25/11/12 20:56:58
D
call: DLL_PROCESS_DETACH
25/11/12 20:56:59
A
25/11/12 20:56:59
A
25/11/12 20:56:59
D
call: DLL_PROCESS_DETACH
25/11/12 20:57:19
D
call: DLL_PROCESS_ATTACH
25/11/12 20:57:20
D
call: DLL_PROCESS_ATTACH
25/11/12 20:57:24
A
25/11/12 20:57:24
A
25/11/12 20:57:24
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:27
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:29
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:29
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:30
A
25/11/12 20:58:30
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:30
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:30
A
25/11/12 20:58:30
F
25/11/12 20:58:30
A
25/11/12 20:58:30
F
25/11/12 20:58:30
A
25/11/12 20:58:30
F
25/11/12 20:58:30
A
25/11/12 20:58:30
F
25/11/12 20:58:30
A
25/11/12 20:58:30
F

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

25/11/12 20:58:31
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:32
A
25/11/12 20:58:32
A
25/11/12 20:58:32
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:32
A
25/11/12 20:58:32
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:32
A
25/11/12 20:58:32
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:33
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:33
D
call: DLL_PROCESS_ATTACH
25/11/12 20:58:36
A
25/11/12 20:58:36
F
25/11/12 20:58:36
A
25/11/12 20:58:36
F
25/11/12 20:58:36
A
25/11/12 20:58:36
F
25/11/12 20:58:36
A
25/11/12 20:58:36
F
25/11/12 20:58:36
A
25/11/12 20:58:36
F
25/11/12 20:58:38
A
25/11/12 20:58:38
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:38
A
25/11/12 20:58:38
D
call: DLL_PROCESS_DETACH
25/11/12 20:58:44
A
25/11/12 20:58:44
D
call: DLL_PROCESS_DETACH
25/11/12 21:00:01
D
call: DLL_PROCESS_ATTACH
25/11/12 21:00:02
A
25/11/12 21:00:02
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:34
A
25/11/12 21:01:34
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:37
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:38
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:38
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:39
A
25/11/12 21:01:39
F
25/11/12 21:01:39
A
25/11/12 21:01:39
F
25/11/12 21:01:39
A
25/11/12 21:01:39
F
25/11/12 21:01:39
A
25/11/12 21:01:39
F
25/11/12 21:01:39
A
25/11/12 21:01:39
F
25/11/12 21:01:40
D

Enter DllMain -> Handle: 1961426944 - Reason for

-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 21:01:41
A
25/11/12 21:01:41
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:41
A
25/11/12 21:01:41
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:41
A
25/11/12 21:01:41
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:47
A
25/11/12 21:01:47
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:49
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:50
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:50
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:50
A
25/11/12 21:01:50
F
25/11/12 21:01:50
A
25/11/12 21:01:50
F
25/11/12 21:01:50
A
25/11/12 21:01:50
F
25/11/12 21:01:50
A
25/11/12 21:01:50
F
25/11/12 21:01:50
A
25/11/12 21:01:50
F
25/11/12 21:01:52
D
call: DLL_PROCESS_ATTACH
25/11/12 21:01:52
A
25/11/12 21:01:52
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:52
A
25/11/12 21:01:52
D
call: DLL_PROCESS_DETACH
25/11/12 21:01:58
A
25/11/12 21:01:58
D
call: DLL_PROCESS_DETACH
25/11/12 21:02:00
A
25/11/12 21:02:00
D
call: DLL_PROCESS_DETACH
25/11/12 21:02:01
D
call: DLL_PROCESS_ATTACH
25/11/12 21:02:02
D
call: DLL_PROCESS_ATTACH
25/11/12 21:02:30
A
25/11/12 21:02:30
D
call: DLL_PROCESS_DETACH
25/11/12 21:02:30
D
call: DLL_PROCESS_ATTACH
25/11/12 21:02:31
A
25/11/12 21:02:31
D
call: DLL_PROCESS_DETACH
25/11/12 21:02:41
A
25/11/12 21:02:41
F
25/11/12 21:02:41
A
25/11/12 21:02:41
F
25/11/12 21:02:41
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

25/11/12 21:02:41
F
25/11/12 21:03:35
A
25/11/12 21:03:35
F
25/11/12 21:03:35
A
25/11/12 21:03:35
F
25/11/12 21:03:46
D
call: DLL_PROCESS_ATTACH
25/11/12 21:03:48
D
call: DLL_PROCESS_ATTACH
25/11/12 21:03:48
D
call: DLL_PROCESS_ATTACH
25/11/12 21:03:48
A
25/11/12 21:03:48
F
25/11/12 21:03:48
A
25/11/12 21:03:48
F
25/11/12 21:03:48
A
25/11/12 21:03:48
F
25/11/12 21:03:48
A
25/11/12 21:03:48
F
25/11/12 21:03:48
A
25/11/12 21:03:48
F
25/11/12 21:03:51
D
call: DLL_PROCESS_ATTACH
25/11/12 21:03:51
A
25/11/12 21:03:51
D
call: DLL_PROCESS_DETACH
25/11/12 21:03:51
A
25/11/12 21:03:51
D
call: DLL_PROCESS_DETACH
25/11/12 21:03:57
A
25/11/12 21:03:57
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:03
A
25/11/12 21:04:03
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:03
D
call: DLL_PROCESS_ATTACH
25/11/12 21:04:04
D
call: DLL_PROCESS_ATTACH
25/11/12 21:04:10
A
25/11/12 21:04:10
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:11
D
call: DLL_PROCESS_ATTACH
25/11/12 21:04:11
A
25/11/12 21:04:11
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:20
A
25/11/12 21:04:20
F
25/11/12 21:04:20
A
25/11/12 21:04:20
F
25/11/12 21:04:34
A
25/11/12 21:04:34
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:49
A
25/11/12 21:04:49
D
call: DLL_PROCESS_DETACH
25/11/12 21:04:49
A
25/11/12 21:04:49
F
25/11/12 21:04:49
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

25/11/12 21:04:49
F
25/11/12 21:04:50
A
25/11/12 21:04:50
F
25/11/12 21:05:05
D
call: DLL_PROCESS_ATTACH
25/11/12 21:05:05
D
call: DLL_PROCESS_ATTACH
25/11/12 21:05:21
D
call: DLL_PROCESS_ATTACH
25/11/12 21:05:30
A
25/11/12 21:05:30
R
25/11/12 21:05:30
D
call: DLL_PROCESS_ATTACH
25/11/12 21:05:38
D
call: DLL_PROCESS_ATTACH
25/11/12 21:06:01
A
25/11/12 21:06:01
R
25/11/12 21:06:31
D
call: DLL_PROCESS_ATTACH
25/11/12 21:06:37
A
25/11/12 21:06:37
A
25/11/12 21:06:37
R
25/11/12 21:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 21:06:49
A
25/11/12 21:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 21:06:51
A
25/11/12 21:06:51
F
25/11/12 21:07:19
A
25/11/12 21:07:19
R
25/11/12 21:07:20
A
25/11/12 21:07:20
D
call: DLL_PROCESS_DETACH
25/11/12 21:07:20
A
25/11/12 21:07:20
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:26
D
call: DLL_PROCESS_ATTACH
25/11/12 21:13:35
D
call: DLL_PROCESS_ATTACH
25/11/12 21:13:35
D
call: DLL_PROCESS_ATTACH
25/11/12 21:13:35
A
25/11/12 21:13:35
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:36
A
25/11/12 21:13:36
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:38
A
25/11/12 21:13:38
F
25/11/12 21:13:39
A
25/11/12 21:13:39
A
25/11/12 21:13:39
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:42
D
call: DLL_PROCESS_ATTACH
25/11/12 21:13:46
D
call: DLL_PROCESS_ATTACH
25/11/12 21:13:46
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 21:13:46
A
25/11/12 21:13:46
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:47
A
25/11/12 21:13:47
D
call: DLL_PROCESS_DETACH
25/11/12 21:13:49
A
25/11/12 21:13:49
A
25/11/12 21:13:49
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:00
A
25/11/12 21:14:00
F
25/11/12 21:14:04
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:04
A
25/11/12 21:14:04
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:04
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:04
A
25/11/12 21:14:04
F
25/11/12 21:14:05
A
25/11/12 21:14:10
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:10
A
25/11/12 21:14:10
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:10
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:10
A
25/11/12 21:14:10
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:11
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:11
A
25/11/12 21:14:11
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:11
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:11
A
25/11/12 21:14:11
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:21
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:21
A
25/11/12 21:14:21
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:21
D
call: DLL_PROCESS_ATTACH
25/11/12 21:14:22
A
25/11/12 21:14:22
D
call: DLL_PROCESS_DETACH
25/11/12 21:14:45
A
25/11/12 21:21:49
D
call: DLL_PROCESS_ATTACH
25/11/12 21:21:49
A
25/11/12 21:21:49
D
call: DLL_PROCESS_DETACH
25/11/12 21:36:49
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for

call: DLL_PROCESS_ATTACH
25/11/12 21:36:49
A
25/11/12 21:36:49
D
call: DLL_PROCESS_DETACH
25/11/12 21:40:19
A
25/11/12 21:40:19
F
25/11/12 21:40:19
A
25/11/12 21:40:19
F
25/11/12 21:40:20
A
25/11/12 21:40:20
F
25/11/12 21:40:34
A
25/11/12 21:40:34
F
25/11/12 21:45:08
D
call: DLL_PROCESS_ATTACH
25/11/12 21:45:17
A
25/11/12 21:45:17
D
call: DLL_PROCESS_DETACH
25/11/12 21:51:49
D
call: DLL_PROCESS_ATTACH
25/11/12 21:51:49
A
25/11/12 21:51:49
D
call: DLL_PROCESS_DETACH
25/11/12 22:00:01
D
call: DLL_PROCESS_ATTACH
25/11/12 22:00:02
A
25/11/12 22:00:02
D
call: DLL_PROCESS_DETACH
25/11/12 22:06:49
D
call: DLL_PROCESS_ATTACH
25/11/12 22:06:49
A
25/11/12 22:06:49
D
call: DLL_PROCESS_DETACH
25/11/12 22:13:19
A
25/11/12 22:13:19
F
25/11/12 22:13:20
A
25/11/12 22:13:20
F
25/11/12 22:13:20
A
25/11/12 22:13:20
F
25/11/12 22:15:07
A
25/11/12 22:15:07
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:07
A
25/11/12 22:15:07
F
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4085972992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1961426944 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 4085972992 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for

call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
25/11/12 22:15:08
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
A
26/11/12 15:03:15
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:15
A
26/11/12 15:03:15
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:16
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:16
A
26/11/12 15:03:16
A
26/11/12 15:03:16
A
26/11/12 15:03:16
A
26/11/12 15:03:16
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:16
D
call: DLL_PROCESS_ATTACH
26/11/12 15:03:16
A
26/11/12 15:03:16
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:16
A
26/11/12 15:03:16
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:17
A
26/11/12 15:03:17
F
26/11/12 15:03:20
D

Enter DllMain -> Handle: 1961426944 - Reason for

Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 1961426944 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4098555904 - Reason for

call: DLL_PROCESS_ATTACH
26/11/12 15:03:21
A
26/11/12 15:03:21
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:23
A
26/11/12 15:03:23
D
call: DLL_PROCESS_DETACH
26/11/12 15:03:33
A
26/11/12 15:03:33
D
call: DLL_PROCESS_DETACH
26/11/12 15:07:10
D
call: DLL_PROCESS_ATTACH
26/11/12 15:07:34
A
26/11/12 15:07:34
D
call: DLL_PROCESS_DETACH
26/11/12 15:13:02
D
call: DLL_PROCESS_ATTACH
26/11/12 15:13:07
A
26/11/12 15:16:05
D
call: DLL_PROCESS_ATTACH
26/11/12 15:16:05
A
26/11/12 15:16:05
D
call: DLL_PROCESS_DETACH
26/11/12 15:18:04
D
call: DLL_PROCESS_ATTACH
26/11/12 15:18:09
A
26/11/12 15:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 15:50:07
A
26/11/12 15:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 16:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 16:00:01
A
26/11/12 16:00:01
D
call: DLL_PROCESS_DETACH
26/11/12 16:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 16:05:07
A
26/11/12 16:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 16:20:07
D
call: DLL_PROCESS_ATTACH
26/11/12 16:20:07
A
26/11/12 16:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 16:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 16:35:07
A
26/11/12 16:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 16:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 16:50:07
A
26/11/12 16:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 17:00:01
A
26/11/12 17:00:01
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for

call: DLL_PROCESS_DETACH
26/11/12 17:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 17:05:07
A
26/11/12 17:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 17:20:07
D
call: DLL_PROCESS_ATTACH
26/11/12 17:20:07
A
26/11/12 17:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 17:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 17:35:07
A
26/11/12 17:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 17:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 17:50:07
A
26/11/12 17:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 17:58:19
A
26/11/12 17:58:19
F
26/11/12 17:58:19
A
26/11/12 17:58:19
F
26/11/12 17:58:20
A
26/11/12 17:58:20
F
26/11/12 17:58:25
D
call: DLL_PROCESS_ATTACH
26/11/12 17:58:26
D
call: DLL_PROCESS_ATTACH
26/11/12 17:58:33
D
call: DLL_PROCESS_ATTACH
26/11/12 17:58:34
A
26/11/12 17:58:34
D
call: DLL_PROCESS_DETACH
26/11/12 17:58:34
A
26/11/12 17:58:34
R
26/11/12 17:58:53
D
call: DLL_PROCESS_ATTACH
26/11/12 17:59:00
D
call: DLL_PROCESS_ATTACH
26/11/12 17:59:01
A
26/11/12 17:59:01
R
26/11/12 17:59:33
D
call: DLL_PROCESS_ATTACH
26/11/12 18:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 18:00:01
A
26/11/12 18:00:01
D
call: DLL_PROCESS_DETACH
26/11/12 18:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 18:05:07
A
26/11/12 18:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 18:11:46
D
call: DLL_PROCESS_ATTACH
26/11/12 18:11:46
A
26/11/12 18:11:46
D

Enter DllMain -> Handle: 4098555904 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for

call: DLL_PROCESS_DETACH
26/11/12 18:11:46
D
call: DLL_PROCESS_ATTACH
26/11/12 18:11:46
A
26/11/12 18:11:46
D
call: DLL_PROCESS_DETACH
26/11/12 18:15:51
A
26/11/12 18:15:51
R
26/11/12 18:16:50
A
26/11/12 18:16:50
R
26/11/12 18:16:51
A
26/11/12 18:16:51
D
call: DLL_PROCESS_DETACH
26/11/12 18:16:51
A
26/11/12 18:16:51
D
call: DLL_PROCESS_DETACH
26/11/12 18:20:06
D
call: DLL_PROCESS_ATTACH
26/11/12 18:20:07
A
26/11/12 18:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 18:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 18:35:07
A
26/11/12 18:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 18:35:51
A
26/11/12 18:35:51
D
call: DLL_PROCESS_DETACH
26/11/12 18:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 18:50:07
A
26/11/12 18:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
26/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
26/11/12 19:00:00
A
26/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
26/11/12 19:00:36
A
26/11/12 19:00:36
D
call: DLL_PROCESS_DETACH
26/11/12 19:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 19:05:07
A
26/11/12 19:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 19:20:07
D
call: DLL_PROCESS_ATTACH
26/11/12 19:20:07
A
26/11/12 19:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 19:23:02
D
call: DLL_PROCESS_ATTACH
26/11/12 19:23:02
D
call: DLL_PROCESS_ATTACH
26/11/12 19:23:15
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1945370624 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for

26/11/12 19:23:15
A
26/11/12 19:23:15
R
26/11/12 19:23:47
D
call: DLL_PROCESS_ATTACH
26/11/12 19:26:11
D
call: DLL_PROCESS_ATTACH
26/11/12 19:26:12
D
call: DLL_PROCESS_ATTACH
26/11/12 19:26:13
A
26/11/12 19:26:13
R
26/11/12 19:26:19
A
26/11/12 19:26:19
R
26/11/12 19:26:25
A
26/11/12 19:26:25
R
26/11/12 19:26:26
A
26/11/12 19:26:26
D
call: DLL_PROCESS_DETACH
26/11/12 19:26:26
A
26/11/12 19:26:26
D
call: DLL_PROCESS_DETACH
26/11/12 19:26:49
D
call: DLL_PROCESS_ATTACH
26/11/12 19:26:50
A
26/11/12 19:26:50
F
26/11/12 19:26:50
A
26/11/12 19:26:50
F
26/11/12 19:26:50
A
26/11/12 19:26:50
F
26/11/12 19:26:50
A
26/11/12 19:26:50
F
26/11/12 19:26:55
D
call: DLL_PROCESS_ATTACH
26/11/12 19:26:57
A
26/11/12 19:26:57
D
call: DLL_PROCESS_DETACH
26/11/12 19:27:56
D
call: DLL_PROCESS_ATTACH
26/11/12 19:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 19:35:07
A
26/11/12 19:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 19:40:05
A
26/11/12 19:40:05
F
26/11/12 19:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 19:50:07
A
26/11/12 19:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 19:57:26
A
26/11/12 19:57:26
D
call: DLL_PROCESS_DETACH
26/11/12 19:57:26
A
26/11/12 19:57:26
D
call: DLL_PROCESS_DETACH
26/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 20:00:01
A
26/11/12 20:00:01
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for

26/11/12 20:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 20:05:07
A
26/11/12 20:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 20:17:20
D
call: DLL_PROCESS_ATTACH
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:20
A
26/11/12 20:17:20
F
26/11/12 20:17:21
A
26/11/12 20:17:21
F
26/11/12 20:17:21
A
26/11/12 20:17:21
F
26/11/12 20:17:21
A
26/11/12 20:17:21
F
26/11/12 20:17:21
A
26/11/12 20:17:21
F
26/11/12 20:18:15
A
26/11/12 20:20:06
D
call: DLL_PROCESS_ATTACH
26/11/12 20:20:07
A
26/11/12 20:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 20:22:24
A
26/11/12 20:24:04
A
26/11/12 20:24:04
F
26/11/12 20:24:04
A
26/11/12 20:24:04
F
26/11/12 20:24:04
A
26/11/12 20:24:04
F
26/11/12 20:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 20:35:07
A
26/11/12 20:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 20:44:33
A
26/11/12 20:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 20:50:07
A
26/11/12 20:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 21:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 21:00:01
A
26/11/12 21:00:01
D
call: DLL_PROCESS_DETACH
26/11/12 21:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 21:05:07
A
26/11/12 21:05:07
D

Enter DllMain -> Handle: 4098555904 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for

call: DLL_PROCESS_DETACH
26/11/12 21:06:43
A
26/11/12 21:15:33
A
26/11/12 21:15:33
D
call: DLL_PROCESS_DETACH
26/11/12 21:15:33
A
26/11/12 21:15:33
F
26/11/12 21:20:07
D
call: DLL_PROCESS_ATTACH
26/11/12 21:20:07
A
26/11/12 21:20:07
D
call: DLL_PROCESS_DETACH
26/11/12 21:35:07
D
call: DLL_PROCESS_ATTACH
26/11/12 21:35:07
A
26/11/12 21:35:07
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:06
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:07
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:07
A
26/11/12 21:40:07
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:08
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:08
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:08
A
26/11/12 21:40:08
A
26/11/12 21:40:08
A
26/11/12 21:40:08
A
26/11/12 21:40:09
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:09
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:09
A
26/11/12 21:40:09
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:09
A
26/11/12 21:40:09
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:09
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:09
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:09
A
26/11/12 21:40:09
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:09
A
26/11/12 21:40:09
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:10
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:10
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:10
A
26/11/12 21:40:10
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:10
A

-> CreateDCWCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback

26/11/12 21:40:10
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:11
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:11
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:11
A
26/11/12 21:40:11
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:11
A
26/11/12 21:40:11
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:12
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:12
A
26/11/12 21:40:12
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:13
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:13
A
26/11/12 21:40:13
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:13
D
call: DLL_PROCESS_ATTACH
26/11/12 21:40:21
A
26/11/12 21:40:21
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:22
A
26/11/12 21:40:22
D
call: DLL_PROCESS_DETACH
26/11/12 21:40:22
A
26/11/12 21:40:22
D
call: DLL_PROCESS_DETACH
26/11/12 21:50:07
D
call: DLL_PROCESS_ATTACH
26/11/12 21:50:07
A
26/11/12 21:50:07
D
call: DLL_PROCESS_DETACH
26/11/12 22:00:01
D
call: DLL_PROCESS_ATTACH
26/11/12 22:00:01
A
26/11/12 22:00:01
D
call: DLL_PROCESS_DETACH
26/11/12 22:03:17
D
call: DLL_PROCESS_ATTACH
26/11/12 22:03:48
A
26/11/12 22:03:48
D
call: DLL_PROCESS_DETACH
26/11/12 22:05:07
D
call: DLL_PROCESS_ATTACH
26/11/12 22:05:07
A
26/11/12 22:05:07
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D

Enter DllMain -> Handle: 4098555904 - Reason for

Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 4098555904 - Reason for

call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 22:15:00
D
call: DLL_PROCESS_DETACH
26/11/12 23:43:31
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:31
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:31
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
D
call: DLL_PROCESS_ATTACH
26/11/12 23:43:32
A
26/11/12 23:43:32
D
call: DLL_PROCESS_DETACH
26/11/12 23:43:32
A
26/11/12 23:43:32
D
call: DLL_PROCESS_DETACH
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:33
A
26/11/12 23:43:33
F
26/11/12 23:43:34
A
26/11/12 23:43:34
A
26/11/12 23:43:34
D
call: DLL_PROCESS_DETACH
26/11/12 23:43:40
A

Enter DllMain -> Handle: 4098555904 - Reason for

Enter DllMain -> Handle: 4098555904 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 1945370624 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4099801088 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4099801088 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4099801088 - Reason for
-> NtTerminateProcessCallback

26/11/12 23:43:40
D
call: DLL_PROCESS_DETACH
26/11/12 23:43:51
A
26/11/12 23:43:51
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:47:07
D
call: DLL_PROCESS_DETACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:43
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:45
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:45
D
call: DLL_PROCESS_ATTACH
26/11/12 23:49:45
A
26/11/12 23:49:45
D
call: DLL_PROCESS_DETACH
26/11/12 23:49:45
A
26/11/12 23:49:45
F
26/11/12 23:49:45
A
26/11/12 23:49:45
F
26/11/12 23:49:45
A
26/11/12 23:49:45
F
26/11/12 23:49:45
A
26/11/12 23:49:45
F

Enter DllMain -> Handle: 1943339008 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 4099801088 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 1943339008 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1

26/11/12 23:49:45
A
26/11/12 23:49:45
F
26/11/12 23:49:45
A
26/11/12 23:49:45
F
26/11/12 23:49:46
A
26/11/12 23:49:46
D
call: DLL_PROCESS_DETACH
26/11/12 23:49:47
A
26/11/12 23:49:47
A
26/11/12 23:49:47
D
call: DLL_PROCESS_DETACH
26/11/12 23:49:52
A
26/11/12 23:49:52
D
call: DLL_PROCESS_DETACH
26/11/12 23:50:05
A
26/11/12 23:50:05
D
call: DLL_PROCESS_DETACH
26/11/12 23:59:44
D
call: DLL_PROCESS_ATTACH
26/11/12 23:59:44
A
26/11/12 23:59:44
D
call: DLL_PROCESS_DETACH
27/11/12 00:00:01
D
call: DLL_PROCESS_ATTACH
27/11/12 00:00:01
A
27/11/12 00:00:01
D
call: DLL_PROCESS_DETACH
27/11/12 00:02:36
D
call: DLL_PROCESS_ATTACH
27/11/12 00:02:36
A
27/11/12 00:02:36
D
call: DLL_PROCESS_DETACH
27/11/12 00:04:36
D
call: DLL_PROCESS_ATTACH
27/11/12 00:04:41
A
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 00:15:27
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:06
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:06
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944846336 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 4195680256 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 1944846336 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for

call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:07
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:08
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:09
D
call: DLL_PROCESS_ATTACH
27/11/12 10:03:09
A
27/11/12 10:03:09
F
27/11/12 10:03:09
A
27/11/12 10:03:09
F
27/11/12 10:03:09
A
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
A
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
A
27/11/12 10:03:09
A
27/11/12 10:03:09
A
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
A
27/11/12 10:03:09
A
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
A
27/11/12 10:03:09
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:09
A
27/11/12 10:03:09
F
27/11/12 10:03:13
A
27/11/12 10:03:13
A
27/11/12 10:03:13
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:15
A

Enter DllMain -> Handle: 4106420224 - Reason for

Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
-> NtTerminateProcessCallback

27/11/12 10:03:15
D
call: DLL_PROCESS_DETACH
27/11/12 10:03:21
A
27/11/12 10:03:21
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 10:04:33
D
call: DLL_PROCESS_DETACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:47
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:49
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:49
D
call: DLL_PROCESS_ATTACH
27/11/12 15:14:49
A

Enter DllMain -> Handle: 1943404544 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 4106420224 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 1943404544 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback

27/11/12 15:14:49
D
call: DLL_PROCESS_DETACH
27/11/12 15:14:49
A
27/11/12 15:14:49
D
call: DLL_PROCESS_DETACH
27/11/12 15:14:53
A
27/11/12 15:14:53
D
call: DLL_PROCESS_DETACH
27/11/12 15:15:09
A
27/11/12 15:15:09
D
call: DLL_PROCESS_DETACH
27/11/12 15:20:03
D
call: DLL_PROCESS_ATTACH
27/11/12 15:20:03
A
27/11/12 15:20:03
D
call: DLL_PROCESS_DETACH
27/11/12 15:24:01
D
call: DLL_PROCESS_ATTACH
27/11/12 15:24:01
A
27/11/12 15:24:01
A
27/11/12 15:24:01
A
27/11/12 15:24:01
A
27/11/12 15:24:01
D
call: DLL_PROCESS_ATTACH
27/11/12 15:24:01
D
call: DLL_PROCESS_ATTACH
27/11/12 15:24:01
A
27/11/12 15:24:01
D
call: DLL_PROCESS_DETACH
27/11/12 15:24:01
A
27/11/12 15:24:01
D
call: DLL_PROCESS_DETACH
27/11/12 15:25:49
D
call: DLL_PROCESS_ATTACH
27/11/12 15:25:49
A
27/11/12 15:25:49
D
call: DLL_PROCESS_DETACH
27/11/12 15:27:44
D
call: DLL_PROCESS_ATTACH
27/11/12 15:27:44
A
27/11/12 15:27:44
D
call: DLL_PROCESS_DETACH
27/11/12 15:29:43
D
call: DLL_PROCESS_ATTACH
27/11/12 15:29:48
A
27/11/12 15:35:03
D
call: DLL_PROCESS_ATTACH
27/11/12 15:35:03
A
27/11/12 15:35:03
D
call: DLL_PROCESS_DETACH
27/11/12 15:37:14
A
27/11/12 15:37:15
D
call: DLL_PROCESS_ATTACH
27/11/12 15:50:03
D
call: DLL_PROCESS_ATTACH
27/11/12 15:50:03
A
27/11/12 15:50:03
D
call: DLL_PROCESS_DETACH
27/11/12 16:00:01
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 4211343360 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for

27/11/12 16:00:01
A
27/11/12 16:00:01
D
call: DLL_PROCESS_DETACH
27/11/12 16:05:03
D
call: DLL_PROCESS_ATTACH
27/11/12 16:05:03
A
27/11/12 16:05:03
D
call: DLL_PROCESS_DETACH
27/11/12 16:07:13
D
call: DLL_PROCESS_ATTACH
27/11/12 16:07:27
A
27/11/12 16:07:27
F
27/11/12 16:20:03
D
call: DLL_PROCESS_ATTACH
27/11/12 16:20:03
A
27/11/12 16:20:03
D
call: DLL_PROCESS_DETACH
27/11/12 16:21:06
D
call: DLL_PROCESS_ATTACH
27/11/12 16:21:07
A
27/11/12 16:21:07
F
27/11/12 16:21:08
D
call: DLL_PROCESS_ATTACH
27/11/12 16:21:08
A
27/11/12 16:21:08
D
call: DLL_PROCESS_DETACH
27/11/12 16:21:14
A
27/11/12 16:21:14
D
call: DLL_PROCESS_DETACH
27/11/12 16:35:03
D
call: DLL_PROCESS_ATTACH
27/11/12 16:35:03
A
27/11/12 16:35:03
D
call: DLL_PROCESS_DETACH
27/11/12 16:49:40
D
call: DLL_PROCESS_ATTACH
27/11/12 16:49:40
A
27/11/12 16:49:40
F
27/11/12 16:49:42
A
27/11/12 16:49:42
D
call: DLL_PROCESS_DETACH
27/11/12 16:50:03
D
call: DLL_PROCESS_ATTACH
27/11/12 16:50:03
A
27/11/12 16:50:03
D
call: DLL_PROCESS_DETACH
27/11/12 17:00:01
D
call: DLL_PROCESS_ATTACH
27/11/12 17:00:02
A
27/11/12 17:00:02
D
call: DLL_PROCESS_DETACH
27/11/12 17:05:03
D
call: DLL_PROCESS_ATTACH
27/11/12 17:05:03
A
27/11/12 17:05:03
D
call: DLL_PROCESS_DETACH
27/11/12 17:09:15
A
27/11/12 17:09:15
D
call: DLL_PROCESS_DETACH
27/11/12 17:09:15
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
-> CreateDCWCallback

27/11/12 17:09:15
F
27/11/12 17:09:15
A
27/11/12 17:09:15
F
27/11/12 17:09:52
D
call: DLL_PROCESS_ATTACH
27/11/12 17:12:54
D
call: DLL_PROCESS_ATTACH
27/11/12 17:20:03
D
call: DLL_PROCESS_ATTACH
27/11/12 17:20:03
A
27/11/12 17:20:03
D
call: DLL_PROCESS_DETACH
27/11/12 17:35:03
D
call: DLL_PROCESS_ATTACH
27/11/12 17:35:03
A
27/11/12 17:35:03
D
call: DLL_PROCESS_DETACH
27/11/12 17:40:37
A
27/11/12 17:40:37
F
27/11/12 17:50:03
D
call: DLL_PROCESS_ATTACH
27/11/12 17:50:03
A
27/11/12 17:50:03
D
call: DLL_PROCESS_DETACH
27/11/12 17:51:49
A
27/11/12 17:51:49
F
27/11/12 17:51:50
A
27/11/12 17:51:50
D
call: DLL_PROCESS_DETACH
27/11/12 17:51:51
A
27/11/12 17:51:51
F
27/11/12 17:52:16
D
call: DLL_PROCESS_ATTACH
27/11/12 17:52:16
A
27/11/12 17:52:16
D
call: DLL_PROCESS_DETACH
27/11/12 17:52:17
D
call: DLL_PROCESS_ATTACH
27/11/12 17:52:20
A
27/11/12 17:52:20
F
27/11/12 18:00:02
D
call: DLL_PROCESS_ATTACH
27/11/12 18:00:02
A
27/11/12 18:00:02
D
call: DLL_PROCESS_DETACH
27/11/12 18:05:03
D
call: DLL_PROCESS_ATTACH
27/11/12 18:05:03
A
27/11/12 18:05:03
D
call: DLL_PROCESS_DETACH
27/11/12 18:20:03
D
call: DLL_PROCESS_ATTACH
27/11/12 18:20:03
A
27/11/12 18:20:03
D
call: DLL_PROCESS_DETACH
27/11/12 18:20:44
A
27/11/12 18:20:44
A
27/11/12 18:20:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:05
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
-> NtTerminateProcessCallback

27/11/12 18:21:05
D
call: DLL_PROCESS_DETACH
27/11/12 18:21:05
A
27/11/12 18:21:06
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:18
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:19
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:26
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:26
A
27/11/12 18:21:26
D
call: DLL_PROCESS_DETACH
27/11/12 18:21:30
D
call: DLL_PROCESS_ATTACH
27/11/12 18:21:30
A
27/11/12 18:21:30
D
call: DLL_PROCESS_DETACH
27/11/12 18:27:47
A
27/11/12 18:27:47
R
27/11/12 18:27:47
A
27/11/12 18:27:47
D
call: DLL_PROCESS_DETACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:46
A
27/11/12 18:28:46
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:47
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:47
A
27/11/12 18:28:47
A
27/11/12 18:28:47
A
27/11/12 18:28:47
A
27/11/12 18:28:47
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:47
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:47
A
27/11/12 18:28:47
D
call: DLL_PROCESS_DETACH
27/11/12 18:28:47
A
27/11/12 18:28:47
D

Enter DllMain -> Handle: 4211343360 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4211343360 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947140096 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for

call: DLL_PROCESS_DETACH
27/11/12 18:28:47
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:47
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:48
D
call: DLL_PROCESS_ATTACH
27/11/12 18:28:49
A
27/11/12 18:28:49
D
call: DLL_PROCESS_DETACH
27/11/12 18:28:49
A
27/11/12 18:28:49
D
call: DLL_PROCESS_DETACH
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:50
A
27/11/12 18:28:50
F
27/11/12 18:28:52
A
27/11/12 18:28:52
A
27/11/12 18:28:52
D
call: DLL_PROCESS_DETACH
27/11/12 18:28:57
A
27/11/12 18:28:57
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:04
A
27/11/12 18:29:04
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:16
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:18
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:22
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:22
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:22
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:22
A
27/11/12 18:29:22
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:22
A
27/11/12 18:29:22
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:22
A
27/11/12 18:29:22
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:23
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:23
A
27/11/12 18:29:23
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:26
D

Enter DllMain -> Handle: 4141613056 - Reason for

Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for

call: DLL_PROCESS_ATTACH
27/11/12 18:29:27
A
27/11/12 18:29:27
D
call: DLL_PROCESS_DETACH
27/11/12 18:29:27
A
27/11/12 18:29:27
R
27/11/12 18:29:29
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:30
D
call: DLL_PROCESS_ATTACH
27/11/12 18:29:32
A
27/11/12 18:29:32
R
27/11/12 18:30:10
D
call: DLL_PROCESS_ATTACH
27/11/12 18:41:36
D
call: DLL_PROCESS_ATTACH
27/11/12 18:41:36
A
27/11/12 18:41:36
D
call: DLL_PROCESS_DETACH
27/11/12 18:43:35
D
call: DLL_PROCESS_ATTACH
27/11/12 18:43:40
A
27/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
27/11/12 19:00:00
D
call: DLL_PROCESS_ATTACH
27/11/12 19:00:00
A
27/11/12 19:00:00
D
call: DLL_PROCESS_DETACH
27/11/12 19:01:20
A
27/11/12 19:01:20
D
call: DLL_PROCESS_DETACH
27/11/12 19:15:39
D
call: DLL_PROCESS_ATTACH
27/11/12 19:15:39
A
27/11/12 19:15:39
D
call: DLL_PROCESS_DETACH
27/11/12 19:28:06
A
27/11/12 19:28:06
R
27/11/12 19:29:10
A
27/11/12 19:29:10
R
27/11/12 19:29:11
A
27/11/12 19:29:11
D
call: DLL_PROCESS_DETACH
27/11/12 19:29:11
A
27/11/12 19:29:11
D
call: DLL_PROCESS_DETACH
27/11/12 19:30:39
D
call: DLL_PROCESS_ATTACH
27/11/12 19:30:39
A
27/11/12 19:30:39
D
call: DLL_PROCESS_DETACH
27/11/12 19:39:47
D
call: DLL_PROCESS_ATTACH
27/11/12 19:39:47
A
27/11/12 19:39:47
D
call: DLL_PROCESS_DETACH
27/11/12 19:41:31
A
27/11/12 19:41:31
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
La victima es Asesino chrome.exe
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for

27/11/12 19:45:39
D
call: DLL_PROCESS_ATTACH
27/11/12 19:45:39
A
27/11/12 19:45:39
D
call: DLL_PROCESS_DETACH
27/11/12 19:51:43
D
call: DLL_PROCESS_ATTACH
27/11/12 19:51:43
D
call: DLL_PROCESS_ATTACH
27/11/12 19:52:01
D
call: DLL_PROCESS_ATTACH
27/11/12 19:52:03
A
27/11/12 19:52:03
D
call: DLL_PROCESS_DETACH
27/11/12 19:52:03
A
27/11/12 19:52:03
R
27/11/12 19:52:47
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:03
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:03
A
27/11/12 19:57:03
D
call: DLL_PROCESS_DETACH
27/11/12 19:57:03
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:03
A
27/11/12 19:57:03
D
call: DLL_PROCESS_DETACH
27/11/12 19:57:04
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:04
A
27/11/12 19:57:04
D
call: DLL_PROCESS_DETACH
27/11/12 19:57:04
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:04
A
27/11/12 19:57:04
D
call: DLL_PROCESS_DETACH
27/11/12 19:57:04
D
call: DLL_PROCESS_ATTACH
27/11/12 19:57:04
A
27/11/12 19:57:04
D
call: DLL_PROCESS_DETACH
27/11/12 20:00:01
D
call: DLL_PROCESS_ATTACH
27/11/12 20:00:01
A
27/11/12 20:00:01
D
call: DLL_PROCESS_DETACH
27/11/12 20:00:39
D
call: DLL_PROCESS_ATTACH
27/11/12 20:00:39
A
27/11/12 20:00:39
D
call: DLL_PROCESS_DETACH
27/11/12 20:09:58
A
27/11/12 20:09:58
R
27/11/12 20:09:58
A
27/11/12 20:09:58
D
call: DLL_PROCESS_DETACH
27/11/12 20:09:58
A
27/11/12 20:09:59
D

Enter DllMain -> Handle: 4141613056 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for

call: DLL_PROCESS_DETACH
27/11/12 20:10:03
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:03
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:10
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:11
A
27/11/12 20:10:11
D
call: DLL_PROCESS_DETACH
27/11/12 20:10:11
A
27/11/12 20:10:11
R
27/11/12 20:10:18
A
27/11/12 20:10:18
R
27/11/12 20:10:19
A
27/11/12 20:10:19
D
call: DLL_PROCESS_DETACH
27/11/12 20:10:41
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:41
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:46
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:46
A
27/11/12 20:10:46
A
27/11/12 20:10:46
R
27/11/12 20:10:46
D
call: DLL_PROCESS_ATTACH
27/11/12 20:10:46
A
27/11/12 20:10:46
A
27/11/12 20:10:46
R
27/11/12 20:13:50
A
27/11/12 20:13:50
R
27/11/12 20:13:51
A
27/11/12 20:13:51
D
call: DLL_PROCESS_DETACH
27/11/12 20:15:07
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:08
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:08
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:08
A
27/11/12 20:15:08
F
27/11/12 20:15:09
A
27/11/12 20:15:09
F
27/11/12 20:15:09
A
27/11/12 20:15:09
F
27/11/12 20:15:09
A
27/11/12 20:15:09
F
27/11/12 20:15:09
A
27/11/12 20:15:09
F
27/11/12 20:15:11
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:11
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:13
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:13
A
27/11/12 20:15:13
R

Enter DllMain -> Handle: 1956773888 - Reason for

Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

27/11/12 20:15:39
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:39
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:39
A
27/11/12 20:15:39
D
call: DLL_PROCESS_DETACH
27/11/12 20:15:47
A
27/11/12 20:15:47
D
call: DLL_PROCESS_DETACH
27/11/12 20:15:48
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:49
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:54
A
27/11/12 20:15:54
D
call: DLL_PROCESS_DETACH
27/11/12 20:15:54
D
call: DLL_PROCESS_ATTACH
27/11/12 20:15:54
A
27/11/12 20:15:54
D
call: DLL_PROCESS_DETACH
27/11/12 20:16:18
A
27/11/12 20:16:18
F
27/11/12 20:16:18
A
27/11/12 20:16:18
F
27/11/12 20:16:18
A
27/11/12 20:16:18
F
27/11/12 20:18:59
A
27/11/12 20:18:59
F
27/11/12 20:18:59
A
27/11/12 20:18:59
F
27/11/12 20:18:59
A
27/11/12 20:18:59
F
27/11/12 20:19:12
A
27/11/12 20:19:12
F
27/11/12 20:21:59
A
27/11/12 20:21:59
F
27/11/12 20:21:59
A
27/11/12 20:21:59
F
27/11/12 20:21:59
A
27/11/12 20:21:59
F
27/11/12 20:22:08
A
27/11/12 20:22:08
F
27/11/12 20:29:25
A
27/11/12 20:29:25
F
27/11/12 20:29:25
A
27/11/12 20:29:25
F
27/11/12 20:29:25
A
27/11/12 20:29:25
F
27/11/12 20:30:00
A
27/11/12 20:30:00
F
27/11/12 20:30:39
D
call: DLL_PROCESS_ATTACH
27/11/12 20:30:39
A
27/11/12 20:30:39
D
call: DLL_PROCESS_DETACH
27/11/12 20:34:55
A
27/11/12 20:34:55
F
27/11/12 20:34:55
A

Enter DllMain -> Handle: 1956773888 - Reason for

Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

27/11/12 20:34:55
F
27/11/12 20:34:56
A
27/11/12 20:34:56
F
27/11/12 20:35:04
A
27/11/12 20:35:04
F
27/11/12 20:39:29
A
27/11/12 20:39:29
F
27/11/12 20:39:29
A
27/11/12 20:39:29
F
27/11/12 20:39:29
A
27/11/12 20:39:29
F
27/11/12 20:39:34
A
27/11/12 20:39:34
F
27/11/12 20:44:51
A
27/11/12 20:44:51
F
27/11/12 20:44:51
A
27/11/12 20:44:51
F
27/11/12 20:44:51
A
27/11/12 20:44:51
F
27/11/12 20:45:12
A
27/11/12 20:45:12
F
27/11/12 20:45:39
D
call: DLL_PROCESS_ATTACH
27/11/12 20:45:39
A
27/11/12 20:45:39
D
call: DLL_PROCESS_DETACH
27/11/12 20:51:14
A
27/11/12 20:51:14
F
27/11/12 20:51:14
A
27/11/12 20:51:14
F
27/11/12 20:51:14
A
27/11/12 20:51:14
F
27/11/12 20:51:46
A
27/11/12 20:51:46
F
27/11/12 20:58:19
A
27/11/12 20:58:19
F
27/11/12 20:58:19
A
27/11/12 20:58:19
F
27/11/12 20:58:19
A
27/11/12 20:58:19
F
27/11/12 20:58:23
A
27/11/12 20:58:23
F
27/11/12 21:00:00
D
call: DLL_PROCESS_ATTACH
27/11/12 21:00:00
A
27/11/12 21:00:00
D
call: DLL_PROCESS_DETACH
27/11/12 21:00:39
D
call: DLL_PROCESS_ATTACH
27/11/12 21:00:39
A
27/11/12 21:00:39
D
call: DLL_PROCESS_DETACH
27/11/12 21:05:12
A
27/11/12 21:05:12
F
27/11/12 21:05:12
A
27/11/12 21:05:12
F
27/11/12 21:05:12
A
27/11/12 21:05:12
F
27/11/12 21:05:22
A
27/11/12 21:05:22
R

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

27/11/12 21:05:23
A
27/11/12 21:05:23
D
call: DLL_PROCESS_DETACH
27/11/12 21:05:23
A
27/11/12 21:05:23
D
call: DLL_PROCESS_DETACH
27/11/12 21:05:24
A
27/11/12 21:05:24
F
27/11/12 21:06:52
A
27/11/12 21:06:52
D
call: DLL_PROCESS_DETACH
27/11/12 21:06:52
A
27/11/12 21:06:52
F
27/11/12 21:06:52
A
27/11/12 21:06:52
F
27/11/12 21:06:53
A
27/11/12 21:06:53
F
27/11/12 21:07:18
D
call: DLL_PROCESS_ATTACH
27/11/12 21:07:18
A
27/11/12 21:07:18
D
call: DLL_PROCESS_DETACH
27/11/12 21:07:18
A
27/11/12 21:07:18
D
call: DLL_PROCESS_DETACH
27/11/12 21:07:24
A
27/11/12 21:07:24
D
call: DLL_PROCESS_DETACH
27/11/12 21:15:39
D
call: DLL_PROCESS_ATTACH
27/11/12 21:15:39
A
27/11/12 21:15:39
D
call: DLL_PROCESS_DETACH
27/11/12 21:30:39
D
call: DLL_PROCESS_ATTACH
27/11/12 21:30:39
A
27/11/12 21:30:39
D
call: DLL_PROCESS_DETACH
27/11/12 21:45:39
D
call: DLL_PROCESS_ATTACH
27/11/12 21:45:39
A
27/11/12 21:45:39
D
call: DLL_PROCESS_DETACH
27/11/12 21:46:06
A
27/11/12 21:46:06
D
call: DLL_PROCESS_ATTACH
27/11/12 22:00:00
D
call: DLL_PROCESS_ATTACH
27/11/12 22:00:00
A
27/11/12 22:00:00
D
call: DLL_PROCESS_DETACH
27/11/12 22:00:39
D
call: DLL_PROCESS_ATTACH
27/11/12 22:00:39
A
27/11/12 22:00:39
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for

27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
27/11/12 22:09:17
D
call: DLL_PROCESS_DETACH
28/11/12 10:12:57
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:57
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:57
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:57
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:57
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:58
A
28/11/12 10:12:58
D
call: DLL_PROCESS_DETACH
28/11/12 10:12:58
A
28/11/12 10:12:59
D
call: DLL_PROCESS_DETACH
28/11/12 10:12:59
A
28/11/12 10:12:59
F
28/11/12 10:12:59
A
28/11/12 10:12:59
F
28/11/12 10:12:59
A
28/11/12 10:12:59
F
28/11/12 10:12:59
D
call: DLL_PROCESS_ATTACH
28/11/12 10:12:59
A
28/11/12 10:12:59
D
call: DLL_PROCESS_DETACH
28/11/12 10:12:59
D

Enter DllMain -> Handle: 4141613056 - Reason for

Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 4141613056 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 1956773888 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for

call: DLL_PROCESS_ATTACH
28/11/12 10:12:59
A
28/11/12 10:12:59
A
28/11/12 10:12:59
A
28/11/12 10:12:59
A
28/11/12 10:12:59
D
call: DLL_PROCESS_ATTACH
28/11/12 10:13:00
D
call: DLL_PROCESS_ATTACH
28/11/12 10:13:00
A
28/11/12 10:13:00
D
call: DLL_PROCESS_DETACH
28/11/12 10:13:00
A
28/11/12 10:13:00
D
call: DLL_PROCESS_DETACH
28/11/12 10:13:00
A
28/11/12 10:13:00
F
28/11/12 10:13:00
A
28/11/12 10:13:00
F
28/11/12 10:13:00
A
28/11/12 10:13:00
F
28/11/12 10:13:01
A
28/11/12 10:13:01
A
28/11/12 10:13:01
D
call: DLL_PROCESS_DETACH
28/11/12 10:13:07
A
28/11/12 10:13:07
D
call: DLL_PROCESS_DETACH
28/11/12 10:13:17
D
call: DLL_PROCESS_ATTACH
28/11/12 10:13:18
D
call: DLL_PROCESS_ATTACH
28/11/12 10:13:18
A
28/11/12 10:13:18
D
call: DLL_PROCESS_DETACH
28/11/12 10:13:26
D
call: DLL_PROCESS_ATTACH
28/11/12 10:13:27
A
28/11/12 10:13:27
A
28/11/12 10:13:27
R
28/11/12 10:13:48
D
call: DLL_PROCESS_ATTACH
28/11/12 10:22:12
A
28/11/12 10:22:12
F
28/11/12 10:23:04
D
call: DLL_PROCESS_ATTACH
28/11/12 10:23:23
D
call: DLL_PROCESS_ATTACH
28/11/12 10:23:24
A
28/11/12 10:23:24
R
28/11/12 10:25:49
D
call: DLL_PROCESS_ATTACH
28/11/12 10:25:49
A
28/11/12 10:25:49
D
call: DLL_PROCESS_DETACH
28/11/12 10:27:48
D
call: DLL_PROCESS_ATTACH
28/11/12 10:27:53
A
28/11/12 10:58:50
A
28/11/12 10:58:50
R

-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe

28/11/12 10:58:51
D
call: DLL_PROCESS_ATTACH
28/11/12 10:58:58
D
call: DLL_PROCESS_ATTACH
28/11/12 10:58:59
A
28/11/12 10:58:59
D
call: DLL_PROCESS_DETACH
28/11/12 10:58:59
A
28/11/12 10:58:59
R
28/11/12 10:59:05
D
call: DLL_PROCESS_ATTACH
28/11/12 10:59:13
A
28/11/12 10:59:13
R
28/11/12 10:59:13
D
call: DLL_PROCESS_ATTACH
28/11/12 10:59:14
A
28/11/12 10:59:14
D
call: DLL_PROCESS_DETACH
28/11/12 10:59:14
A
28/11/12 10:59:14
R
28/11/12 10:59:53
D
call: DLL_PROCESS_ATTACH
28/11/12 10:59:53
A
28/11/12 10:59:53
D
call: DLL_PROCESS_DETACH
28/11/12 11:00:01
D
call: DLL_PROCESS_ATTACH
28/11/12 11:00:02
A
28/11/12 11:00:02
D
call: DLL_PROCESS_DETACH
28/11/12 11:09:19
D
call: DLL_PROCESS_ATTACH
28/11/12 11:09:23
D
call: DLL_PROCESS_ATTACH
28/11/12 11:09:28
A
28/11/12 11:09:28
D
call: DLL_PROCESS_DETACH
28/11/12 11:09:28
A
28/11/12 11:09:28
R
28/11/12 11:14:53
D
call: DLL_PROCESS_ATTACH
28/11/12 11:14:53
A
28/11/12 11:14:53
D
call: DLL_PROCESS_DETACH
28/11/12 11:18:06
A
28/11/12 11:18:06
R
28/11/12 11:19:01
D
call: DLL_PROCESS_ATTACH
28/11/12 11:19:01
D
call: DLL_PROCESS_ATTACH
28/11/12 11:19:18
A
28/11/12 11:19:18
D
call: DLL_PROCESS_DETACH
28/11/12 11:19:59
D
call: DLL_PROCESS_ATTACH
28/11/12 11:19:59
D
call: DLL_PROCESS_ATTACH
28/11/12 11:19:59
A
28/11/12 11:19:59
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1943666688 - Reason for

Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for

28/11/12 11:20:22
A
28/11/12 11:20:22
D
call: DLL_PROCESS_DETACH
28/11/12 11:21:06
A
28/11/12 11:21:06
R
28/11/12 11:21:08
D
call: DLL_PROCESS_ATTACH
28/11/12 11:21:09
A
28/11/12 11:21:09
D
call: DLL_PROCESS_DETACH
28/11/12 11:22:02
A
28/11/12 11:22:02
D
call: DLL_PROCESS_DETACH
28/11/12 11:22:11
D
call: DLL_PROCESS_ATTACH
28/11/12 11:22:11
A
28/11/12 11:22:21
A
28/11/12 11:22:21
F
28/11/12 11:22:21
D
call: DLL_PROCESS_ATTACH
28/11/12 11:22:26
A
28/11/12 11:22:34
D
call: DLL_PROCESS_ATTACH
28/11/12 11:22:39
A
28/11/12 11:22:39
A
28/11/12 11:22:39
D
call: DLL_PROCESS_DETACH
28/11/12 11:24:34
D
call: DLL_PROCESS_ATTACH
28/11/12 11:24:39
A
28/11/12 11:24:39
A
28/11/12 11:24:39
D
call: DLL_PROCESS_DETACH
28/11/12 11:25:04
A
28/11/12 11:25:04
R
28/11/12 11:25:04
A
28/11/12 11:25:04
D
call: DLL_PROCESS_DETACH
28/11/12 11:25:04
A
28/11/12 11:25:04
D
call: DLL_PROCESS_DETACH
28/11/12 11:25:04
A
28/11/12 11:25:04
D
call: DLL_PROCESS_DETACH
28/11/12 11:27:53
D
call: DLL_PROCESS_ATTACH
28/11/12 11:28:15
A
28/11/12 11:28:15
D
call: DLL_PROCESS_DETACH
28/11/12 11:29:53
D
call: DLL_PROCESS_ATTACH
28/11/12 11:29:53
A
28/11/12 11:29:53
D
call: DLL_PROCESS_DETACH
28/11/12 11:44:53
D
call: DLL_PROCESS_ATTACH
28/11/12 11:44:53
A
28/11/12 11:44:53
D
call: DLL_PROCESS_DETACH
28/11/12 11:59:53
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for

call: DLL_PROCESS_ATTACH
28/11/12 11:59:53
A
28/11/12 11:59:53
D
call: DLL_PROCESS_DETACH
28/11/12 12:00:01
D
call: DLL_PROCESS_ATTACH
28/11/12 12:00:01
A
28/11/12 12:00:01
D
call: DLL_PROCESS_DETACH
28/11/12 12:08:11
D
call: DLL_PROCESS_ATTACH
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:18
A
28/11/12 12:08:18
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A
28/11/12 12:08:22
F
28/11/12 12:08:22
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12

12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:22
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:23
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12
28/11/12

12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:24
12:08:26
12:08:26
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54
12:10:54

F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A
F
A

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback

28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:10:54
A
28/11/12 12:10:54
F
28/11/12 12:14:53
D
call: DLL_PROCESS_ATTACH
28/11/12 12:14:53
A
28/11/12 12:14:53
D
call: DLL_PROCESS_DETACH
28/11/12 12:29:53
D
call: DLL_PROCESS_ATTACH
28/11/12 12:29:53
A
28/11/12 12:29:53
D
call: DLL_PROCESS_DETACH
28/11/12 12:44:53
D
call: DLL_PROCESS_ATTACH
28/11/12 12:44:53
A
28/11/12 12:44:53
D
call: DLL_PROCESS_DETACH
28/11/12 12:59:53
D
call: DLL_PROCESS_ATTACH
28/11/12 12:59:53
A
28/11/12 12:59:53
D
call: DLL_PROCESS_DETACH
28/11/12 13:00:01
D
call: DLL_PROCESS_ATTACH
28/11/12 13:00:01
A
28/11/12 13:00:01
D
call: DLL_PROCESS_DETACH
28/11/12 13:14:53
D
call: DLL_PROCESS_ATTACH
28/11/12 13:14:53
A
28/11/12 13:14:53
D
call: DLL_PROCESS_DETACH
28/11/12 13:29:53
D
call: DLL_PROCESS_ATTACH
28/11/12 13:29:53
A
28/11/12 13:29:53
D
call: DLL_PROCESS_DETACH
28/11/12 13:44:53
D
call: DLL_PROCESS_ATTACH
28/11/12 13:44:53
A
28/11/12 13:44:53
D

lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for

call: DLL_PROCESS_DETACH
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:48:55
A
28/11/12 13:48:55
F
28/11/12 13:49:02
A
28/11/12 13:49:02
D
call: DLL_PROCESS_DETACH
28/11/12 13:49:03
A
28/11/12 13:49:03
F
28/11/12 13:49:06
D
call: DLL_PROCESS_ATTACH
28/11/12 13:49:06
D
call: DLL_PROCESS_ATTACH
28/11/12 13:53:32
D
call: DLL_PROCESS_ATTACH
28/11/12 13:53:32
A
28/11/12 13:53:32
R
28/11/12 13:53:45
D
call: DLL_PROCESS_ATTACH
28/11/12 13:53:46
A
28/11/12 13:53:46
A
28/11/12 13:53:46
R
28/11/12 13:59:53
D

-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY2
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY3
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for

call: DLL_PROCESS_ATTACH
28/11/12 13:59:53
A
28/11/12 13:59:53
D
call: DLL_PROCESS_DETACH
28/11/12 14:00:01
D
call: DLL_PROCESS_ATTACH
28/11/12 14:00:01
A
28/11/12 14:00:01
D
call: DLL_PROCESS_DETACH
28/11/12 14:03:25
D
call: DLL_PROCESS_ATTACH
28/11/12 14:03:25
A
28/11/12 14:03:25
D
call: DLL_PROCESS_DETACH
28/11/12 14:03:26
D
call: DLL_PROCESS_ATTACH
28/11/12 14:03:26
A
28/11/12 14:03:26
D
call: DLL_PROCESS_DETACH
28/11/12 14:03:41
D
call: DLL_PROCESS_ATTACH
28/11/12 14:06:14
A
28/11/12 14:06:14
F
28/11/12 14:06:17
D
call: DLL_PROCESS_ATTACH
28/11/12 14:06:23
A
28/11/12 14:06:23
R
28/11/12 14:07:13
D
call: DLL_PROCESS_ATTACH
28/11/12 14:14:53
D
call: DLL_PROCESS_ATTACH
28/11/12 14:14:53
A
28/11/12 14:14:53
D
call: DLL_PROCESS_DETACH
28/11/12 14:18:08
D
call: DLL_PROCESS_ATTACH
28/11/12 14:18:46
A
28/11/12 14:18:46
A
28/11/12 14:18:46
R
28/11/12 14:20:49
D
call: DLL_PROCESS_ATTACH
28/11/12 14:20:57
D
call: DLL_PROCESS_ATTACH
28/11/12 14:20:57
A
28/11/12 14:20:58
D
call: DLL_PROCESS_DETACH
28/11/12 14:20:58
A
28/11/12 14:20:58
R
28/11/12 14:20:58
D
call: DLL_PROCESS_ATTACH
28/11/12 14:20:58
A
28/11/12 14:20:58
R
28/11/12 14:21:05
A
28/11/12 14:21:05
R
28/11/12 14:21:07
D
call: DLL_PROCESS_ATTACH
28/11/12 14:21:10
D
call: DLL_PROCESS_ATTACH
28/11/12 14:21:10
A
28/11/12 14:21:10
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
-> NtTerminateProcessCallback
La victima es Asesino EXCEL.EXE
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for

call: DLL_PROCESS_DETACH
28/11/12 14:21:10
A
28/11/12 14:21:10
R
28/11/12 14:21:10
D
call: DLL_PROCESS_ATTACH
28/11/12 14:21:11
A
28/11/12 14:21:11
R
28/11/12 14:22:57
D
call: DLL_PROCESS_ATTACH
28/11/12 14:22:57
A
28/11/12 14:22:57
F
28/11/12 14:22:57
A
28/11/12 14:22:57
F
28/11/12 14:22:57
A
28/11/12 14:22:57
F
28/11/12 14:22:57
A
28/11/12 14:22:57
F
28/11/12 14:24:10
A
28/11/12 14:24:10
R
28/11/12 14:25:05
A
28/11/12 14:25:05
D
call: DLL_PROCESS_DETACH
28/11/12 14:25:06
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:10
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:10
A
28/11/12 14:25:10
A
28/11/12 14:25:10
R
28/11/12 14:25:10
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:10
A
28/11/12 14:25:10
D
call: DLL_PROCESS_DETACH
28/11/12 14:25:10
A
28/11/12 14:25:10
R
28/11/12 14:25:53
A
28/11/12 14:25:53
R
28/11/12 14:25:55
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:58
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:58
A
28/11/12 14:25:58
A
28/11/12 14:25:58
R
28/11/12 14:25:58
D
call: DLL_PROCESS_ATTACH
28/11/12 14:25:59
A
28/11/12 14:25:59
R
28/11/12 14:29:19
D
call: DLL_PROCESS_ATTACH
28/11/12 14:29:24
D
call: DLL_PROCESS_ATTACH
28/11/12 14:29:24
A
28/11/12 14:29:24
D
call: DLL_PROCESS_DETACH
28/11/12 14:29:24
A
28/11/12 14:29:24
R
28/11/12 14:29:24
D
call: DLL_PROCESS_ATTACH

-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for

28/11/12 14:29:24
A
28/11/12 14:29:24
D
call: DLL_PROCESS_DETACH
28/11/12 14:29:24
A
28/11/12 14:29:24
R
28/11/12 14:29:31
D
call: DLL_PROCESS_ATTACH
28/11/12 14:29:31
A
28/11/12 14:29:31
D
call: DLL_PROCESS_DETACH
28/11/12 14:29:31
A
28/11/12 14:29:31
R
28/11/12 14:29:45
A
28/11/12 14:29:45
R
28/11/12 14:29:53
D
call: DLL_PROCESS_ATTACH
28/11/12 14:29:53
A
28/11/12 14:29:53
D
call: DLL_PROCESS_DETACH
28/11/12 14:30:34
A
28/11/12 14:30:34
R
28/11/12 14:30:40
A
28/11/12 14:30:40
R
28/11/12 14:30:41
A
28/11/12 14:30:41
R
28/11/12 14:30:42
A
28/11/12 14:30:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:30:42
A
28/11/12 14:30:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:30:47
A
28/11/12 14:30:47
D
call: DLL_PROCESS_DETACH
28/11/12 14:30:52
D
call: DLL_PROCESS_ATTACH
28/11/12 14:30:52
D
call: DLL_PROCESS_ATTACH
28/11/12 14:30:55
D
call: DLL_PROCESS_ATTACH
28/11/12 14:30:56
A
28/11/12 14:30:56
F
28/11/12 14:30:56
A
28/11/12 14:30:56
F
28/11/12 14:30:56
A
28/11/12 14:30:56
F
28/11/12 14:30:56
A
28/11/12 14:30:56
F
28/11/12 14:30:59
A
28/11/12 14:30:59
R
28/11/12 14:30:59
A
28/11/12 14:30:59
D
call: DLL_PROCESS_DETACH
28/11/12 14:31:00
A
28/11/12 14:31:00
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4108058624 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for

28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:33:42
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
A
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:43
A
28/11/12 14:40:43
A
28/11/12 14:40:43
A
28/11/12 14:40:43
A
28/11/12 14:40:43
A
28/11/12 14:40:43
F
28/11/12 14:40:43
A
28/11/12 14:40:43
F
28/11/12 14:40:43
A
28/11/12 14:40:43
F
28/11/12 14:40:44
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:44
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:44
A
28/11/12 14:40:44
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:44
A
28/11/12 14:40:44
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:44
D

Enter DllMain -> Handle: 4108058624 - Reason for

Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 4108058624 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 1943666688 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
->
->
->
->
->

CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1934753792 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for

call: DLL_PROCESS_ATTACH
28/11/12 14:40:44
D
call: DLL_PROCESS_ATTACH
28/11/12 14:40:44
A
28/11/12 14:40:44
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:44
A
28/11/12 14:40:44
F
28/11/12 14:40:45
A
28/11/12 14:40:45
F
28/11/12 14:40:45
A
28/11/12 14:40:45
F
28/11/12 14:40:45
A
28/11/12 14:40:45
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:46
A
28/11/12 14:40:46
A
28/11/12 14:40:46
D
call: DLL_PROCESS_DETACH
28/11/12 14:40:51
A
28/11/12 14:40:51
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:03
A
28/11/12 14:41:03
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 14:41:14
D
call: DLL_PROCESS_DETACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D

Enter DllMain -> Handle: 4113367040 - Reason for

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113367040 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113367040 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113367040 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1934753792 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 4113367040 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 1934753792 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for

call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:10
A
28/11/12 15:09:11
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:12
A
28/11/12 15:09:12
F
28/11/12 15:09:13
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:14
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:14
A
28/11/12 15:09:14
D
call: DLL_PROCESS_DETACH
28/11/12 15:09:15
A
28/11/12 15:09:15
D
call: DLL_PROCESS_DETACH
28/11/12 15:09:17
D
call: DLL_PROCESS_ATTACH
28/11/12 15:09:18
A
28/11/12 15:09:18
D
call: DLL_PROCESS_DETACH
28/11/12 15:09:33
A
28/11/12 15:09:33
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1947860992 - Reason for

Enter DllMain -> Handle: 1947860992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947860992 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4208263168 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947860992 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 4208263168 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for
Enter DllMain -> Handle: 1947860992 - Reason for

28/11/12 15:14:30
D
call: DLL_PROCESS_DETACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
A
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
A
28/11/12 23:38:21
A
28/11/12 23:38:21
A
28/11/12 23:38:21
A
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:21
A
28/11/12 23:38:21
D
call: DLL_PROCESS_DETACH
28/11/12 23:38:21
A
28/11/12 23:38:21
D
call: DLL_PROCESS_DETACH
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:23
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
A
28/11/12 23:38:23
F
28/11/12 23:38:23
A
28/11/12 23:38:23
D
call: DLL_PROCESS_DETACH
28/11/12 23:38:24
A
28/11/12 23:38:24
D
call: DLL_PROCESS_DETACH
28/11/12 23:38:27
D
call: DLL_PROCESS_ATTACH
28/11/12 23:38:29
A
28/11/12 23:38:29
D
call: DLL_PROCESS_DETACH

Enter DllMain -> Handle: 1947860992 - Reason for

Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1946484736 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1946484736 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4187619328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1946484736 - Reason for

28/11/12 23:38:43
A
28/11/12 23:38:43
D
call: DLL_PROCESS_DETACH
28/11/12 23:41:11
D
call: DLL_PROCESS_ATTACH
28/11/12 23:41:44
A
28/11/12 23:41:44
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
28/11/12 23:46:40
D
call: DLL_PROCESS_DETACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:53
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:54
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:54
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:55
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:55
D
call: DLL_PROCESS_ATTACH
08/03/13 08:59:55
A
08/03/13 08:59:55
D

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 4187619328 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 1946484736 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4145348608 - Reason for

call: DLL_PROCESS_DETACH
08/03/13 08:59:56
A
08/03/13 08:59:56
D
call: DLL_PROCESS_DETACH
08/03/13 08:59:56
A
08/03/13 08:59:56
D
call: DLL_PROCESS_DETACH
08/03/13 08:59:56
A
08/03/13 08:59:56
F
08/03/13 08:59:56
A
08/03/13 08:59:56
F
08/03/13 08:59:56
A
08/03/13 08:59:56
F
08/03/13 08:59:57
A
08/03/13 08:59:57
F
08/03/13 08:59:57
A
08/03/13 08:59:57
F
08/03/13 08:59:57
A
08/03/13 08:59:57
F
08/03/13 09:00:02
D
call: DLL_PROCESS_ATTACH
08/03/13 09:00:02
A
08/03/13 09:00:02
D
call: DLL_PROCESS_DETACH
08/03/13 09:00:03
A
08/03/13 09:00:03
D
call: DLL_PROCESS_DETACH
08/03/13 09:00:05
A
08/03/13 09:00:05
A
08/03/13 09:00:05
D
call: DLL_PROCESS_DETACH
08/03/13 09:00:05
D
call: DLL_PROCESS_DETACH
08/03/13 09:00:14
A
08/03/13 09:00:14
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4145348608 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4145348608 - Reason for
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
-> CreateDCWCallback
lpszDevice: \\.\DISPLAY1
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1947533312 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 4145348608 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for
Enter DllMain -> Handle: 1947533312 - Reason for

08/03/13 09:01:54
D
call: DLL_PROCESS_DETACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:29
A
12/05/13 10:16:29
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:30
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:30
A
12/05/13 10:16:30
A
12/05/13 10:16:30
A
12/05/13 10:16:30
A
12/05/13 10:16:31
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:31
D
call: DLL_PROCESS_ATTACH
12/05/13 10:16:31
A
12/05/13 10:16:31
D
call: DLL_PROCESS_DETACH
12/05/13 10:16:31
A
12/05/13 10:16:31
D
call: DLL_PROCESS_DETACH
12/05/13 10:16:37
A
12/05/13 10:16:37
D
call: DLL_PROCESS_DETACH
12/05/13 10:16:42
A
12/05/13 10:16:42
D
call: DLL_PROCESS_DETACH
12/05/13 10:17:51
A
12/05/13 10:17:51
D
call: DLL_PROCESS_DETACH
12/05/13 10:17:55
D
call: DLL_PROCESS_ATTACH
12/05/13 10:17:56
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:15
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:15
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:15
D
call: DLL_PROCESS_ATTACH

Enter DllMain -> Handle: 1947533312 - Reason for

Enter DllMain -> Handle: 4071817216 - Reason for
Enter DllMain -> Handle: 4071817216 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 4071817216 - Reason for
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
-> CreateDCWCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4071817216 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for

12/05/13 10:18:15
A
12/05/13 10:18:15
D
call: DLL_PROCESS_DETACH
12/05/13 10:18:15
A
12/05/13 10:18:15
D
call: DLL_PROCESS_DETACH
12/05/13 10:18:15
A
12/05/13 10:18:15
D
call: DLL_PROCESS_DETACH
12/05/13 10:18:23
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:23
A
12/05/13 10:18:23
D
call: DLL_PROCESS_DETACH
12/05/13 10:18:26
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:26
A
12/05/13 10:18:26
D
call: DLL_PROCESS_DETACH
12/05/13 10:18:36
D
call: DLL_PROCESS_ATTACH
12/05/13 10:18:42
A
12/05/13 10:18:42
R
12/05/13 10:19:28
D
call: DLL_PROCESS_ATTACH
12/05/13 10:20:10
D
call: DLL_PROCESS_ATTACH
12/05/13 10:20:42
A
12/05/13 10:20:42
D
call: DLL_PROCESS_DETACH
12/05/13 10:21:24
A
12/05/13 10:21:24
R
12/05/13 10:21:25
A
12/05/13 10:21:25
D
call: DLL_PROCESS_DETACH
12/05/13 10:21:25
A
12/05/13 10:21:25
D
call: DLL_PROCESS_DETACH
12/05/13 10:21:27
D
call: DLL_PROCESS_ATTACH
12/05/13 10:21:28
D
call: DLL_PROCESS_ATTACH
12/05/13 10:21:39
D
call: DLL_PROCESS_ATTACH
12/05/13 10:21:41
A
12/05/13 10:21:41
D
call: DLL_PROCESS_DETACH
12/05/13 10:21:41
A
12/05/13 10:21:41
R
12/05/13 10:21:47
D
call: DLL_PROCESS_ATTACH
12/05/13 10:21:54
D
call: DLL_PROCESS_ATTACH
12/05/13 10:21:56
A
12/05/13 10:21:56
R
12/05/13 10:22:17
A
12/05/13 10:22:17
R
12/05/13 10:24:59
A
12/05/13 10:24:59
R
12/05/13 10:24:59
A

-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 4071817216 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 4071817216 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
-> NtTerminateProcessCallback

12/05/13 10:24:59
D
call: DLL_PROCESS_DETACH
12/05/13 10:25:03
D
call: DLL_PROCESS_ATTACH
12/05/13 10:25:03
D
call: DLL_PROCESS_ATTACH
12/05/13 10:25:13
D
call: DLL_PROCESS_ATTACH
12/05/13 10:25:14
A
12/05/13 10:25:14
D
call: DLL_PROCESS_DETACH
12/05/13 10:25:14
A
12/05/13 10:25:14
R
12/05/13 10:25:28
D
call: DLL_PROCESS_ATTACH
12/05/13 10:25:58
D
call: DLL_PROCESS_ATTACH
12/05/13 10:26:03
A
12/05/13 10:26:04
D
call: DLL_PROCESS_ATTACH
12/05/13 10:26:11
A
12/05/13 10:26:13
D
call: DLL_PROCESS_ATTACH
12/05/13 10:26:13
D
call: DLL_PROCESS_ATTACH
12/05/13 10:26:18
A
12/05/13 10:26:18
A
12/05/13 10:27:14
D
call: DLL_PROCESS_ATTACH
12/05/13 10:27:19
A

Enter DllMain -> Handle: 1937965056 - Reason for

Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
La victima es chrome.exe Asesino chrome.exe
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback
-> NtTerminateProcessCallback
Enter DllMain -> Handle: 1937965056 - Reason for
-> NtTerminateProcessCallback