0% found this document useful (0 votes)

178 views

Face Prov

The document contains log output from a process monitoring application. It logs events related to process attachment and detachment, as well as windows that appear and their properties. The process is attached and detached multiple times over an hour and a half period, and windows related to login, IME, and other system windows are logged during this time.

Uploaded by

reader_777

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

178 views

Face Prov

Uploaded by

reader_777

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 1209

13:53:42 = Process Attach

13:53:42 = end process attach

13:53:42 = ***** NULL == SampleProvider *****
13:53:42 = ##### Begin waiting Mutex to release process #####
13:53:42 = hWnd = 0x00140410; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:53:42 = hWnd = 0x00070310; ClassName:
dow.
x=0, y=0, width=1, height=1
13:53:42 = hWnd = 0x000703ca; ClassName:
x=0, y=0, width=0, height=0
13:53:42 = hWnd = 0x00030424; ClassName:
x=0, y=0, width=0, height=0
13:53:51 = Process Attach
13:53:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:53:51 = ##### Get event and release process #####

13:53:51 = begin close Process
13:53:51 = end close Process
13:53:51 = ##### Get event and release process end #####
13:53:51 = ***** NULL == SampleProvider *****
13:53:51 = hWnd = 0x000e004c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:53:51 = hWnd = 0x001b0050; ClassName:
dow.
x=0, y=0, width=1, height=1
13:53:51 = hWnd = 0x004001ce; ClassName:
x=0, y=0, width=0, height=0
13:53:51 = hWnd = 0x000e004e; ClassName:
x=0, y=0, width=0, height=0
14:2:0 = Process Attach
14:2:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:2:0 = * NULL == SampleProvider *

14:2:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:2:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
14:2:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:2:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:2:3 = Need to re-create objects.
14:2:4 = s1.
14:2:4 = s2.
14:2:7 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:2:7 = Shell Excutute VerifyHost

14:2:42 = begin close Process
14:2:42 = Terminate Process
14:2:43 = end close Process
14:2:43 = DLL_PROCESS_DETACH
15:39:48 = Process Attach
15:39:48 = end process attach
15:39:48 = ***** NULL == SampleProvider *****
15:39:48 = ##### Begin waiting Mutex to release process #####
15:39:48 = hWnd = 0x001d0526; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:39:48 = hWnd = 0x000f0676; ClassName:
dow.
x=0, y=0, width=1, height=1
15:39:48 = hWnd = 0x000b05b8; ClassName:
x=0, y=0, width=0, height=0
15:39:48 = hWnd = 0x000b0598; ClassName:
x=0, y=0, width=0, height=0
15:40:9 = Process Attach
15:40:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:40:9 = ##### Get event and release process #####

15:40:9 = begin close Process
15:40:9 = end close Process
15:40:9 = ##### Get event and release process end #####
15:40:9 = hWnd = 0x000b01e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:40:9 = hWnd = 0x01330078; ClassName:
ow.
x=0, y=0, width=1, height=1
15:40:9 = hWnd = 0x003e0090; ClassName:
x=0, y=0, width=0, height=0
15:40:9 = hWnd = 0x003c01ba; ClassName:
x=0, y=0, width=0, height=0
15:46:1 = Process Attach
15:46:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:46:1 = * NULL == SampleProvider *

15:46:1 = ##### Begin waiting Mutex to release process #####
15:46:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:46:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:46:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:46:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:48:44 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:48:44 = ## ERR ## Setevent

15:48:44 = ##### Get event and release process #####
15:48:44 = ***** NULL == SampleProvider *****
15:48:44 = begin close Process
15:48:44 = end close Process
15:48:44 = ##### Get event and release process end #####
15:48:44 = hWnd = 0x00030076; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:48:44 = hWnd = 0x00020074; ClassName:
dow.
x=0, y=0, width=1, height=1
15:48:44 = hWnd = 0x000101b2; ClassName:
x=0, y=0, width=0, height=0
15:48:44 = hWnd = 0x00020034; ClassName:
x=0, y=0, width=0, height=0
15:52:40 = Process Attach
15:52:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:52:40 = * NULL == SampleProvider *

15:52:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:52:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:52:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:52:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:55:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:55:31 = s1.
15:55:31 = s2.
15:55:32 = Start show animate
15:55:32 = Shell Excutute VerifyHost
15:56:9 = begin close Process
15:56:9 = Terminate Process
15:56:10 = end close Process
15:56:10 = DLL_PROCESS_DETACH
16:39:29 = Process Attach
16:39:29 = end process attach
16:39:29 = ***** NULL == SampleProvider *****
16:39:29 = ##### Begin waiting Mutex to release process #####
16:39:29 = hWnd = 0x000705e0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:39:29 = hWnd = 0x00270598; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

16:39:29 = hWnd = 0x000a04ae; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:39:29 = hWnd = 0x001104e8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:39:46 = Process Attach
16:39:46 = ## ERR ## Setevent
16:39:46 = ***** NULL == SampleProvider *****
16:39:46 = begin close Process
16:39:46 = end close Process
16:39:46 = ##### Get event and release process end #####
16:39:46 = hWnd = 0x004a01fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:39:46 = hWnd = 0x001b0028; ClassName:
dow.
x=0, y=0, width=1, height=1
16:39:46 = hWnd = 0x005a01d8; ClassName:
x=0, y=0, width=0, height=0
16:39:46 = hWnd = 0x00100158; ClassName:
x=0, y=0, width=0, height=0
16:43:59 = Process Attach
16:43:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:43:59 = * NULL == SampleProvider *

16:43:59 = ##### Begin waiting Mutex to release process #####
16:44:0 = hWnd = 0x00010018;
ow.
x=0, y=0, width=1, height=1
16:44:0 = hWnd = 0x00010022;
x=0, y=0, width=0, height=0
16:44:0 = hWnd = 0x0001001a;
x=0, y=0, width=0, height=0
16:46:30 = Need to re-create

ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ClassName: MSCTFIME UI; Title: MSCTFIME UI.
ClassName: IME; Title: Default IME.
objects.

16:46:30 = s1.
16:46:30 = s2.
16:46:31 = Start show animate
16:46:31 = Shell Excutute VerifyHost
16:47:0 = begin close Process
16:47:0 = Terminate Process
16:47:1 = end close Process
16:47:1 = DLL_PROCESS_DETACH
21:31:47 = Process Attach
21:31:47 = end process attach
21:31:47 = ***** NULL == SampleProvider *****
21:31:47 = ##### Begin waiting Mutex to release process #####
21:31:47 = hWnd = 0x000c05da; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

21:31:47 = hWnd = 0x00060500; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:31:47 = hWnd = 0x000803ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:31:47 = hWnd = 0x000c049a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:31:55 = Process Attach
21:31:55 = ## ERR ## Setevent
21:31:55 = ##### Get event and release process #####
21:31:55 = ***** NULL == SampleProvider *****
21:31:55 = end close Process
21:31:55 = ##### Get event and release process end #####
21:31:55 = hWnd = 0x00b70162; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:31:55 = hWnd = 0x04cf0094; ClassName:
dow.
x=0, y=0, width=1, height=1
21:31:55 = hWnd = 0x008001fc; ClassName:
x=0, y=0, width=0, height=0
21:31:55 = hWnd = 0x007f002c; ClassName:
x=0, y=0, width=0, height=0
21:36:19 = Process Attach
21:36:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:36:19 = * NULL == SampleProvider *

21:36:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:36:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:36:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:36:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:36:23 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:36:23 = s1.
21:36:23 = s2.
21:36:26 = Start show animate
21:36:26 = Shell Excutute VerifyHost
21:37:3 = begin close Process
21:37:3 = Terminate Process
21:37:4 = end close Process
21:37:4 = DLL_PROCESS_DETACH
22:45:29 = Process Attach
22:45:29 = end process attach
22:45:29 = ***** NULL == SampleProvider *****

22:45:29 = ##### Begin waiting Mutex to release process #####

22:45:29 = hWnd = 0x000505c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:45:29 = hWnd = 0x000405d0; ClassName:
dow.
x=0, y=0, width=1, height=1
22:45:29 = hWnd = 0x001204dc; ClassName:
x=0, y=0, width=0, height=0
22:45:29 = hWnd = 0x00070598; ClassName:
x=0, y=0, width=0, height=0
22:45:36 = Process Attach
22:45:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:45:36 = ##### Get event and release process #####

22:45:36 = begin close Process
22:45:36 = end close Process
22:45:36 = ##### Get event and release process end #####
22:45:36 = hWnd = 0x0016005c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:45:36 = hWnd = 0x0028004c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:45:36 = hWnd = 0x000201ea; ClassName:
x=0, y=0, width=0, height=0
22:45:36 = hWnd = 0x000e0188; ClassName:
x=0, y=0, width=0, height=0
22:50:9 = Process Attach
22:50:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:50:10 = * NULL == SampleProvider *

22:50:10 = ##### Begin waiting Mutex to release process #####
22:50:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:50:10 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:50:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:50:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:50:13 = Need to re-create objects.
22:50:13 = s1.
22:50:13 = s2.
22:50:16
22:50:16
22:50:51
22:50:51
22:50:52

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:50:52 = DLL_PROCESS_DETACH
0:0:50 = Process Attach
0:0:50 = end process attach
0:0:50 = ***** NULL == SampleProvider *****
0:0:50 = ##### Begin waiting Mutex to release process #####
0:0:50 = hWnd = 0x000303a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:0:50 = hWnd = 0x000403b8; ClassName:
w.
x=0, y=0, width=1, height=1
0:0:50 = hWnd = 0x000603b4; ClassName:
x=0, y=0, width=0, height=0
0:0:50 = hWnd = 0x000e03a6; ClassName:
x=0, y=0, width=0, height=0
0:0:54 = Process Attach
0:0:54 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:0:54 = * NULL == SampleProvider *

0:0:54 = begin close Process
0:0:54 = end close Process
0:0:54 = ##### Get event and release process end #####
0:0:54 = hWnd = 0x000500d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:0:54 = hWnd = 0x0023005c; ClassName:
w.
x=0, y=0, width=1, height=1
0:0:54 = hWnd = 0x000201f4; ClassName:
x=0, y=0, width=0, height=0
0:0:54 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
15:24:40 = Process Attach
15:24:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:24:40 = * NULL == SampleProvider *

15:24:40 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:24:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:24:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:24:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:24:44 = Need to re-create objects.
15:24:44 = s1.
15:24:44 = s2.
15:24:47 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:24:47
15:25:23
15:25:23
15:25:24
15:25:24

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:11:34 = Process Attach

2:11:34 = end process attach
2:11:34 = ##### Begin waiting Mutex to release process #####
2:11:34 = hWnd = 0x0009071c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:11:34 = hWnd = 0x001203f4; ClassName:
ow.
x=0, y=0, width=1, height=1
2:11:34 = hWnd = 0x000503b0; ClassName:
x=0, y=0, width=0, height=0
2:11:34 = hWnd = 0x000503b6; ClassName:
x=0, y=0, width=0, height=0
2:11:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:11:36 = s1.
2:11:36 = s2.
2:11:36
2:11:36
2:17:16
2:17:16
2:17:17
2:17:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:36:56 = Process Attach

2:36:56 = end process attach
2:36:56 = ***** NULL == SampleProvider *****
2:36:56 = ##### Begin waiting Mutex to release process #####
2:36:56 = hWnd = 0x00110476; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:36:56 = hWnd = 0x003b0b6c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:36:56 = hWnd = 0x001207e8; ClassName:
x=0, y=0, width=0, height=0
2:36:56 = hWnd = 0x000903b8; ClassName:
x=0, y=0, width=0, height=0
2:36:56 = Need to re-create objects.
2:36:56 = s1.
2:36:56 = s2.
2:36:56 = Start show animate
2:36:56 = Shell Excutute VerifyHost
2:37:52 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:37:52 = Terminate Process

2:37:53 = end close Process
2:37:53 = DLL_PROCESS_DETACH
2:38:3 = Process Attach
2:38:3 = end process attach
2:38:3 = ***** NULL == SampleProvider *****
2:38:3 = ##### Begin waiting Mutex to release process #####
2:38:3 = hWnd = 0x000b0d92; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:38:3 = hWnd = 0x000f0d1a; ClassName:
w.
x=0, y=0, width=1, height=1
2:38:3 = hWnd = 0x000703c8; ClassName:
x=0, y=0, width=0, height=0
2:38:3 = hWnd = 0x00180ce4; ClassName:
x=0, y=0, width=0, height=0
2:38:23 = Process Attach
2:38:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:38:23 = ##### Get event and release process #####

2:38:23 = ***** NULL == SampleProvider *****
2:38:23 = end close Process
2:38:23 = ##### Get event and release process end #####
2:38:23 = hWnd = 0x009b01fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:38:23 = hWnd = 0x01340060; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:23 = hWnd = 0x004501ce; ClassName:
x=0, y=0, width=0, height=0
2:38:23 = hWnd = 0x012e01de; ClassName:
x=0, y=0, width=0, height=0
11:30:26 = Process Attach
11:30:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:26 = * NULL == SampleProvider *

11:30:27 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:30:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:30:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:30:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:30:31 = Need to re-create objects.
11:30:31 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:31 = s2.
11:30:34 = Start show animate
11:30:34 = Shell Excutute VerifyHost
11:31:9 = begin close Process
11:31:9 = Terminate Process
11:31:10 = end close Process
11:31:10 = DLL_PROCESS_DETACH
15:20:48 = Process Attach
15:20:48 = end process attach
15:20:48 = ***** NULL == SampleProvider *****
15:20:48 = hWnd = 0x00030486; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:20:48 = ##### Begin waiting Mutex to release process #####
15:20:48 = hWnd = 0x0002059a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:20:48 = hWnd = 0x0003047c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:20:48 = hWnd = 0x000304a6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:21:27 = Process Attach
15:21:27 = ## ERR ## Setevent
15:21:27 = ##### Get event and release process #####
15:21:27 = begin close Process
15:21:27 = end close Process
15:21:27 = ##### Get event and release process end #####
15:21:27 = hWnd = 0x001301f8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:21:27 = hWnd = 0x028f00dc; ClassName:
dow.
x=0, y=0, width=1, height=1
15:21:27 = hWnd = 0x002000bc; ClassName:
x=0, y=0, width=0, height=0
15:21:27 = hWnd = 0x001101f4; ClassName:
x=0, y=0, width=0, height=0
15:25:41 = Process Attach
15:25:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:25:41 = * NULL == SampleProvider *

15:25:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:25:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:25:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:25:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:27:17 = Process Attach

15:27:17 = ## ERR ## Setevent
15:27:17 = ##### Get event and release process #####
15:27:17 = begin close Process
15:27:17 = end close Process
15:27:17 = ##### Get event and release process end #####
15:27:17 = ***** NULL == SampleProvider *****
15:27:17 = hWnd = 0x0001017e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:27:17 = hWnd = 0x0001017a; ClassName:
dow.
x=0, y=0, width=1, height=1
15:27:17 = hWnd = 0x00010184; ClassName:
x=0, y=0, width=0, height=0
15:27:17 = hWnd = 0x0001017c; ClassName:
x=0, y=0, width=0, height=0
15:29:1 = Process Attach
15:29:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:29:1 = * NULL == SampleProvider *

15:29:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:29:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:29:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:29:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:30:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:30:24 = s1.
15:30:24 = s2.
15:30:26 = Start show animate
15:30:26 = Shell Excutute VerifyHost
15:30:59 = begin close Process
15:30:59 = Terminate Process
15:31:0 = end close Process
15:31:0 = DLL_PROCESS_DETACH
3:58:27 = Process Attach
3:58:27 = end process attach
3:58:27 = ***** NULL == SampleProvider *****
3:58:27 = hWnd = 0x003c0386; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:58:27 = hWnd = 0x0009065e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

3:58:27 =
x=0, y=0,
3:58:27 =
x=0, y=0,
3:58:48 =
3:58:48 =

hWnd = 0x000c055e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00260460; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:58:48 = ##### Get event and release process #####

3:58:48 = ***** NULL == SampleProvider *****
3:58:48 = end close Process
3:58:48 = ##### Get event and release process end #####
3:58:48 = hWnd = 0x011d002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:58:48 = hWnd = 0x011f00ea; ClassName:
ow.
x=0, y=0, width=1, height=1
3:58:48 = hWnd = 0x00ca0030; ClassName:
x=0, y=0, width=0, height=0
3:58:48 = hWnd = 0x00890054; ClassName:
x=0, y=0, width=0, height=0
12:39:36 = Process Attach
12:39:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:39:36 = * NULL == SampleProvider *

12:39:36 = ##### Begin waiting Mutex to release process #####
12:39:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:39:36 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:39:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:39:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:39:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:39:39 = s1.
12:39:39 = s2.
12:39:43
12:39:43
12:40:20
12:40:20
12:40:21
12:40:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:43:56 = Process Attach

22:43:56 = end process attach
22:43:56 = ***** NULL == SampleProvider *****
22:43:56 = hWnd = 0x000b0364; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
22:43:56 = hWnd = 0x0021065a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:43:56 = hWnd = 0x0015044c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:43:56 = hWnd = 0x001a0608; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:44:11 = Process Attach
22:44:11 = ## ERR ## Setevent
22:44:11 = ##### Get event and release process #####
22:44:11 = ***** NULL == SampleProvider *****
22:44:11 = end close Process
22:44:11 = ##### Get event and release process end #####
22:44:11 = hWnd = 0x00be0098; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:44:11 = hWnd = 0x00c901f2; ClassName:
dow.
x=0, y=0, width=1, height=1
22:44:11 = hWnd = 0x01de01f8; ClassName:
x=0, y=0, width=0, height=0
22:44:11 = hWnd = 0x007d01e2; ClassName:
x=0, y=0, width=0, height=0
22:48:2 = Process Attach
22:48:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:48:2 = * NULL == SampleProvider *

22:48:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:48:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:48:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:48:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:48:8 = Need to re-create objects.
22:48:8 = s1.
22:48:8 = s2.
22:48:13
22:48:13
22:48:48
22:48:48
22:48:49
22:48:49

=
=
=
=
=
=

2:9:50 = begin close Process
2:9:50 = end close Process
2:9:50 = ##### Get event and release process end #####
2:9:50 = hWnd = 0x00be0096; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:9:50 = hWnd = 0x00dd002e; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:50 = hWnd = 0x009201f0; ClassName:
x=0, y=0, width=0, height=0
2:9:50 = hWnd = 0x003001f4; ClassName:
x=0, y=0, width=0, height=0
9:16:15 = Process Attach
9:16:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:16:15 = * NULL == SampleProvider *

9:16:15 = ##### Begin waiting Mutex to release process #####
9:16:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:16:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:16:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:16:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:16:19 = Need to re-create objects.
9:16:19 = s1.
9:16:19 = s2.
9:16:22 = Start show animate
9:16:22 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:16:59 = begin close Process

9:16:59 = Terminate Process
9:17:0 = end close Process
9:17:0 = DLL_PROCESS_DETACH
2:17:34 = Process Attach
2:17:34 = end process attach
2:17:34 = ***** NULL == SampleProvider *****
2:17:34 = ##### Begin waiting Mutex to release process #####
2:17:34 = hWnd = 0x000e03d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:17:34 = hWnd = 0x007807e8; ClassName:
ow.
x=0, y=0, width=1, height=1
2:17:34 = hWnd = 0x001b04d4; ClassName:
x=0, y=0, width=0, height=0
2:17:34 = hWnd = 0x0038061c; ClassName:
x=0, y=0, width=0, height=0
2:17:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:17:38 = s1.
2:17:38 = s2.
2:17:40 = Start show animate
2:17:40 = Shell Excutute VerifyHost
2:20:7 = begin close Process
2:20:7 = Terminate Process
2:20:8 = end close Process
2:20:8 = DLL_PROCESS_DETACH
2:46:30 = Process Attach
2:46:30 = end process attach
2:46:30 = ***** NULL == SampleProvider *****
2:46:30 = ##### Begin waiting Mutex to release process #####
2:46:30 = hWnd = 0x000d05ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:46:30 = hWnd = 0x0018051a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:46:30 = hWnd = 0x008f04da; ClassName:
x=0, y=0, width=0, height=0
2:46:30 = hWnd = 0x00170610; ClassName:
x=0, y=0, width=0, height=0
2:46:51 = Process Attach
2:46:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:46:51 = ##### Get event and release process #####

2:46:51 = begin close Process
2:46:51 = end close Process
2:46:51 = ##### Get event and release process end #####

2:46:51 = hWnd = 0x016001b4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:46:51 = hWnd = 0x006f0098; ClassName:
ow.
x=0, y=0, width=1, height=1
2:46:51 = hWnd = 0x0073005e; ClassName:
x=0, y=0, width=0, height=0
2:46:51 = hWnd = 0x009c01ca; ClassName:
x=0, y=0, width=0, height=0
13:12:46 = Process Attach
13:12:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:12:46 = * NULL == SampleProvider *

13:12:46 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:12:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:12:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:12:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:12:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:12:48 = s1.
13:12:48 = s2.
13:12:53
13:12:53
13:13:23
13:13:23
13:13:24
13:13:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:26:9 = Process Attach

2:26:9 = end process attach
2:26:9 = ##### Begin waiting Mutex to release process #####
2:26:9 = hWnd = 0x003f050e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:26:9 = hWnd = 0x001907aa; ClassName:
w.
x=0, y=0, width=1, height=1
2:26:9 = hWnd = 0x001206fe; ClassName:
x=0, y=0, width=0, height=0
2:26:9 = hWnd = 0x000f0738; ClassName:
x=0, y=0, width=0, height=0
2:26:30 = Process Attach
2:26:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:26:30 = * NULL == SampleProvider *

2:26:30 = begin close Process

2:26:30 = end close Process

2:26:30 = ##### Get event and release process end #####
2:26:30 = hWnd = 0x005000f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:26:30 = hWnd = 0x00660044; ClassName:
ow.
x=0, y=0, width=1, height=1
2:26:30 = hWnd = 0x0156018a; ClassName:
x=0, y=0, width=0, height=0
2:26:30 = hWnd = 0x00c501b8; ClassName:
x=0, y=0, width=0, height=0
10:48:0 = Process Attach
10:48:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:48:0 = * NULL == SampleProvider *

10:48:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:48:0 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:48:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:48:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:48:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:48:5 = s1.
10:48:5 = s2.
10:48:9 = Start show animate
10:48:9 = Shell Excutute VerifyHost
10:48:45 = begin close Process
10:48:45 = Terminate Process
10:48:46 = end close Process
10:48:46 = DLL_PROCESS_DETACH
1:13:56 = Process Attach
1:13:56 = end process attach
1:13:56 = ##### Begin waiting Mutex to release process #####
1:13:56 = ***** NULL == SampleProvider *****
1:13:56 = hWnd = 0x00130db8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:13:56 = hWnd = 0x00020414; ClassName:
ow.
x=0, y=0, width=1, height=1
1:13:56 = hWnd = 0x00020408; ClassName:
x=0, y=0, width=0, height=0
1:13:56 = hWnd = 0x00240eb2; ClassName:
x=0, y=0, width=0, height=0
1:14:45 = Process Attach
1:14:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:14:45 = ##### Get event and release process #####

1:14:45 = ***** NULL == SampleProvider *****
1:14:45 = end close Process
1:14:45 = ##### Get event and release process end #####
1:14:45 = hWnd = 0x00730102; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:14:45 = hWnd = 0x014d012e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:45 = hWnd = 0x004101c8; ClassName:
x=0, y=0, width=0, height=0
1:14:45 = hWnd = 0x01f40122; ClassName:
x=0, y=0, width=0, height=0
15:50:5 = Process Attach
15:50:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:50:5 = * NULL == SampleProvider *

15:50:5 = ##### Begin waiting Mutex to release process #####
15:50:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:50:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:50:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:50:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:50:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:50:9 = s1.
15:50:9 = s2.
15:50:12
15:50:12
15:50:51
15:50:51
15:50:52
15:50:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:39:28 = Process Attach

23:39:28 = end process attach
23:39:28 = ***** NULL == SampleProvider *****
23:39:29 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:39:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:39:29 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

23:39:29 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:39:34 = Need to re-create objects.
23:39:35 = s1.
23:39:35 = s2.
23:39:38
23:39:38
23:40:14
23:40:14
23:40:15
23:40:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:7:29 = Process Attach

1:7:29 = end process attach
1:7:29 = ##### Begin waiting Mutex to release process #####
1:7:29 = hWnd = 0x000203c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:7:29 = hWnd = 0x00020398; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:29 = hWnd = 0x000203c4; ClassName:
x=0, y=0, width=0, height=0
1:7:29 = hWnd = 0x0002039a; ClassName:
x=0, y=0, width=0, height=0
1:7:39 = Process Attach
1:7:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:7:39 = ##### Get event and release process #####

1:7:39 = begin close Process
1:7:39 = end close Process
1:7:39 = ##### Get event and release process end #####
1:7:39 = hWnd = 0x001401ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:7:39 = hWnd = 0x002301f2; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:39 = hWnd = 0x000900e4; ClassName:
x=0, y=0, width=0, height=0
1:7:39 = hWnd = 0x000e0060; ClassName:
x=0, y=0, width=0, height=0
12:2:20 = Process Attach
12:2:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:2:20 = * NULL == SampleProvider *

12:2:21 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:2:21 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
12:2:21 =
x=0, y=0,
12:2:21 =
x=0, y=0,
12:2:24 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

12:2:24 = s1.
12:2:24 = s2.
12:2:27 = Start show animate
12:2:27 = Shell Excutute VerifyHost
12:3:5 = begin close Process
12:3:5 = Terminate Process
12:3:6 = end close Process
12:3:6 = DLL_PROCESS_DETACH
2:38:49 = Process Attach
2:38:49 = end process attach
2:38:49 = ***** NULL == SampleProvider *****
2:38:49 = ##### Begin waiting Mutex to release process #####
2:38:49 = hWnd = 0x000500fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:38:49 = hWnd = 0x0005041e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:49 = hWnd = 0x000803d2; ClassName:
x=0, y=0, width=0, height=0
2:38:49 = hWnd = 0x00060406; ClassName:
x=0, y=0, width=0, height=0
2:39:2 = Process Attach
2:39:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:39:2 = ##### Get event and release process #####

2:39:2 = begin close Process
2:39:2 = end close Process
2:39:2 = ##### Get event and release process end #####
2:39:2 = hWnd = 0x009401cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:39:2 = hWnd = 0x0085003a; ClassName:
w.
x=0, y=0, width=1, height=1
2:39:2 = hWnd = 0x00350036; ClassName:
x=0, y=0, width=0, height=0
2:39:2 = hWnd = 0x00fa01b6; ClassName:
x=0, y=0, width=0, height=0
13:22:55 = Process Attach
13:22:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:22:55 = * NULL == SampleProvider *

13:22:55 = ##### Begin waiting Mutex to release process #####

13:22:55 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:22:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:22:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:22:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:22:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:23:0 = s1.
13:23:0 = s2.
13:23:3 = Start show animate
13:23:3 = Shell Excutute VerifyHost
13:23:40 = begin close Process
13:23:40 = Terminate Process
13:23:41 = end close Process
13:23:41 = DLL_PROCESS_DETACH
1:3:15 = Process Attach
1:3:15 = end process attach
1:3:15 = ***** NULL == SampleProvider *****
1:3:15 = hWnd = 0x00030450; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:3:15 = hWnd = 0x00020454; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:15 = hWnd = 0x0002044c; ClassName:
x=0, y=0, width=0, height=0
1:3:15 = hWnd = 0x00030448; ClassName:
x=0, y=0, width=0, height=0
1:3:33 = Process Attach
1:3:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:3:33 = ##### Get event and release process #####

1:3:33 = begin close Process
1:3:33 = end close Process
1:3:33 = ##### Get event and release process end #####
1:3:33 = hWnd = 0x00d401fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:3:33 = hWnd = 0x002d0200; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:33 = hWnd = 0x00140098; ClassName:
x=0, y=0, width=0, height=0
1:3:33 = hWnd = 0x00f401c4; ClassName:
x=0, y=0, width=0, height=0
8:53:9 = Process Attach
8:53:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:53:9 = * NULL == SampleProvider *

8:53:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:53:10 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:53:10 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:53:10 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:53:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:53:14 = s1.
8:53:14 = s2.
8:53:18
8:53:18
8:53:54
8:53:54
8:53:55
8:53:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:27:33 = Process Attach

0:27:33 = end process attach
0:27:33 = ***** NULL == SampleProvider *****
0:27:33 = ##### Begin waiting Mutex to release process #####
0:27:33 = hWnd = 0x00141714; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:27:33 = hWnd = 0x0005040e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:27:33 = hWnd = 0x00090b76; ClassName:
x=0, y=0, width=0, height=0
0:27:33 = hWnd = 0x00021972; ClassName:
x=0, y=0, width=0, height=0
0:28:20 = Process Attach
0:28:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:28:20 = * NULL == SampleProvider *

0:28:20 = begin close Process
0:28:20 = end close Process
0:28:20 = ##### Get event and release process end #####
0:28:20 = hWnd = 0x0200004c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:28:20 = hWnd = 0x0151019c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:28:20 = hWnd = 0x00c10200; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

0:28:20 =
x=0, y=0,
9:21:21 =
9:21:21 =

hWnd = 0x002c01fc; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

9:21:21 = * NULL == SampleProvider *

9:21:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:21:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:21:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:21:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:21:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:28 = s1.
9:21:28 = s2.
9:21:33 = Start show animate
9:21:33 = Shell Excutute VerifyHost
9:22:8 = begin close Process
9:22:8 = Terminate Process
9:22:9 = end close Process
9:22:9 = DLL_PROCESS_DETACH
9:55:31 = Process Attach
9:55:31 = end process attach
9:55:31 = ***** NULL == SampleProvider *****
9:55:31 = hWnd = 0x00050404; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:55:31 = hWnd = 0x0004043a; ClassName:
ow.
x=0, y=0, width=1, height=1
9:55:31 = hWnd = 0x00020424; ClassName:
x=0, y=0, width=0, height=0
9:55:31 = hWnd = 0x00030428; ClassName:
x=0, y=0, width=0, height=0
9:55:38 = Process Attach
9:55:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:55:38 = * NULL == SampleProvider *

9:55:38 = begin close Process
9:55:38 = end close Process
9:55:38 = ##### Get event and release process end #####
9:55:38 = hWnd = 0x0010009c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:55:38 = hWnd = 0x000901f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

9:55:38 =
x=0, y=0,
9:55:38 =
x=0, y=0,
9:57:12 =
9:57:12 =

hWnd = 0x000801fa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x001d004e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:57:12 = * NULL == SampleProvider *

9:57:12 = ##### Begin waiting Mutex to release process #####
9:57:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:57:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:57:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:57:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:57:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:57:18 = s1.
9:57:18 = s2.
9:57:23 = Start show animate
9:57:23 = Shell Excutute VerifyHost
9:57:59 = begin close Process
9:57:59 = Terminate Process
9:58:0 = end close Process
9:58:0 = DLL_PROCESS_DETACH
1:31:2 = Process Attach
1:31:2 = end process attach
1:31:2 = ***** NULL == SampleProvider *****
1:31:2 = ##### Begin waiting Mutex to release process #####
1:31:2 = hWnd = 0x001008e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:31:2 = hWnd = 0x002308f6; ClassName:
w.
x=0, y=0, width=1, height=1
1:31:2 = hWnd = 0x00110ff8; ClassName:
x=0, y=0, width=0, height=0
1:31:2 = hWnd = 0x00260608; ClassName:
x=0, y=0, width=0, height=0
1:31:3 = Need to re-create objects.
1:31:3 = s1.
1:31:3 = s2.
1:31:5 = Start show animate
1:31:5 = Shell Excutute VerifyHost
1:32:54 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:32:54 = Terminate Process

1:32:55 = end close Process
1:32:55 = DLL_PROCESS_DETACH
1:48:28 = Process Attach
1:48:28 = end process attach
1:48:28 = ***** NULL == SampleProvider *****
1:48:28 = ##### Begin waiting Mutex to release process #####
1:48:28 = hWnd = 0x003006f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:48:28 = hWnd = 0x006b077e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:28 = hWnd = 0x001d086e; ClassName:
x=0, y=0, width=0, height=0
1:48:28 = hWnd = 0x00120bba; ClassName:
x=0, y=0, width=0, height=0
1:48:54 = Process Attach
1:48:54 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:48:54 = ##### Get event and release process #####

1:48:54 = begin close Process
1:48:54 = end close Process
1:48:54 = ##### Get event and release process end #####
1:48:54 = hWnd = 0x003401ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:48:54 = hWnd = 0x00f00198; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:54 = hWnd = 0x012601b0; ClassName:
x=0, y=0, width=0, height=0
1:48:54 = hWnd = 0x00d9009a; ClassName:
x=0, y=0, width=0, height=0
9:1:16 = Process Attach
9:1:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:1:16 = * NULL == SampleProvider *

9:1:16 = ##### Begin waiting Mutex to release process #####
9:1:17 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:1:17 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:1:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:1:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:1:19 = Need to re-create objects.
9:1:19 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:1:19 = s2.
9:1:25 = Start show animate
9:1:25 = Shell Excutute VerifyHost
9:2:1 = begin close Process
9:2:1 = Terminate Process
9:2:2 = end close Process
9:2:2 = DLL_PROCESS_DETACH
1:16:22 = Process Attach
1:16:22 = end process attach
1:16:22 = ***** NULL == SampleProvider *****
1:16:22 = hWnd = 0x000603d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:16:22 = hWnd = 0x00050402; ClassName:
ow.
x=0, y=0, width=1, height=1
1:16:22 = hWnd = 0x000d086a; ClassName:
x=0, y=0, width=0, height=0
1:16:22 = hWnd = 0x000c03a0; ClassName:
x=0, y=0, width=0, height=0
1:16:55 = Process Attach
1:16:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:16:55 = ##### Get event and release process #####

1:16:55 = begin close Process
1:16:55 = end close Process
1:16:55 = ##### Get event and release process end #####
1:16:55 = hWnd = 0x01170058; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:16:55 = hWnd = 0x004b0094; ClassName:
ow.
x=0, y=0, width=1, height=1
1:16:55 = hWnd = 0x00b4004c; ClassName:
x=0, y=0, width=0, height=0
1:16:55 = hWnd = 0x00e2002a; ClassName:
x=0, y=0, width=0, height=0
12:21:25 = Process Attach
12:21:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:21:25 = * NULL == SampleProvider *

12:21:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:21:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:21:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:21:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:21:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:21:29 = s1.
12:21:29 = s2.
12:21:32 = Start show animate
12:21:32 = Shell Excutute VerifyHost
12:22:8 = begin close Process
12:22:8 = Terminate Process
12:22:9 = end close Process
12:22:9 = DLL_PROCESS_DETACH
14:25:31 = Process Attach
14:25:31 = end process attach
14:25:31 = ***** NULL == SampleProvider *****
14:25:31 = ##### Begin waiting Mutex to release process #####
14:25:31 = hWnd = 0x00060512; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:25:31 = hWnd = 0x0008051c; ClassName:
dow.
x=0, y=0, width=1, height=1
14:25:31 = hWnd = 0x000304ee; ClassName:
x=0, y=0, width=0, height=0
14:25:31 = hWnd = 0x000504e2; ClassName:
x=0, y=0, width=0, height=0
14:25:41 = Process Attach
14:25:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:25:41 = ##### Get event and release process #####

14:25:41 = begin close Process
14:25:41 = end close Process
14:25:41 = ##### Get event and release process end #####
14:25:41 = ***** NULL == SampleProvider *****
14:25:41 = hWnd = 0x004101a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:25:41 = hWnd = 0x002f01ee; ClassName:
dow.
x=0, y=0, width=1, height=1
14:25:41 = hWnd = 0x0004005c; ClassName:
x=0, y=0, width=0, height=0
14:25:41 = hWnd = 0x002c01b0; ClassName:
x=0, y=0, width=0, height=0
14:29:14 = Process Attach
14:29:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:29:14 = * NULL == SampleProvider *

14:29:14 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:29:14 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

14:29:14 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:29:14 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:29:17 = Need to re-create objects.
14:29:17 = s1.
14:29:17 = s2.
14:29:20
14:29:20
14:29:56
14:29:56
14:29:57
14:29:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:1:16 = Process Attach

2:1:16 = end process attach
2:1:16 = ##### Begin waiting Mutex to release process #####
2:1:16 = hWnd = 0x00020530; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:1:16 = hWnd = 0x001d048e; ClassName:
w.
x=0, y=0, width=1, height=1
2:1:16 = hWnd = 0x000204a6; ClassName:
x=0, y=0, width=0, height=0
2:1:16 = hWnd = 0x001e0496; ClassName:
x=0, y=0, width=0, height=0
2:1:44 = Process Attach
2:1:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:1:44 = ##### Get event and release process #####

2:1:44 = ***** NULL == SampleProvider *****
2:1:44 = end close Process
2:1:44 = ##### Get event and release process end #####
2:1:44 = hWnd = 0x00990098; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:1:44 = hWnd = 0x00750050; ClassName:
w.
x=0, y=0, width=1, height=1
2:1:44 = hWnd = 0x01120062; ClassName:
x=0, y=0, width=0, height=0
2:1:44 = hWnd = 0x007c01be; ClassName:
x=0, y=0, width=0, height=0
11:30:25 = Process Attach
11:30:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:25 = * NULL == SampleProvider *

11:30:25 = ##### Begin waiting Mutex to release process #####

11:30:25 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:30:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:30:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:30:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:30:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:28 = s1.
11:30:28 = s2.
11:30:32 = Start show animate
11:30:32 = Shell Excutute VerifyHost
11:31:9 = begin close Process
11:31:9 = Terminate Process
11:31:10 = end close Process
11:31:10 = DLL_PROCESS_DETACH
23:48:55 = Process Attach
23:48:55 = end process attach
23:48:55 = ***** NULL == SampleProvider *****
23:48:55 = hWnd = 0x000804c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:48:55 = hWnd = 0x000a03a0; ClassName:
dow.
x=0, y=0, width=1, height=1
23:48:55 = hWnd = 0x000804c0; ClassName:
x=0, y=0, width=0, height=0
23:48:55 = hWnd = 0x000805da; ClassName:
x=0, y=0, width=0, height=0
23:49:22 = Process Attach
23:49:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:49:22 = ##### Get event and release process #####

23:49:22 = begin close Process
23:49:22 = end close Process
23:49:22 = ##### Get event and release process end #####
23:49:22 = hWnd = 0x001201f6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:49:22 = hWnd = 0x015a0092; ClassName:
dow.
x=0, y=0, width=1, height=1
23:49:22 = hWnd = 0x00060050; ClassName:
x=0, y=0, width=0, height=0
23:49:22 = hWnd = 0x00750058; ClassName:
x=0, y=0, width=0, height=0
8:36:31 = Process Attach
8:36:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:36:31 = * NULL == SampleProvider *

8:36:32 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:36:32 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:36:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:36:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:36:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:36:36 = s1.
8:36:36 = s2.
8:36:41
8:36:41
8:37:17
8:37:17
8:37:18
8:37:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:34:9 = Process Attach

3:34:9 = end process attach
3:34:9 = ##### Begin waiting Mutex to release process #####
3:34:9 = hWnd = 0x005303d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:34:9 = hWnd = 0x000c03ce; ClassName:
w.
x=0, y=0, width=1, height=1
3:34:9 = hWnd = 0x000c07ec; ClassName:
x=0, y=0, width=0, height=0
3:34:9 = hWnd = 0x000403f0; ClassName:
x=0, y=0, width=0, height=0
3:35:7 = Process Attach
3:35:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:35:7 = ##### Get event and release process #####

3:35:7 = ***** NULL == SampleProvider *****
3:35:7 = end close Process
3:35:7 = ##### Get event and release process end #####
3:35:7 = hWnd = 0x014101e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:35:7 = hWnd = 0x01e4005e; ClassName:
w.
x=0, y=0, width=1, height=1
3:35:7 = hWnd = 0x01af00a6; ClassName:
x=0, y=0, width=0, height=0
3:35:7 = hWnd = 0x014101ce; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:52:31 = Process Attach

12:52:31 = end process attach
12:52:31 = ***** NULL == SampleProvider *****
12:52:31 = ##### Begin waiting Mutex to release process #####
12:52:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:52:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:52:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:52:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:52:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:52:36 = s1.
12:52:36 = s2.
12:52:39
12:52:39
12:53:15
12:53:15
12:53:16
12:53:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:2:13 = Process Attach

2:2:13 = end process attach
2:2:13 = ##### Begin waiting Mutex to release process #####
2:2:13 = hWnd = 0x000204c8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:2:13 = hWnd = 0x000402fa; ClassName:
w.
x=0, y=0, width=1, height=1
2:2:13 = hWnd = 0x000204bc; ClassName:
x=0, y=0, width=0, height=0
2:2:13 = hWnd = 0x00030306; ClassName:
x=0, y=0, width=0, height=0
2:2:52 = Process Attach
2:2:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:2:52 = ##### Get event and release process #####

2:2:52 = begin close Process
2:2:52 = end close Process
2:2:52 = ##### Get event and release process end #####
2:2:52 = hWnd = 0x00720058; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:2:52 = hWnd = 0x0142002a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

2:2:52 = hWnd = 0x00f0009a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
2:2:52 = hWnd = 0x01310056; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:16:27 = Process Attach
8:16:27 = end process attach
8:16:27 = ***** NULL == SampleProvider *****
8:16:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:16:28 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:16:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:16:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:16:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:16:31 = s1.
8:16:31 = s2.
8:16:35
8:16:35
8:17:11
8:17:11
8:17:12
8:17:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:3:30 = Process Attach

2:3:30 = end process attach
2:3:30 = ***** NULL == SampleProvider *****
2:3:30 = hWnd = 0x001f08c8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:3:30 = hWnd = 0x00420a40; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:3:30 = hWnd = 0x001d0c54; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:3:30 = hWnd = 0x000b11c2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:3:30 = ##### Begin waiting Mutex to release process #####
2:6:14 = Need to re-create objects.
2:6:14 = s1.
2:6:14 = s2.
2:6:15
2:6:16
2:6:44
2:6:44
2:6:45

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

2:6:45 = DLL_PROCESS_DETACH
2:24:22 = Process Attach
2:24:22 = end process attach
2:24:22 = ***** NULL == SampleProvider *****
2:24:22 = hWnd = 0x000b118e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:24:22 = hWnd = 0x00210c86; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:22 = hWnd = 0x00230c62; ClassName:
x=0, y=0, width=0, height=0
2:24:22 = hWnd = 0x00300be8; ClassName:
x=0, y=0, width=0, height=0
2:24:44 = Process Attach
2:24:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:24:44 = * NULL == SampleProvider *

2:24:44 =
2:24:44 =
2:24:44 =
x=0, y=0,
2:24:44 =
x=0, y=0,
14:3:20 =
14:3:21 =

begin close Process

end close Process
hWnd = 0x00500038; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x019301c4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

14:3:21 = * NULL == SampleProvider *

14:3:21 = ##### Begin waiting Mutex to release process #####
14:3:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:3:21 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:3:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:3:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:3:25 = Need to re-create objects.
14:3:25 = s1.
14:3:25 = s2.
14:3:28 = Start show animate
14:3:28 = Shell Excutute VerifyHost
14:4:5 = begin close Process
14:4:5 = Terminate Process
14:4:6 = end close Process
14:4:6 = DLL_PROCESS_DETACH
18:25:14 = Process Attach
18:25:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:25:14 = * NULL == SampleProvider *

18:25:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:25:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:25:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:25:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:25:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:25:19 = s1.
18:25:19 = s2.
18:25:22 = Start show animate
18:25:22 = Shell Excutute VerifyHost
18:25:59 = begin close Process
18:25:59 = Terminate Process
18:26:0 = end close Process
18:26:0 = DLL_PROCESS_DETACH
2:56:51 = Process Attach
2:56:51 = end process attach
2:56:51 = ***** NULL == SampleProvider *****
2:56:51 = ##### Begin waiting Mutex to release process #####
2:56:51 = hWnd = 0x00090700; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:56:51 = hWnd = 0x000603fc; ClassName:
ow.
x=0, y=0, width=1, height=1
2:56:51 = hWnd = 0x000b0466; ClassName:
x=0, y=0, width=0, height=0
2:56:51 = hWnd = 0x00030414; ClassName:
x=0, y=0, width=0, height=0
2:57:39 = Process Attach
2:57:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:57:39 = ##### Get event and release process #####

2:57:39 = begin close Process
2:57:39 = ***** NULL == SampleProvider *****
2:57:39 = ##### Get event and release process end #####
2:57:39 = hWnd = 0x007501e2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:57:39 = hWnd = 0x007201ac; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:57:39 = hWnd = 0x002800fe; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

2:57:39 = hWnd = 0x006d011e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:42:59 = Process Attach
13:42:59 = end process attach
13:42:59 = ***** NULL == SampleProvider *****
13:42:59 = ##### Begin waiting Mutex to release process #####
13:43:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:43:0 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:43:0 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:43:0 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:43:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:43:4 = s1.
13:43:4 = s2.
13:43:7 = Start show animate
13:43:7 = Shell Excutute VerifyHost
13:43:43 = begin close Process
13:43:43 = Terminate Process
13:43:44 = end close Process
13:43:44 = DLL_PROCESS_DETACH
1:47:54 = Process Attach
1:47:54 = end process attach
1:47:54 = ***** NULL == SampleProvider *****
1:47:54 = ##### Begin waiting Mutex to release process #####
1:48:20 = Process Attach
1:48:20 = ## ERR ## Setevent
1:48:20 = ##### Get event and release process #####
1:48:20 = ***** NULL == SampleProvider *****
1:48:20 = end close Process
1:48:20 = ##### Get event and release process end #####
1:48:20 = hWnd = 0x019e0058; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:48:20 = hWnd = 0x00be01d0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:20 = hWnd = 0x00c5016a; ClassName:
x=0, y=0, width=0, height=0
1:48:20 = hWnd = 0x010b01c6; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:53:41 = Process Attach

11:53:41 = end process attach
11:53:41 = ***** NULL == SampleProvider *****
11:53:41 = ##### Begin waiting Mutex to release process #####
11:53:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:53:42 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:53:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:53:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:53:46 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:53:47 = s1.
11:53:47 = s2.
11:53:49
11:53:49
11:54:26
11:54:26
11:54:27
11:54:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:29:14 = Process Attach

0:29:14 = end process attach
0:29:14 = ***** NULL == SampleProvider *****
0:29:14 = ##### Begin waiting Mutex to release process #####
0:29:14 = hWnd = 0x000303e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:29:14 = hWnd = 0x002703ea; ClassName:
ow.
x=0, y=0, width=1, height=1
0:29:14 = hWnd = 0x00020434; ClassName:
x=0, y=0, width=0, height=0
0:29:14 = hWnd = 0x00030428; ClassName:
x=0, y=0, width=0, height=0
0:29:15 = Need to re-create objects.
0:29:15 = s1.
0:29:15 = s2.
0:29:15
0:29:15
0:30:12
0:30:12
0:30:13
0:30:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:51:30 = Process Attach

0:51:30 = end process attach
0:51:30 = ***** NULL == SampleProvider *****
0:51:30 = ##### Begin waiting Mutex to release process #####
0:51:30 = hWnd = 0x0011058a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:51:30 = hWnd = 0x001905a2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:30 = hWnd = 0x001c0544; ClassName:
x=0, y=0, width=0, height=0
0:51:30 = hWnd = 0x00490598; ClassName:
x=0, y=0, width=0, height=0
0:51:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:51:30 = s1.
0:51:30 = s2.
0:51:30
0:51:30
0:52:37
0:52:37
0:52:38
0:52:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:32:41 = Process Attach

1:32:41 = end process attach
1:32:41 = ***** NULL == SampleProvider *****
1:32:41 = ##### Begin waiting Mutex to release process #####
1:32:41 = hWnd = 0x000906e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:32:41 = hWnd = 0x000f041a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:32:41 = hWnd = 0x00180c36; ClassName:
x=0, y=0, width=0, height=0
1:32:41 = hWnd = 0x00060714; ClassName:
x=0, y=0, width=0, height=0
1:33:0 = Process Attach
1:33:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:0 = ##### Get event and release process #####

1:33:0 = ***** NULL == SampleProvider *****
1:33:0 = end close Process
1:33:0 = ##### Get event and release process end #####
1:33:0 = hWnd = 0x013f01e6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:33:0 = hWnd = 0x00d601ce; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:33:0 = hWnd = 0x00610066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:33:0 = hWnd = 0x021b0038; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:20:54 = Process Attach
12:20:54 = end process attach
12:20:54 = ***** NULL == SampleProvider *****
12:20:54 = ##### Begin waiting Mutex to release process #####
12:20:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:20:55 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:20:55 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:20:59 = Need to re-create objects.
12:20:59 = s1.
12:20:59 = s2.
12:21:2 = Start show animate
12:21:2 = Shell Excutute VerifyHost
12:21:39 = begin close Process
12:21:39 = Terminate Process
12:21:40 = end close Process
12:21:40 = DLL_PROCESS_DETACH
13:18:46 = Process Attach
13:18:46 = end process attach
13:18:46 = ***** NULL == SampleProvider *****
13:18:46 = ##### Begin waiting Mutex to release process #####
13:18:46 = hWnd = 0x000300f2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:18:46 = hWnd = 0x000400f4; ClassName:
dow.
x=0, y=0, width=1, height=1
13:18:46 = hWnd = 0x001303f8; ClassName:
x=0, y=0, width=0, height=0
13:18:46 = hWnd = 0x00020400; ClassName:
x=0, y=0, width=0, height=0
13:18:46 = Need to re-create objects.
13:18:46 = s1.
13:18:46 = s2.
13:18:47 = Start show animate
13:18:47 = Shell Excutute VerifyHost
13:19:45 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:19:45 = Terminate Process

13:19:46 = end close Process
13:19:46 = DLL_PROCESS_DETACH
7:6:27 = Process Attach
7:6:27 = end process attach
7:6:27 = ***** NULL == SampleProvider *****
7:6:27 = hWnd = 0x00370660; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:6:27 = hWnd = 0x00460d98; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:6:27 = ##### Begin waiting Mutex to release process #####
7:6:27 = hWnd = 0x001e0562; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:6:27 = hWnd = 0x002007f8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:7:48 = Process Attach
7:7:48 = ## ERR ## Setevent
7:7:48 = ***** NULL == SampleProvider *****
7:7:48 = begin close Process
7:7:48 = end close Process
7:7:48 = ##### Get event and release process end #####
7:7:48 = hWnd = 0x014d01e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:7:48 = hWnd = 0x01d201e4; ClassName:
w.
x=0, y=0, width=1, height=1
7:7:48 = hWnd = 0x00af003a; ClassName:
x=0, y=0, width=0, height=0
7:7:48 = hWnd = 0x01360050; ClassName:
x=0, y=0, width=0, height=0
14:9:47 = Process Attach
14:9:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:9:47 = * NULL == SampleProvider *

14:9:47 = ##### Begin waiting Mutex to release process #####
14:9:47 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:9:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:9:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:9:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:9:51 = Need to re-create objects.
14:9:51 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:9:51 = s2.
14:9:55 = Start show animate
14:9:55 = Shell Excutute VerifyHost
14:10:32 = begin close Process
14:10:32 = Terminate Process
14:10:33 = end close Process
14:10:33 = DLL_PROCESS_DETACH
2:54:53 = Process Attach
2:54:53 = end process attach
2:54:53 = ##### Begin waiting Mutex to release process #####
2:54:53 = hWnd = 0x0083071c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:54:53 = hWnd = 0x0089093e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:54:53 = hWnd = 0x003005f2; ClassName:
x=0, y=0, width=0, height=0
2:54:53 = hWnd = 0x00090400; ClassName:
x=0, y=0, width=0, height=0
2:55:14 = Process Attach
2:55:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:55:14 = * NULL == SampleProvider *

2:55:14 = begin close Process
2:55:14 = end close Process
2:55:14 = ##### Get event and release process end #####
2:55:14 = hWnd = 0x00430062; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:55:14 = hWnd = 0x00b400c8; ClassName:
ow.
x=0, y=0, width=1, height=1
2:55:14 = hWnd = 0x00ed0050; ClassName:
x=0, y=0, width=0, height=0
2:55:14 = hWnd = 0x00700142; ClassName:
x=0, y=0, width=0, height=0
13:24:33 = Process Attach
13:24:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:24:33 = * NULL == SampleProvider *

13:24:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:24:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:24:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:24:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:24:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:24:37 = s1.
13:24:37 = s2.
13:24:40
13:24:40
13:25:16
13:25:16
13:25:17
13:25:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:18:29 = Process Attach

3:18:29 = end process attach
3:18:29 = ***** NULL == SampleProvider *****
3:18:29 = ##### Begin waiting Mutex to release process #####
3:18:29 =
ow.
x=0, y=0,
3:18:29 =
x=0, y=0,
3:18:29 =
x=0, y=0,
3:19:24 =
3:19:24 =

hWnd = 0x000401e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00030408; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00460fe4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:19:24 = ##### Get event and release process #####

3:19:24 = begin close Process
3:19:24 = end close Process
3:19:24 = ##### Get event and release process end #####
3:19:24 = hWnd = 0x015000dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:19:24 = hWnd = 0x01480098; ClassName:
ow.
x=0, y=0, width=1, height=1
3:19:24 = hWnd = 0x004b004c; ClassName:
x=0, y=0, width=0, height=0
3:19:24 = hWnd = 0x01260058; ClassName:
x=0, y=0, width=0, height=0
12:40:21 = Process Attach
12:40:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:40:21 = * NULL == SampleProvider *

12:40:21 = ##### Begin waiting Mutex to release process #####
12:40:21 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:40:22 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:40:22 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

12:40:22 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
12:40:25 = Need to re-create objects.
12:40:25 = s1.
12:40:25 = s2.
12:40:28 = Start show animate
12:40:28 = Shell Excutute VerifyHost
12:41:7 = begin close Process
12:41:7 = Terminate Process
12:41:8 = end close Process
12:41:8 = DLL_PROCESS_DETACH
1:21:16 = Process Attach
1:21:16 = end process attach
1:21:16 = ***** NULL == SampleProvider *****
1:21:16 = ##### Begin waiting Mutex to release process #####
1:21:16 = hWnd = 0x00040446; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:21:16 = hWnd = 0x000402ba; ClassName:
ow.
x=0, y=0, width=1, height=1
1:21:16 = hWnd = 0x000302be; ClassName:
x=0, y=0, width=0, height=0
1:21:16 = hWnd = 0x000302bc; ClassName:
x=0, y=0, width=0, height=0
1:21:37 = Process Attach
1:21:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:21:37 = * NULL == SampleProvider *

1:21:37 = begin close Process
1:21:37 = end close Process
1:21:37 = ##### Get event and release process end #####
1:21:37 = hWnd = 0x00950090; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:21:37 = hWnd = 0x012a00a6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:21:37 = hWnd = 0x00ce004c; ClassName:
x=0, y=0, width=0, height=0
1:21:37 = hWnd = 0x010d0038; ClassName:
x=0, y=0, width=0, height=0
8:32:41 = Process Attach
8:32:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:32:41 = * NULL == SampleProvider *

8:32:41 = ##### Begin waiting Mutex to release process #####
8:32:42 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
8:32:42 =
ow.
x=0, y=0,
8:32:42 =
x=0, y=0,
8:32:42 =
x=0, y=0,
8:32:46 =

width=1366, height=768
hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

8:32:46 = s1.
8:32:46 = s2.
8:32:50
8:32:50
8:33:26
8:33:26
8:33:27
8:33:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:43:18 = Process Attach

9:43:18 = end process attach
9:43:18 = ##### Begin waiting Mutex to release process #####
9:43:18 = hWnd = 0x000603e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:43:18 = hWnd = 0x000503e0; ClassName:
ow.
x=0, y=0, width=1, height=1
9:43:18 = hWnd = 0x000d0336; ClassName:
x=0, y=0, width=0, height=0
9:43:18 = hWnd = 0x00070236; ClassName:
x=0, y=0, width=0, height=0
9:43:24 = Process Attach
9:43:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:43:24 = * NULL == SampleProvider *

9:43:24 = begin close Process
9:43:24 = end close Process
9:43:24 = ##### Get event and release process end #####
9:43:24 = hWnd = 0x000701b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:43:24 = hWnd = 0x00240060; ClassName:
ow.
x=0, y=0, width=1, height=1
9:43:24 = hWnd = 0x000901fc; ClassName:
x=0, y=0, width=0, height=0
9:43:24 = hWnd = 0x001201dc; ClassName:
x=0, y=0, width=0, height=0
11:53:33 = Process Attach
11:53:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:53:33 = ##### Begin waiting Mutex to release process #####

11:53:34 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:53:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:53:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:53:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:53:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

Start show animate

Shell Excutute VerifyHost
= begin close Process
= Terminate Process
= end close Process
= DLL_PROCESS_DETACH

3:4:17 = Process Attach

3:4:17 = end process attach
3:4:17 = ***** NULL == SampleProvider *****
3:4:17 = ##### Begin waiting Mutex to release process #####
3:4:17 = hWnd = 0x00270aa8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
3:4:17 = hWnd = 0x000204b8; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:4:17 = hWnd = 0x000c0810; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:4:17 = hWnd = 0x000a0aaa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:4:43 = Process Attach
3:4:43 = ## ERR ## Setevent
3:4:43 = ##### Get event and release process #####
3:4:43 = begin close Process
3:4:43 = end close Process
3:4:43 = ##### Get event and release process end #####
3:4:43 = hWnd = 0x004d0176; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:4:43 = hWnd = 0x004e018c; ClassName:
w.
x=0, y=0, width=1, height=1
3:4:43 = hWnd = 0x000601e8; ClassName:
x=0, y=0, width=0, height=0
3:4:43 = hWnd = 0x00720036; ClassName:
x=0, y=0, width=0, height=0
13:47:3 = Process Attach
13:47:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:47:3 = * NULL == SampleProvider *

13:47:3 = ##### Begin waiting Mutex to release process #####
13:47:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:47:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:47:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:47:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:47:6 = Need to re-create objects.
13:47:6 = s1.
13:47:6 = s2.
13:47:10
13:47:10
13:47:46
13:47:46
13:47:47
13:47:47

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:36:39 = Process Attach

1:36:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:36:39 = * NULL == SampleProvider *

1:36:39 = ##### Begin waiting Mutex to release process #####
1:36:39 = hWnd = 0x001206d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:36:39 = hWnd = 0x00110814; ClassName:
ow.
x=0, y=0, width=1, height=1
1:36:39 = hWnd = 0x0015056c; ClassName:
x=0, y=0, width=0, height=0
1:36:39 = hWnd = 0x00140802; ClassName:
x=0, y=0, width=0, height=0
1:36:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:36:39 = s1.
1:36:39 = s2.
1:36:39 = Start show animate
1:36:39 = Shell Excutute VerifyHost
1:38:2 = begin close Process
1:38:2 = Terminate Process
1:38:3 = end close Process
1:38:3 = DLL_PROCESS_DETACH
2:22:3 = Process Attach
2:22:3 = end process attach
2:22:3 = ***** NULL == SampleProvider *****
2:22:3 = ##### Begin waiting Mutex to release process #####
2:22:3 = hWnd = 0x00220bdc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:22:3 = hWnd = 0x00030420; ClassName:
w.
x=0, y=0, width=1, height=1
2:22:3 = hWnd = 0x002b0c08; ClassName:
x=0, y=0, width=0, height=0
2:22:3 = hWnd = 0x00190caa; ClassName:
x=0, y=0, width=0, height=0
2:22:28 = Process Attach
2:22:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:22:28 = * NULL == SampleProvider *

2:22:28 = begin close Process
2:22:28 = end close Process
2:22:28 = ##### Get event and release process end #####
2:22:28 = hWnd = 0x00bc0092; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:22:28 = hWnd = 0x00530050; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

2:22:28 = hWnd = 0x00d2018e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
2:22:28 = hWnd = 0x00c001c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:24:48 = Process Attach
12:24:48 = end process attach
12:24:48 = ***** NULL == SampleProvider *****
12:24:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:24:49 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:24:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:24:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:24:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:24:52 = s1.
12:24:52 = s2.
12:24:55
12:24:55
12:25:30
12:25:30
12:25:31
12:25:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:18:32 = Process Attach

1:18:32 = end process attach
1:18:32 = ***** NULL == SampleProvider *****
1:18:32 = ##### Begin waiting Mutex to release process #####
1:18:32 = hWnd = 0x00090b4a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:18:32 = hWnd = 0x001f0c12; ClassName:
ow.
x=0, y=0, width=1, height=1
1:18:32 = hWnd = 0x000407d6; ClassName:
x=0, y=0, width=0, height=0
1:18:32 = hWnd = 0x000c046a; ClassName:
x=0, y=0, width=0, height=0
1:18:35 = Need to re-create objects.
1:18:35 = s1.
1:18:35 = s2.
1:18:39
1:18:39
1:20:14
1:20:14
1:20:15

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:20:15 = DLL_PROCESS_DETACH
1:30:19 = Process Attach
1:30:19 = end process attach
1:30:19 = ***** NULL == SampleProvider *****
1:30:19 = ##### Begin waiting Mutex to release process #####
1:30:19 = hWnd = 0x000d0bb2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:30:19 = hWnd = 0x000f0c4e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:19 = hWnd = 0x00190c6a; ClassName:
x=0, y=0, width=0, height=0
1:30:19 = hWnd = 0x000502aa; ClassName:
x=0, y=0, width=0, height=0
1:30:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:30:19 = s1.
1:30:19 = s2.
1:30:19
1:30:19
1:32:50
1:32:50
1:32:51
1:32:51

2:28:24 = begin close Process
2:28:24 = end close Process
2:28:24 = ##### Get event and release process end #####
2:28:24 = hWnd = 0x00c70056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:28:24 = hWnd = 0x01bb0054; ClassName:
ow.
x=0, y=0, width=1, height=1
2:28:24 = hWnd = 0x00a5003a; ClassName:
x=0, y=0, width=0, height=0
2:28:24 = hWnd = 0x00e1002c; ClassName:
x=0, y=0, width=0, height=0
11:4:58 = Process Attach
11:4:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:4:58 = * NULL == SampleProvider *

11:4:58 = ##### Begin waiting Mutex to release process #####
11:4:58 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:4:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:4:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:4:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:5:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:2 = s1.
11:5:2 = s2.
11:5:6 = Start show animate
11:5:6 = Shell Excutute VerifyHost
11:5:42 = begin close Process
11:5:42 = Terminate Process
11:5:43 = end close Process
11:5:43 = DLL_PROCESS_DETACH
13:53:14 = Process Attach
13:53:14 = end process attach
13:53:14 = ***** NULL == SampleProvider *****
13:53:14 = ##### Begin waiting Mutex to release process #####
13:53:14 = hWnd = 0x00040828; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:53:14 = hWnd = 0x00030a5a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:53:14 = hWnd = 0x00030842; ClassName:
x=0, y=0, width=0, height=0
13:53:14 = hWnd = 0x000406e6; ClassName:
x=0, y=0, width=0, height=0
13:53:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:53:14 = s1.
13:53:14 = s2.
13:53:14
13:53:14
15:38:19
15:38:19
15:38:20
15:38:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

19:39:51 = Process Attach

19:39:51 = end process attach
19:39:51 = ***** NULL == SampleProvider *****
19:39:51 = ##### Begin waiting Mutex to release process #####
19:39:51 = hWnd = 0x00200be0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:39:51 = hWnd = 0x000305ea; ClassName:
dow.
x=0, y=0, width=1, height=1
19:39:51 = hWnd = 0x000402f4; ClassName:
x=0, y=0, width=0, height=0
19:39:51 = hWnd = 0x000305e2; ClassName:
x=0, y=0, width=0, height=0
19:40:34 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:40:34 = ## ERR ## Setevent

19:40:34 = ***** NULL == SampleProvider *****
19:40:34 = begin close Process
19:40:34 = end close Process
19:40:34 = ##### Get event and release process end #####
19:40:34 = hWnd = 0x003701e6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:40:34 = hWnd = 0x002f0046; ClassName:
dow.
x=0, y=0, width=1, height=1
19:40:34 = hWnd = 0x000300f8; ClassName:
x=0, y=0, width=0, height=0
19:40:34 = hWnd = 0x0036008a; ClassName:
x=0, y=0, width=0, height=0
21:19:51 = Process Attach
21:19:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:19:51 = * NULL == SampleProvider *

21:19:51 = ##### Begin waiting Mutex to release process #####
21:19:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:19:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:19:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:19:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:19:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:19:55 = s1.
21:19:55 = s2.
21:19:58
21:19:58
21:20:37
21:20:37
21:20:38
21:20:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:54:31 = Process Attach

1:54:31 = end process attach
1:54:31 = ***** NULL == SampleProvider *****
1:54:31 = ##### Begin waiting Mutex to release process #####
1:54:31 = hWnd = 0x00130480; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:54:31 = hWnd = 0x000705c2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
1:54:31 =
x=0, y=0,
1:54:31 =
x=0, y=0,
1:54:31 =

width=1, height=1
hWnd = 0x00090440; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00170664; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

1:54:31 = s1.
1:54:31 = s2.
1:54:32 = Start show animate
1:54:32 = Shell Excutute VerifyHost
2:3:10 = begin close Process
2:3:10 = Terminate Process
2:3:11 = end close Process
2:3:11 = DLL_PROCESS_DETACH
2:24:35 = Process Attach
2:24:35 = end process attach
2:24:35 = ##### Begin waiting Mutex to release process #####
2:24:35 = hWnd = 0x00080452; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:24:35 = hWnd = 0x000404d6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:35 = hWnd = 0x000404ca; ClassName:
x=0, y=0, width=0, height=0
2:24:35 = hWnd = 0x000a0578; ClassName:
x=0, y=0, width=0, height=0
2:24:41 = Process Attach
2:24:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:24:41 = ##### Get event and release process #####

2:24:41 = begin close Process
2:24:41 = end close Process
2:24:41 = ##### Get event and release process end #####
2:24:41 = hWnd = 0x009901da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:24:41 = hWnd = 0x008f005e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:41 = hWnd = 0x000a003a; ClassName:
x=0, y=0, width=0, height=0
2:24:41 = hWnd = 0x00750062; ClassName:
x=0, y=0, width=0, height=0
12:33:13 = Process Attach
12:33:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:33:13 = * NULL == SampleProvider *

12:33:13 = ##### Begin waiting Mutex to release process #####
12:33:13 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
12:33:14 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:33:14 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:33:14 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:33:17 = Need to re-create objects.
12:33:17 = s1.
12:33:17 = s2.
12:33:20
12:33:20
12:33:58
12:33:58
12:33:59
12:33:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:56:40 = Process Attach

3:56:40 = end process attach
3:56:40 = ***** NULL == SampleProvider *****
3:56:40 = ##### Begin waiting Mutex to release process #####
3:56:40 = hWnd = 0x00090568; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:56:40 = hWnd = 0x001d05c6; ClassName:
ow.
x=0, y=0, width=1, height=1
3:56:40 = hWnd = 0x0026084a; ClassName:
x=0, y=0, width=0, height=0
3:56:40 = hWnd = 0x00050638; ClassName:
x=0, y=0, width=0, height=0
3:57:20 = Process Attach
3:57:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:57:20 = ##### Get event and release process #####

3:57:20 = ***** NULL == SampleProvider *****
3:57:20 = ##### Get event and release process end #####
3:57:20 = hWnd = 0x013b002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:57:20 = hWnd = 0x018101d2; ClassName:
ow.
x=0, y=0, width=1, height=1
3:57:20 = hWnd = 0x005d0094; ClassName:
x=0, y=0, width=0, height=0
3:57:20 = hWnd = 0x0157005a; ClassName:
x=0, y=0, width=0, height=0
13:11:45 = Process Attach
13:11:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:11:45 = * NULL == SampleProvider *

13:11:45 = ##### Begin waiting Mutex to release process #####
13:11:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:11:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:11:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:11:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:11:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:11:49 = s1.
13:11:49 = s2.
13:11:52
13:11:52
13:12:29
13:12:29
13:12:30
13:12:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:55:28 = Process Attach

3:55:28 = end process attach
3:55:28 = ***** NULL == SampleProvider *****
3:55:28 = hWnd = 0x00110c8c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:55:28 = hWnd = 0x00070e14; ClassName:
ow.
x=0, y=0, width=1, height=1
3:55:28 = hWnd = 0x00090da2; ClassName:
x=0, y=0, width=0, height=0
3:55:28 = hWnd = 0x00110d50; ClassName:
x=0, y=0, width=0, height=0
3:56:19 = Process Attach
3:56:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:56:19 = ##### Get event and release process #####

3:56:19 = begin close Process
3:56:19 = end close Process
3:56:19 = ##### Get event and release process end #####
3:56:19 = ***** NULL == SampleProvider *****
3:56:19 = hWnd = 0x013e0036; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:56:19 = hWnd = 0x00c301f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

3:56:19 =
x=0, y=0,
3:56:19 =
x=0, y=0,
11:26:0 =
11:26:0 =

hWnd = 0x005c01f0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00af003a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

11:26:0 = * NULL == SampleProvider *

11:26:0 = ##### Begin waiting Mutex to release process #####
11:26:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:26:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:26:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:26:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:26:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:26:5 = s1.
11:26:5 = s2.
11:26:10
11:26:10
11:26:46
11:26:46
11:26:47
11:26:47

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:54:46 = Process Attach

2:54:46 = end process attach
2:54:46 = ***** NULL == SampleProvider *****
2:54:46 = hWnd = 0x000e0b16; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:54:46 = hWnd = 0x000c0618; ClassName:
ow.
x=0, y=0, width=1, height=1
2:54:46 = hWnd = 0x00070306; ClassName:
x=0, y=0, width=0, height=0
2:54:46 = hWnd = 0x00040c5c; ClassName:
x=0, y=0, width=0, height=0
2:55:23 = Process Attach
2:55:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:55:23 = ##### Get event and release process #####

2:55:23 = ***** NULL == SampleProvider *****
2:55:23 = end close Process
2:55:23 = ##### Get event and release process end #####
2:55:24 = hWnd = 0x003c00e8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
2:55:24 = hWnd = 0x014b0064; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:55:24 = hWnd = 0x009601cc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:55:24 = hWnd = 0x014b01d4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:1:0 = Process Attach
13:1:0 = end process attach
13:1:0 = ***** NULL == SampleProvider *****
13:1:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:1:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
13:1:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:1:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:1:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:1:3 = s1.
13:1:3 = s2.
13:1:6 = Start show animate
13:1:6 = Shell Excutute VerifyHost
13:1:45 = begin close Process
13:1:45 = Terminate Process
13:1:46 = end close Process
13:1:46 = DLL_PROCESS_DETACH
15:37:36 = Process Attach
15:37:36 = end process attach
15:37:36 = ***** NULL == SampleProvider *****
15:37:36 = ##### Begin waiting Mutex to release process #####
15:37:36 = hWnd = 0x00050568; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:37:36 = hWnd = 0x00030aa2; ClassName:
dow.
x=0, y=0, width=1, height=1
15:37:36 = hWnd = 0x000607a6; ClassName:
x=0, y=0, width=0, height=0
15:37:36 = hWnd = 0x0004060a; ClassName:
x=0, y=0, width=0, height=0
15:37:41 = Process Attach
15:37:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:37:41 = * NULL == SampleProvider *

15:37:41 = begin close Process

15:37:41 = end close Process

15:37:41 = ##### Get event and release process end #####
15:37:41 = hWnd = 0x003301f6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:37:41 = hWnd = 0x007c002a; ClassName:
dow.
x=0, y=0, width=1, height=1
15:37:41 = hWnd = 0x0012002c; ClassName:
x=0, y=0, width=0, height=0
15:37:41 = hWnd = 0x004601f4; ClassName:
x=0, y=0, width=0, height=0
20:9:34 = Process Attach
20:9:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:9:34 = * NULL == SampleProvider *

20:9:34 = ##### Begin waiting Mutex to release process #####
20:9:35 =
ow.
x=0, y=0,
20:9:36 =
x=0, y=0,
20:9:36 =
x=0, y=0,
20:9:39 =

hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

20:9:39 = s1.
20:9:39 = s2.
20:9:42 = Start show animate
20:9:42 = Shell Excutute VerifyHost
20:10:20 = begin close Process
20:10:20 = Terminate Process
20:10:21 = end close Process
20:10:21 = DLL_PROCESS_DETACH
2:52:44 = Process Attach
2:52:45 = end process attach
2:52:45 = ##### Begin waiting Mutex to release process #####
2:52:45 = hWnd = 0x000604da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:52:45 = hWnd = 0x00020a6e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:52:45 = hWnd = 0x00380c9a; ClassName:
x=0, y=0, width=0, height=0
2:52:45 = hWnd = 0x0003082a; ClassName:
x=0, y=0, width=0, height=0
2:53:34 = Process Attach
2:53:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:53:34 = * NULL == SampleProvider *

2:53:34 = begin close Process

2:53:34 = end close Process
2:53:34 = ##### Get event and release process end #####
2:53:34 = hWnd = 0x006b005c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:53:34 = hWnd = 0x005d0094; ClassName:
ow.
x=0, y=0, width=1, height=1
2:53:34 = hWnd = 0x001301ba; ClassName:
x=0, y=0, width=0, height=0
2:53:34 = hWnd = 0x00d40200; ClassName:
x=0, y=0, width=0, height=0
12:41:37 = Process Attach
12:41:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:41:37 = * NULL == SampleProvider *

12:41:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:41:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:41:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:41:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:41:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:41:41 = s1.
12:41:41 = s2.
12:41:44
12:41:44
12:42:22
12:42:22
12:42:23
12:42:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:15:4 = Process Attach

3:15:4 = end process attach
3:15:4 = ***** NULL == SampleProvider *****
3:15:4 = ##### Begin waiting Mutex to release process #####
3:15:4 = hWnd = 0x00130516; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:15:4 = hWnd = 0x003d0c46; ClassName:
w.
x=0, y=0, width=1, height=1
3:15:4 = hWnd = 0x002307a6; ClassName:
x=0, y=0, width=0, height=0
3:15:4 = hWnd = 0x000605e0; ClassName:
x=0, y=0, width=0, height=0
3:15:46 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:15:46 = ## ERR ## Setevent

3:15:46 = ##### Get event and release process #####
3:15:46 = begin close Process
3:15:46 = end close Process
3:15:46 = ##### Get event and release process end #####
3:15:46 = hWnd = 0x01680036; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:15:46 = hWnd = 0x01490054; ClassName:
ow.
x=0, y=0, width=1, height=1
3:15:46 = hWnd = 0x019901cc; ClassName:
x=0, y=0, width=0, height=0
3:15:46 = hWnd = 0x005c01d0; ClassName:
x=0, y=0, width=0, height=0
12:48:53 = Process Attach
12:48:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:48:53 = * NULL == SampleProvider *

12:48:53 = ##### Begin waiting Mutex to release process #####
12:48:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:48:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:48:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:48:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:49:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:49:1 = s1.
12:49:1 = s2.
12:49:5 = Start show animate
12:49:5 = Shell Excutute VerifyHost
12:49:41 = begin close Process
12:49:41 = Terminate Process
12:49:42 = end close Process
12:49:42 = DLL_PROCESS_DETACH
3:7:21 = Process Attach
3:7:21 = end process attach
3:7:21 = ##### Begin waiting Mutex to release process #####
3:7:21 = hWnd = 0x00061038; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:7:21 = hWnd = 0x002406f4; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:7:21 = hWnd = 0x00080d50; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

3:7:21 = hWnd = 0x001508bc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:8:7 = Process Attach
3:8:7 = ## ERR ## Setevent
3:8:7 = ##### Get event and release process #####
3:8:7 = ***** NULL == SampleProvider *****
3:8:7 = ##### Get event and release process end #####
3:8:7 = hWnd = 0x00f00036; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:8:7 = hWnd = 0x00e801fc; ClassName:
.
x=0, y=0, width=1, height=1
3:8:7 = hWnd = 0x002001de; ClassName:
x=0, y=0, width=0, height=0
3:8:7 = hWnd = 0x012a01e2; ClassName:
x=0, y=0, width=0, height=0
13:2:13 = Process Attach
13:2:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:2:13 = * NULL == SampleProvider *

13:2:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:2:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:2:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:2:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:3:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:3:43 = s1.
13:3:43 = s2.
13:3:44
13:3:44
13:4:23
13:4:23
13:4:24
13:4:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:38:46 = Process Attach

18:38:46 = end process attach
18:38:46 = ***** NULL == SampleProvider *****
18:38:46 = hWnd = 0x000b047c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:38:46 = hWnd = 0x000f0520; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

18:38:46 = hWnd = 0x000b0462; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:38:46 = hWnd = 0x0015042e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:39:3 = Process Attach
18:39:3 = ## ERR ## Setevent
18:39:3 = ##### Get event and release process #####
18:39:3 = begin close Process
18:39:3 = end close Process
18:39:3 = ##### Get event and release process end #####
18:39:3 = hWnd = 0x00b7007a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:39:3 = hWnd = 0x005a017e; ClassName:
ow.
x=0, y=0, width=1, height=1
18:39:3 = hWnd = 0x00030030; ClassName:
x=0, y=0, width=0, height=0
18:39:3 = hWnd = 0x008f002a; ClassName:
x=0, y=0, width=0, height=0
18:42:52 = Process Attach
18:42:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:52 = * NULL == SampleProvider *

18:42:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:42:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:42:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:42:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:42:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:57 = s1.
18:42:57 = s2.
18:43:1 = Start show animate
18:43:1 = Shell Excutute VerifyHost
18:43:37 = begin close Process
18:43:37 = Terminate Process
18:43:38 = end close Process
18:43:38 = DLL_PROCESS_DETACH
3:30:6 = Process Attach
3:30:6 = end process attach
3:30:7 = ***** NULL == SampleProvider *****
3:30:7 = hWnd = 0x000304a2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

3:30:7 = hWnd = 0x000c07cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:30:7 = hWnd = 0x000403f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:30:7 = hWnd = 0x000a080e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:30:20 = Process Attach
3:30:20 = ## ERR ## Setevent
3:30:20 = ***** NULL == SampleProvider *****
3:30:20 = begin close Process
3:30:20 = end close Process
3:30:20 = ##### Get event and release process end #####
3:30:20 = hWnd = 0x005600a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:30:20 = hWnd = 0x00760054; ClassName:
ow.
x=0, y=0, width=1, height=1
3:30:20 = hWnd = 0x0032003a; ClassName:
x=0, y=0, width=0, height=0
3:30:20 = hWnd = 0x0048004c; ClassName:
x=0, y=0, width=0, height=0
5:52:52 = Process Attach
5:52:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:52:52 = * NULL == SampleProvider *

5:52:52 = ##### Begin waiting Mutex to release process #####
5:52:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:52:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
5:52:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:52:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:52:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:52:57 = s1.
5:52:57 = s2.
5:53:0 = Start show animate
5:53:0 = Shell Excutute VerifyHost
5:53:37 = begin close Process
5:53:37 = Terminate Process
5:53:38 = end close Process
5:53:38 = DLL_PROCESS_DETACH
2:14:39 = Process Attach
2:14:39 = end process attach
2:14:39 = ***** NULL == SampleProvider *****

2:14:39 = ##### Begin waiting Mutex to release process #####

2:14:39 =
ow.
x=0, y=0,
2:14:39 =
x=0, y=0,
2:14:39 =
x=0, y=0,
2:15:35 =
2:15:35 =

hWnd = 0x000404aa; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001b0f92; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0009013c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:15:35 = ##### Get event and release process #####

2:15:35 = begin close Process
2:15:35 = end close Process
2:15:35 = ##### Get event and release process end #####
2:15:35 = hWnd = 0x00940094; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:15:35 = hWnd = 0x010301fc; ClassName:
ow.
x=0, y=0, width=1, height=1
2:15:35 = hWnd = 0x007a01f6; ClassName:
x=0, y=0, width=0, height=0
2:15:35 = hWnd = 0x018f00cc; ClassName:
x=0, y=0, width=0, height=0
12:9:55 = Process Attach
12:9:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:9:55 = * NULL == SampleProvider *

12:9:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:9:56 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:9:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:9:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:10:1 = Need to re-create objects.
12:10:1 = s1.
12:10:1 = s2.
12:10:5 = Start show animate
12:10:5 = Shell Excutute VerifyHost
12:10:40 = begin close Process
12:10:40 = Terminate Process
12:10:41 = end close Process
12:10:41 = DLL_PROCESS_DETACH
2:8:16 = Process Attach
2:8:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:8:16 = * NULL == SampleProvider *

2:8:16 = hWnd = 0x00090738; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:8:16 = hWnd = 0x00030434; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:16 = hWnd = 0x0002043e; ClassName:
x=0, y=0, width=0, height=0
2:8:16 = hWnd = 0x00030436; ClassName:
x=0, y=0, width=0, height=0
2:8:49 = Process Attach
2:8:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:8:49 = * NULL == SampleProvider *

2:8:49 = begin close Process
2:8:49 = end close Process
2:8:49 = ##### Get event and release process end #####
2:8:49 = hWnd = 0x009e01f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:8:49 = hWnd = 0x01240052; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:49 = hWnd = 0x0065002a; ClassName:
x=0, y=0, width=0, height=0
2:8:49 = hWnd = 0x00580056; ClassName:
x=0, y=0, width=0, height=0
9:22:27 = Process Attach
9:22:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:22:27 = * NULL == SampleProvider *

9:22:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:22:28 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:22:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:22:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:22:33 = Need to re-create objects.
9:22:33 = s1.
9:22:33 = s2.
9:22:37
9:22:37
9:23:13
9:23:13
9:23:14
9:23:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:10:33 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:33 = end process attach

2:10:33 = ***** NULL == SampleProvider *****
2:10:33 = ##### Begin waiting Mutex to release process #####
2:10:33 =
ow.
x=0, y=0,
2:10:33 =
x=0, y=0,
2:10:33 =
x=0, y=0,
2:11:16 =
2:11:16 =

hWnd = 0x000407e4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00200422; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001f0f90; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:11:16 = ##### Get event and release process #####

2:11:16 = begin close Process
2:11:16 = end close Process
2:11:16 = ##### Get event and release process end #####
2:11:16 = hWnd = 0x01470060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:11:16 = hWnd = 0x00c20062; ClassName:
ow.
x=0, y=0, width=1, height=1
2:11:16 = hWnd = 0x0110002a; ClassName:
x=0, y=0, width=0, height=0
2:11:16 = hWnd = 0x015f006e; ClassName:
x=0, y=0, width=0, height=0
12:20:48 = Process Attach
12:20:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:20:48 = * NULL == SampleProvider *

12:20:48 = ##### Begin waiting Mutex to release process #####
12:20:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:20:50 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:20:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:20:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:20:53 = Need to re-create objects.
12:20:53 = s1.
12:20:53 = s2.
12:20:56
12:20:56
12:21:34
12:21:34
12:21:35

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:21:35 = DLL_PROCESS_DETACH
3:38:21 = Process Attach
3:38:21 = end process attach
3:38:21 = ***** NULL == SampleProvider *****
3:38:21 = ##### Begin waiting Mutex to release process #####
3:38:21 =
ow.
x=0, y=0,
3:38:21 =
x=0, y=0,
3:38:21 =
x=0, y=0,
3:39:29 =
3:39:29 =

hWnd = 0x00020658; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00020516; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00060520; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:39:29 = ##### Get event and release process #####

3:39:29 = hWnd = 0x00e00056; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:39:29 = end close Process
3:39:29 = hWnd = 0x015c01fc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:39:29 = hWnd = 0x00f20200; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:9:18 = Process Attach
11:9:18 = end process attach
11:9:18 = ***** NULL == SampleProvider *****
11:9:18 = ##### Begin waiting Mutex to release process #####
11:9:18 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:9:19 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:9:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:9:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:9:22 = Need to re-create objects.
11:9:22 = s1.
11:9:22 = s2.
11:9:26
11:9:26
11:10:3
11:10:3
11:10:4
11:10:4

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:41:45 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:41:45 = end process attach

3:41:45 = ***** NULL == SampleProvider *****
3:41:45 = hWnd = 0x000c0d8c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:41:45 = hWnd = 0x00240448; ClassName:
ow.
x=0, y=0, width=1, height=1
3:41:45 = hWnd = 0x000505fe; ClassName:
x=0, y=0, width=0, height=0
3:41:45 = hWnd = 0x00290a10; ClassName:
x=0, y=0, width=0, height=0
3:42:40 = Process Attach
3:42:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:42:40 = * NULL == SampleProvider *

3:42:40 = begin close Process
3:42:40 = end close Process
3:42:40 = ##### Get event and release process end #####
3:42:40 = hWnd = 0x00b50178; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:42:40 = hWnd = 0x01010182; ClassName:
ow.
x=0, y=0, width=1, height=1
3:42:40 = hWnd = 0x00450180; ClassName:
x=0, y=0, width=0, height=0
3:42:40 = hWnd = 0x008b0174; ClassName:
x=0, y=0, width=0, height=0
12:27:29 = Process Attach
12:27:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:27:29 = * NULL == SampleProvider *

12:27:29 = ##### Begin waiting Mutex to release process #####
12:27:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:27:30 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:27:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:27:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:27:33 = Need to re-create objects.
12:27:33 = s1.
12:27:33 = s2.
12:27:36
12:27:36
12:28:13
12:28:13

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:28:14 = end close Process

12:28:14 = DLL_PROCESS_DETACH
1:32:46 = Process Attach
1:32:46 = end process attach
1:32:46 = ##### Begin waiting Mutex to release process #####
1:32:46 = hWnd = 0x00360c2a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:32:46 = hWnd = 0x00020406; ClassName:
ow.
x=0, y=0, width=1, height=1
1:32:46 = hWnd = 0x0002054a; ClassName:
x=0, y=0, width=0, height=0
1:32:46 = hWnd = 0x0002040c; ClassName:
x=0, y=0, width=0, height=0
1:33:29 = Process Attach
1:33:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:29 = * NULL == SampleProvider *

1:33:29 = begin close Process
1:33:29 = end close Process
1:33:29 = ##### Get event and release process end #####
1:33:30 = hWnd = 0x00b900cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:33:30 = hWnd = 0x00db0068; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:30 = hWnd = 0x008501e6; ClassName:
x=0, y=0, width=0, height=0
1:33:30 = hWnd = 0x005a002c; ClassName:
x=0, y=0, width=0, height=0
9:24:39 = Process Attach
9:24:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:39 = * NULL == SampleProvider *

9:24:39 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:24:40 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:24:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:24:42 = Need to re-create objects.
9:24:42 = s1.
9:24:42 = s2.
9:24:46 = Start show animate
9:24:46 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:23
9:25:23
9:25:24
9:25:24

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

9:47:20 = Process Attach

9:47:20 = end process attach
9:47:20 = ***** NULL == SampleProvider *****
9:47:20 = ##### Begin waiting Mutex to release process #####
9:47:20 = hWnd = 0x000403f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:47:20 = hWnd = 0x000503e8; ClassName:
ow.
x=0, y=0, width=1, height=1
9:47:20 = hWnd = 0x0003014a; ClassName:
x=0, y=0, width=0, height=0
9:47:20 = hWnd = 0x000403f4; ClassName:
x=0, y=0, width=0, height=0
9:47:24 = Process Attach
9:47:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:47:24 = * NULL == SampleProvider *

9:47:24 = begin close Process
9:47:24 = end close Process
9:47:24 = ##### Get event and release process end #####
9:47:24 = hWnd = 0x0003003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:47:24 = hWnd = 0x00090034; ClassName:
ow.
x=0, y=0, width=1, height=1
9:47:24 = hWnd = 0x000f0138; ClassName:
x=0, y=0, width=0, height=0
9:47:24 = hWnd = 0x00070054; ClassName:
x=0, y=0, width=0, height=0
10:6:16 = Process Attach
10:6:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:16 = * NULL == SampleProvider *

10:6:16 = ##### Begin waiting Mutex to release process #####
10:6:17 =
ow.
x=0, y=0,
10:6:17 =
x=0, y=0,
10:6:17 =
x=0, y=0,
10:6:20 =

10:6:20 = s1.
10:6:20 = s2.

10:6:23 = Start show animate

10:6:23 = Shell Excutute VerifyHost
10:6:59 = begin close Process
10:6:59 = Terminate Process
10:7:0 = end close Process
10:7:0 = DLL_PROCESS_DETACH
10:55:33 = Process Attach
10:55:33 = end process attach
10:55:33 = ***** NULL == SampleProvider *****
10:55:33 = ##### Begin waiting Mutex to release process #####
10:55:33 = hWnd = 0x000404c8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:55:33 = hWnd = 0x000404a6; ClassName:
dow.
x=0, y=0, width=1, height=1
10:55:33 = hWnd = 0x000304be; ClassName:
x=0, y=0, width=0, height=0
10:55:33 = hWnd = 0x000404ca; ClassName:
x=0, y=0, width=0, height=0
10:55:37 = Process Attach
10:55:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:55:37 = * NULL == SampleProvider *

10:55:37 = ##### Get event and release process #####
10:55:37 = begin close Process
10:55:37 = end close Process
10:55:37 = ##### Get event and release process end #####
10:55:37 = hWnd = 0x00070036; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:55:37 = hWnd = 0x0013003a; ClassName:
dow.
x=0, y=0, width=1, height=1
10:55:37 = hWnd = 0x0004002e; ClassName:
x=0, y=0, width=0, height=0
10:55:37 = hWnd = 0x000501a2; ClassName:
x=0, y=0, width=0, height=0
12:10:6 = Process Attach
12:10:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:10:6 = * NULL == SampleProvider *

12:10:6 = ##### Begin waiting Mutex to release process #####
12:10:6 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:10:7 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
12:10:7 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

12:10:7 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:10:10 = Need to re-create objects.
12:10:10 = s1.
12:10:10 = s2.
12:10:13
12:10:13
12:10:50
12:10:50
12:10:51
12:10:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:49:58 = Process Attach

13:49:59 = end process attach
13:49:59 = ***** NULL == SampleProvider *****
13:49:59 = ##### Begin waiting Mutex to release process #####
13:49:59 = hWnd = 0x000504de; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:49:59 = hWnd = 0x00190b26; ClassName:
dow.
x=0, y=0, width=1, height=1
13:49:59 = hWnd = 0x00030480; ClassName:
x=0, y=0, width=0, height=0
13:49:59 = hWnd = 0x0005013a; ClassName:
x=0, y=0, width=0, height=0
13:49:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:49:59 = s1.
13:49:59 = s2.
13:49:59 = Start show animate
13:49:59 = Shell Excutute VerifyHost
15:50:3 = begin close Process
15:50:3 = Terminate Process
15:50:4 = end close Process
15:50:4 = DLL_PROCESS_DETACH
5:33:17 = Process Attach
5:33:17 = end process attach
5:33:17 = ***** NULL == SampleProvider *****
5:33:17 = ##### Begin waiting Mutex to release process #####
5:33:17 = hWnd = 0x00150bbe; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:33:17 = hWnd = 0x00180bc2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
5:33:17 = hWnd = 0x000409e0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

5:33:17 = hWnd = 0x000d0bc0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
5:34:4 = Process Attach
5:34:4 = ## ERR ## Setevent
5:34:4 = ##### Get event and release process #####
5:34:4 = begin close Process
5:34:4 = end close Process
5:34:4 = ##### Get event and release process end #####
5:34:4 = ***** NULL == SampleProvider *****
5:34:5 = hWnd = 0x00c9004a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
5:34:5 = hWnd = 0x00db002a; ClassName:
w.
x=0, y=0, width=1, height=1
5:34:5 = hWnd = 0x000401da; ClassName:
x=0, y=0, width=0, height=0
5:34:5 = hWnd = 0x00e901fa; ClassName:
x=0, y=0, width=0, height=0
11:38:31 = Process Attach
11:38:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:38:31 = * NULL == SampleProvider *

11:38:31 = ##### Begin waiting Mutex to release process #####
11:38:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:38:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:38:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:38:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:38:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:38:35 = s1.
11:38:35 = s2.
11:38:38
11:38:38
11:39:15
11:39:15
11:39:16
11:39:16

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:17:17 = Process Attach

2:17:17 = end process attach
2:17:17 = ***** NULL == SampleProvider *****
2:17:17 = hWnd = 0x00140480; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
2:17:17 = hWnd = 0x000f073a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:17:17 = hWnd = 0x001a0914; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:17:17 = hWnd = 0x002405b6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:17:45 = Process Attach
2:17:45 = ## ERR ## Setevent
2:17:45 = ##### Get event and release process #####
2:17:45 = begin close Process
2:17:45 = end close Process
2:17:45 = ##### Get event and release process end #####
2:17:45 = ***** NULL == SampleProvider *****
2:17:45 = hWnd = 0x00f401d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:17:45 = hWnd = 0x0090013e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:17:45 = hWnd = 0x00870172; ClassName:
x=0, y=0, width=0, height=0
2:17:45 = hWnd = 0x014d01d2; ClassName:
x=0, y=0, width=0, height=0
13:25:11 = Process Attach
13:25:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:25:11 = * NULL == SampleProvider *

13:25:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:25:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:25:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:25:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:25:16 = Need to re-create objects.
13:25:16 = s1.
13:25:16 = s2.
13:25:20
13:25:20
13:25:57
13:25:57
13:25:58
13:25:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:31:3 = Process Attach

1:31:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:31:3 = ##### Begin waiting Mutex to release process #####

1:31:3 = hWnd = 0x00090674; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:31:3 = hWnd = 0x000f058c; ClassName:
w.
x=0, y=0, width=1, height=1
1:31:3 = hWnd = 0x000d05a6; ClassName:
x=0, y=0, width=0, height=0
1:31:3 = hWnd = 0x00180376; ClassName:
x=0, y=0, width=0, height=0
1:31:26 = Process Attach
1:31:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:31:26 = ##### Get event and release process #####

1:31:26 = ***** NULL == SampleProvider *****
1:31:26 = end close Process
1:31:26 = ##### Get event and release process end #####
1:31:26 = hWnd = 0x00e501fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:31:26 = hWnd = 0x009c0098; ClassName:
ow.
x=0, y=0, width=1, height=1
1:31:26 = hWnd = 0x000401ec; ClassName:
x=0, y=0, width=0, height=0
1:31:26 = hWnd = 0x0125005e; ClassName:
x=0, y=0, width=0, height=0
14:41:6 = Process Attach
14:41:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:41:6 = * NULL == SampleProvider *

14:41:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:41:7 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:41:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:41:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:41:10 = Need to re-create objects.
14:41:10 = s1.
14:41:10 = s2.
14:41:13
14:41:13
14:41:50
14:41:50
14:41:51
14:41:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:52 = Process Attach

2:18:53 = end process attach
2:18:53 = ##### Begin waiting Mutex to release process #####
2:18:53 = ***** NULL == SampleProvider *****
2:18:53 = hWnd = 0x00020496; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:18:53 = hWnd = 0x0003048c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:18:53 = hWnd = 0x0002049e; ClassName:
x=0, y=0, width=0, height=0
2:18:53 = hWnd = 0x0002048e; ClassName:
x=0, y=0, width=0, height=0
2:18:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:53 = s1.
2:18:53 = s2.
2:18:56
2:18:56
2:23:20
2:23:20
2:23:21
2:23:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:39:55 = Process Attach

2:39:55 = end process attach
2:39:55 = ***** NULL == SampleProvider *****
2:39:55 = ##### Begin waiting Mutex to release process #####
2:39:55 = hWnd = 0x0006048e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:39:55 = hWnd = 0x003c03c0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:39:55 = hWnd = 0x01aa04ea; ClassName:
x=0, y=0, width=0, height=0
2:39:55 = hWnd = 0x000d011a; ClassName:
x=0, y=0, width=0, height=0
2:39:55 = Need to re-create objects.
2:39:55 = s1.
2:39:55 = s2.
2:39:55
2:39:55
2:41:45
2:41:45
2:41:46
2:41:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:53:38 = Process Attach

2:53:38 = end process attach
2:53:38 = ***** NULL == SampleProvider *****
2:53:38 = hWnd = 0x00120a0c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:53:38 = hWnd = 0x00100666; ClassName:
ow.
x=0, y=0, width=1, height=1
2:53:38 = hWnd = 0x000f0582; ClassName:
x=0, y=0, width=0, height=0
2:53:38 = hWnd = 0x00080638; ClassName:
x=0, y=0, width=0, height=0
2:54:3 = Process Attach
2:54:3 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:54:3 = ##### Get event and release process #####

2:54:3 = ***** NULL == SampleProvider *****
2:54:3 = end close Process
2:54:3 = ##### Get event and release process end #####
2:54:3 = hWnd = 0x002f0048; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:54:3 = hWnd = 0x00f4005a; ClassName:
w.
x=0, y=0, width=1, height=1
2:54:3 = hWnd = 0x00a601fc; ClassName:
x=0, y=0, width=0, height=0
2:54:3 = hWnd = 0x00b90054; ClassName:
x=0, y=0, width=0, height=0
14:11:8 = Process Attach
14:11:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:11:8 = * NULL == SampleProvider *

14:11:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:11:9 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:11:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:11:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:11:11 = Need to re-create objects.
14:11:12 = s1.
14:11:12 = s2.
14:11:15 = Start show animate
14:11:15 = Shell Excutute VerifyHost
14:11:52 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:11:52 = Terminate Process

14:11:53 = end close Process
14:11:53 = DLL_PROCESS_DETACH
18:47:4 = Process Attach
18:47:4 = end process attach
18:47:4 = ***** NULL == SampleProvider *****
18:47:4 = ##### Begin waiting Mutex to release process #####
18:47:4 = hWnd = 0x000804d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:47:4 = hWnd = 0x000b05ec; ClassName:
ow.
x=0, y=0, width=1, height=1
18:47:4 = hWnd = 0x0005055c; ClassName:
x=0, y=0, width=0, height=0
18:47:4 = hWnd = 0x000804aa; ClassName:
x=0, y=0, width=0, height=0
18:47:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:47:6 = s1.
18:47:6 = s2.
18:47:8 = Start show animate
18:47:8 = Shell Excutute VerifyHost
18:47:58 = begin close Process
18:47:58 = Terminate Process
18:47:59 = end close Process
18:47:59 = DLL_PROCESS_DETACH
3:4:10 = Process Attach
3:4:10 = end process attach
3:4:10 = ***** NULL == SampleProvider *****
3:4:10 = hWnd = 0x00020c30; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:4:10 = hWnd = 0x00020844; ClassName:
w.
x=0, y=0, width=1, height=1
3:4:10 = hWnd = 0x00020850; ClassName:
x=0, y=0, width=0, height=0
3:4:10 = hWnd = 0x00020c2e; ClassName:
x=0, y=0, width=0, height=0
3:4:55 = Process Attach
3:4:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:4:55 = * NULL == SampleProvider *

3:4:55 = begin close Process
3:4:55 = end close Process
3:4:55 = ##### Get event and release process end #####
3:4:55 = hWnd = 0x009e01c6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

3:4:55 = hWnd = 0x007c01f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:4:55 = hWnd = 0x003e01f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:4:55 = hWnd = 0x010801e0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:31:47 = Process Attach
11:31:47 = end process attach
11:31:47 = ***** NULL == SampleProvider *****
11:31:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:31:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:31:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:31:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:31:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:31:51 = s1.
11:31:51 = s2.
11:31:55
11:31:55
11:32:31
11:32:31
11:32:32
11:32:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:2:22 = Process Attach

2:2:22 = end process attach
2:2:22 = ##### Begin waiting Mutex to release process #####
2:2:22 = ***** NULL == SampleProvider *****
2:2:22 = hWnd = 0x002c04f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:2:22 = hWnd = 0x00260d9a; ClassName:
w.
x=0, y=0, width=1, height=1
2:2:22 = hWnd = 0x001c0d80; ClassName:
x=0, y=0, width=0, height=0
2:2:22 = hWnd = 0x002308ae; ClassName:
x=0, y=0, width=0, height=0
2:2:22 = Need to re-create objects.
2:2:22 = s1.
2:2:22 = s2.
2:2:22 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:2:22 = Shell Excutute VerifyHost

2:5:7 = begin close Process
2:5:7 = Terminate Process
2:5:8 = end close Process
2:5:8 = DLL_PROCESS_DETACH
2:21:4 = Process Attach
2:21:4 = end process attach
2:21:4 = ***** NULL == SampleProvider *****
2:21:4 = hWnd = 0x000805ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:21:4 = hWnd = 0x000705f0; ClassName:
w.
x=0, y=0, width=1, height=1
2:21:4 = hWnd = 0x000f0578; ClassName:
x=0, y=0, width=0, height=0
2:21:4 = hWnd = 0x0028071e; ClassName:
x=0, y=0, width=0, height=0
2:21:31 = Process Attach
2:21:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:21:31 = * NULL == SampleProvider *

2:21:31 = begin close Process
2:21:31 = end close Process
2:21:31 = ##### Get event and release process end #####
2:21:31 = hWnd = 0x01a60054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:21:31 = hWnd = 0x00bc018c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:21:31 = hWnd = 0x0091004e; ClassName:
x=0, y=0, width=0, height=0
2:21:31 = hWnd = 0x00ae0092; ClassName:
x=0, y=0, width=0, height=0
9:35:51 = Process Attach
9:35:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:51 = * NULL == SampleProvider *

9:35:51 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:35:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:35:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:35:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:35:52 = Need to re-create objects.
9:35:52 = s1.
9:35:52 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:52
9:35:52
9:36:24
9:36:24
9:36:25
9:36:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:10:45 = Process Attach

3:10:45 = end process attach
3:10:45 = ***** NULL == SampleProvider *****
3:10:45 = ##### Begin waiting Mutex to release process #####
3:10:45 =
ow.
x=0, y=0,
3:10:45 =
x=0, y=0,
3:10:45 =
x=0, y=0,
3:11:23 =
3:11:23 =

hWnd = 0x00110aea; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0008050e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00130cee; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:11:23 = ##### Get event and release process #####

3:11:23 = begin close Process
3:11:23 = end close Process
3:11:23 = ##### Get event and release process end #####
3:11:23 = hWnd = 0x01a00036; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:11:23 = hWnd = 0x00db0038; ClassName:
ow.
x=0, y=0, width=1, height=1
3:11:23 = hWnd = 0x008e005a; ClassName:
x=0, y=0, width=0, height=0
3:11:23 = hWnd = 0x015501e6; ClassName:
x=0, y=0, width=0, height=0
12:26:4 = Process Attach
12:26:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:26:4 = * NULL == SampleProvider *

12:26:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:26:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:26:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:26:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:26:11 = Need to re-create objects.
12:26:11 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:26:11 = s2.
12:26:15
12:26:15
12:26:52
12:26:52
12:26:53
12:26:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:14:53 = Process Attach

2:14:53 = end process attach
2:14:53 = ***** NULL == SampleProvider *****
2:14:53 = ##### Begin waiting Mutex to release process #####
2:14:53 = hWnd = 0x00140642; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:14:53 = hWnd = 0x003704fa; ClassName:
ow.
x=0, y=0, width=1, height=1
2:14:53 = hWnd = 0x002b05f8; ClassName:
x=0, y=0, width=0, height=0
2:14:53 = hWnd = 0x00100c5a; ClassName:
x=0, y=0, width=0, height=0
2:15:27 = Process Attach
2:15:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:15:27 = ##### Get event and release process #####

2:15:27 = begin close Process
2:15:27 = end close Process
2:15:27 = ##### Get event and release process end #####
2:15:27 = hWnd = 0x011801ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:15:27 = hWnd = 0x02460064; ClassName:
ow.
x=0, y=0, width=1, height=1
2:15:27 = hWnd = 0x01c7008e; ClassName:
x=0, y=0, width=0, height=0
2:15:27 = hWnd = 0x015a01ca; ClassName:
x=0, y=0, width=0, height=0
12:54:7 = Process Attach
12:54:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:54:7 = * NULL == SampleProvider *

12:54:7 = ##### Begin waiting Mutex to release process #####
12:54:7 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:54:8 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
12:54:9 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

12:54:9 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
12:54:13 = Need to re-create objects.
12:54:14 = s1.
12:54:14 = s2.
12:54:17
12:54:17
12:54:53
12:54:53
12:54:54
12:54:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:42:45 = Process Attach

2:42:45 = end process attach
2:42:45 = ***** NULL == SampleProvider *****
2:42:45 = hWnd = 0x00670452; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:42:45 = hWnd = 0x0029065e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:42:45 = hWnd = 0x002206d8; ClassName:
x=0, y=0, width=0, height=0
2:42:45 = hWnd = 0x011606d6; ClassName:
x=0, y=0, width=0, height=0
2:43:26 = Process Attach
2:43:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:43:26 = ##### Get event and release process #####

2:43:26 = begin close Process
2:43:26 = end close Process
2:43:26 = ##### Get event and release process end #####
2:43:26 = hWnd = 0x01860054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:43:26 = hWnd = 0x013b0196; ClassName:
ow.
x=0, y=0, width=1, height=1
2:43:26 = hWnd = 0x00460154; ClassName:
x=0, y=0, width=0, height=0
2:43:26 = hWnd = 0x00e40194; ClassName:
x=0, y=0, width=0, height=0
12:7:50 = Process Attach
12:7:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:7:50 = * NULL == SampleProvider *

12:7:50 = ##### Begin waiting Mutex to release process #####
12:7:50 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:7:51 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
12:7:51 =
x=0, y=0,
12:7:51 =
x=0, y=0,
12:7:54 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

12:7:54 = s1.
12:7:54 = s2.
12:7:57
12:7:57
12:8:37
12:8:37
12:8:38
12:8:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:10:43 = Process Attach

0:10:43 = end process attach
0:10:43 = ***** NULL == SampleProvider *****
0:10:43 = ##### Begin waiting Mutex to release process #####
0:10:43 = hWnd = 0x000204e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:10:43 = hWnd = 0x000304ce; ClassName:
ow.
x=0, y=0, width=1, height=1
0:10:43 = hWnd = 0x000204d8; ClassName:
x=0, y=0, width=0, height=0
0:10:43 = hWnd = 0x000304d0; ClassName:
x=0, y=0, width=0, height=0
0:11:24 = Process Attach
0:11:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:11:24 = ##### Get event and release process #####

0:11:24 = ***** NULL == SampleProvider *****
0:11:24 = end close Process
0:11:24 = ##### Get event and release process end #####
0:11:24 = hWnd = 0x00be0090; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:11:24 = hWnd = 0x016300fe; ClassName:
ow.
x=0, y=0, width=1, height=1
0:11:24 = hWnd = 0x00100068; ClassName:
x=0, y=0, width=0, height=0
0:11:24 = hWnd = 0x005d00a8; ClassName:
x=0, y=0, width=0, height=0
1:38:13 = Process Attach
1:38:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:38:13 = * NULL == SampleProvider *

1:38:14 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:38:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:38:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:38:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:38:17 = s1.
1:38:17 = s2.
1:38:21 = Start show animate
1:38:21 = Shell Excutute VerifyHost
1:39:0 = begin close Process
1:39:0 = Terminate Process
1:39:1 = end close Process
1:39:1 = DLL_PROCESS_DETACH
4:3:13 = Process Attach
4:3:13 = end process attach
4:3:13 = ##### Begin waiting Mutex to release process #####
4:3:13 = hWnd = 0x000203d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:3:13 = hWnd = 0x00020414; ClassName:
w.
x=0, y=0, width=1, height=1
4:3:13 = hWnd = 0x00020416; ClassName:
x=0, y=0, width=0, height=0
4:3:13 = hWnd = 0x00020418; ClassName:
x=0, y=0, width=0, height=0
4:3:21 = Process Attach
4:3:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:3:21 = ##### Get event and release process #####

4:3:21 = ***** NULL == SampleProvider *****
4:3:21 = end close Process
4:3:21 = ##### Get event and release process end #####
4:3:21 = hWnd = 0x00200188; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:3:21 = hWnd = 0x00200064; ClassName:
w.
x=0, y=0, width=1, height=1
4:3:21 = hWnd = 0x000501ba; ClassName:
x=0, y=0, width=0, height=0
4:3:21 = hWnd = 0x002c0194; ClassName:
x=0, y=0, width=0, height=0
13:26:11 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:26:11 = end process attach

13:26:11 = ***** NULL == SampleProvider *****
13:26:11 = ##### Begin waiting Mutex to release process #####
13:26:12 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:26:13 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:26:13 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:26:16 = Need to re-create objects.
13:26:16 = s1.
13:26:16 = s2.
13:26:19
13:26:19
13:26:58
13:26:58
13:26:59
13:26:59

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:45:58 = ##### Get event and release process #####

15:45:58 = begin close Process
15:45:58 = end close Process
15:45:58 = ##### Get event and release process end #####
15:45:58 = hWnd = 0x005e015e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

15:45:58 = hWnd = 0x008f005c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:45:58 = hWnd = 0x00050036; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:45:58 = hWnd = 0x005f017e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:17:26 = Process Attach
19:17:26 = end process attach
19:17:26 = ***** NULL == SampleProvider *****
19:17:26 = ##### Begin waiting Mutex to release process #####
19:17:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:17:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:17:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:17:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:17:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:17:33 = s1.
19:17:33 = s2.
19:17:36
19:17:36
19:18:13
19:18:13
19:18:14
19:18:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:40:13 = Process Attach

2:40:13 = end process attach
2:40:13 = ##### Begin waiting Mutex to release process #####
2:40:13 = ***** NULL == SampleProvider *****
2:40:13 = hWnd = 0x001204ec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:40:13 = hWnd = 0x000f04ce; ClassName:
ow.
x=0, y=0, width=1, height=1
2:40:13 = hWnd = 0x00070426; ClassName:
x=0, y=0, width=0, height=0
2:40:13 = hWnd = 0x000b04ee; ClassName:
x=0, y=0, width=0, height=0
2:40:33 = Process Attach
2:40:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:40:33 = * NULL == SampleProvider *

2:40:33 = begin close Process

2:40:33 = end close Process

2:40:33 = ##### Get event and release process end #####
2:40:33 = hWnd = 0x00cd0050; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:40:33 = hWnd = 0x009d0036; ClassName:
ow.
x=0, y=0, width=1, height=1
2:40:33 = hWnd = 0x00050064; ClassName:
x=0, y=0, width=0, height=0
2:40:33 = hWnd = 0x008c004e; ClassName:
x=0, y=0, width=0, height=0
12:28:5 = Process Attach
12:28:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:28:5 = * NULL == SampleProvider *

12:28:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:28:5 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:28:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:28:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:28:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:28:8 = s1.
12:28:8 = s2.
12:28:12
12:28:12
12:28:48
12:28:48
12:28:49
12:28:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:17:55 = Process Attach

3:17:55 = end process attach
3:17:55 = ***** NULL == SampleProvider *****
3:17:55 = hWnd = 0x00080434; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:17:55 = hWnd = 0x00040c5e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:17:55 = hWnd = 0x005e0926; ClassName:
x=0, y=0, width=0, height=0
3:17:55 = hWnd = 0x00040c94; ClassName:
x=0, y=0, width=0, height=0
3:18:35 = Process Attach
3:18:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:18:35 = ##### Get event and release process #####

3:18:35 = begin close Process

3:18:35 = end close Process
3:18:35 = ##### Get event and release process end #####
3:18:35 = hWnd = 0x00bb01a4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:18:35 = hWnd = 0x01f30062; ClassName:
ow.
x=0, y=0, width=1, height=1
3:18:35 = hWnd = 0x012a005e; ClassName:
x=0, y=0, width=0, height=0
3:18:35 = hWnd = 0x00ea01d8; ClassName:
x=0, y=0, width=0, height=0
9:30:35 = Process Attach
9:30:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:30:35 = * NULL == SampleProvider *

9:30:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:30:36 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:30:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:30:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:30:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:30:39 = s1.
9:30:39 = s2.
9:30:41
9:30:41
9:31:18
9:31:18
9:31:19
9:31:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:35:41 = Process Attach

4:35:41 = end process attach
4:35:41 = ***** NULL == SampleProvider *****
4:35:41 = ##### Begin waiting Mutex to release process #####
4:35:41 = hWnd = 0x000e08f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:35:41 = hWnd = 0x0018049a; ClassName:
ow.
x=0, y=0, width=1, height=1
4:35:41 = hWnd = 0x00120792; ClassName:
x=0, y=0, width=0, height=0
4:35:41 = hWnd = 0x0028055c; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:36:7 = Process Attach

4:36:7 = ## ERR ## Setevent
4:36:7 = ##### Get event and release process #####
4:36:7 = begin close Process
4:36:7 = end close Process
4:36:7 = ##### Get event and release process end #####
4:36:7 = hWnd = 0x016d00de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:36:7 = hWnd = 0x013301cc; ClassName:
w.
x=0, y=0, width=1, height=1
4:36:7 = hWnd = 0x0088005c; ClassName:
x=0, y=0, width=0, height=0
4:36:7 = hWnd = 0x02a20050; ClassName:
x=0, y=0, width=0, height=0
13:11:11 = Process Attach
13:11:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:11:11 = * NULL == SampleProvider *

13:11:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:11:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:11:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:11:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:11:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:11:15 = s1.
13:11:15 = s2.
13:11:18
13:11:18
13:11:56
13:11:56
13:11:57
13:11:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:45:59 = Process Attach

1:45:59 = end process attach
1:45:59 = ***** NULL == SampleProvider *****
1:45:59 = ##### Begin waiting Mutex to release process #####
1:45:59 = hWnd = 0x00280522; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:45:59 = hWnd = 0x002306fa; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:45:59 =
x=0, y=0,
1:45:59 =
x=0, y=0,
1:46:20 =
1:46:20 =

hWnd = 0x001709ae; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x001f0756; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:46:20 = ##### Get event and release process #####

1:46:20 = ***** NULL == SampleProvider *****
1:46:20 = end close Process
1:46:20 = ##### Get event and release process end #####
1:46:20 = hWnd = 0x00b5002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:46:20 = hWnd = 0x01290060; ClassName:
ow.
x=0, y=0, width=1, height=1
1:46:20 = hWnd = 0x006c0068; ClassName:
x=0, y=0, width=0, height=0
1:46:20 = hWnd = 0x015c0062; ClassName:
x=0, y=0, width=0, height=0
12:22:3 = Process Attach
12:22:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:22:3 = * NULL == SampleProvider *

12:22:3 = ##### Begin waiting Mutex to release process #####
12:22:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:22:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:22:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:22:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:22:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:22:7 = s1.
12:22:7 = s2.
12:22:9 = Start show animate
12:22:9 = Shell Excutute VerifyHost
12:22:47 = begin close Process
12:22:47 = Terminate Process
12:22:48 = end close Process
12:22:48 = DLL_PROCESS_DETACH
2:8:6 = Process Attach
2:8:6 = end process attach
2:8:6 = ***** NULL == SampleProvider *****
2:8:6 = ##### Begin waiting Mutex to release process #####

2:8:6 = hWnd = 0x000a120a; ClassName:

nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:8:6 = hWnd = 0x00120a40; ClassName:
.
x=0, y=0, width=1, height=1
2:8:6 = hWnd = 0x000e04a0; ClassName:
x=0, y=0, width=0, height=0
2:8:6 = hWnd = 0x00490850; ClassName:
x=0, y=0, width=0, height=0
2:8:35 = Process Attach
2:8:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:8:35 = ##### Get event and release process #####

2:8:35 = begin close Process
2:8:35 = end close Process
2:8:35 = ##### Get event and release process end #####
2:8:35 = hWnd = 0x021e00e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:8:35 = hWnd = 0x01020152; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:35 = hWnd = 0x00060052; ClassName:
x=0, y=0, width=0, height=0
2:8:35 = hWnd = 0x007d0054; ClassName:
x=0, y=0, width=0, height=0
12:5:8 = Process Attach
12:5:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:8 = * NULL == SampleProvider *

12:5:8 = ##### Begin waiting Mutex to release process #####
12:5:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:5:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
12:5:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:5:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:5:14 = Need to re-create objects.
12:5:15 = s1.
12:5:15 = s2.
12:5:18
12:5:18
12:5:54
12:5:54
12:5:55
12:5:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:9:21 = Process Attach

2:9:21 = end process attach
2:9:21 = ***** NULL == SampleProvider *****
2:9:21 = ##### Begin waiting Mutex to release process #####
2:9:21 = hWnd = 0x003d067c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:9:21 = hWnd = 0x000c08dc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:9:21 = hWnd = 0x001f0432; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:9:39 = Process Attach
2:9:39 = ## ERR ## Setevent
2:9:39 = ##### Get event and release process #####
2:9:39 = begin close Process
2:9:39 = end close Process
2:9:39 = ##### Get event and release process end #####
2:9:39 = hWnd = 0x011b01fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:9:39 = hWnd = 0x0062007c; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:39 = hWnd = 0x0049007a; ClassName:
x=0, y=0, width=0, height=0
2:9:39 = hWnd = 0x012e01f6; ClassName:
x=0, y=0, width=0, height=0
7:21:49 = Process Attach
7:21:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:21:49 = * NULL == SampleProvider *

7:21:49 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:21:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:21:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:21:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:21:52 = Need to re-create objects.
7:21:52 = s1.
7:21:52 = s2.
7:21:54
7:21:54
7:22:31
7:22:31
7:22:32
7:22:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:57:7 = Process Attach

9:57:7 = end process attach
9:57:7 = ***** NULL == SampleProvider *****
9:57:7 = ##### Begin waiting Mutex to release process #####
9:57:7 = hWnd = 0x000704ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:57:7 = hWnd = 0x000604b6; ClassName:
w.
x=0, y=0, width=1, height=1
9:57:7 = hWnd = 0x000604b4; ClassName:
x=0, y=0, width=0, height=0
9:57:7 = hWnd = 0x000504d0; ClassName:
x=0, y=0, width=0, height=0
9:57:17 = Process Attach
9:57:17 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:57:17 = ##### Get event and release process #####

9:57:17 = begin close Process
9:57:17 = end close Process
9:57:17 = ##### Get event and release process end #####
9:57:17 = hWnd = 0x0038013e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:57:17 = hWnd = 0x0038004c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:57:17 = hWnd = 0x000501c4; ClassName:
x=0, y=0, width=0, height=0
9:57:17 = hWnd = 0x0020002e; ClassName:
x=0, y=0, width=0, height=0
11:36:58 = Process Attach
11:36:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:36:58 = * NULL == SampleProvider *

11:36:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:36:59 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:36:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:36:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:37:1 = Need to re-create objects.
11:37:1 = s1.
11:37:1 = s2.
11:37:5 = Start show animate
11:37:5 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:43
11:37:43
11:37:44
11:37:44

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

13:1:47 = Process Attach

13:1:47 = end process attach
13:1:47 = ##### Begin waiting Mutex to release process #####
13:1:47 = ***** NULL == SampleProvider *****
13:1:47 = hWnd = 0x00070706; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:1:47 = hWnd = 0x0005043a; ClassName:
ow.
x=0, y=0, width=1, height=1
13:1:47 = hWnd = 0x000906f2; ClassName:
x=0, y=0, width=0, height=0
13:1:47 = hWnd = 0x0008074e; ClassName:
x=0, y=0, width=0, height=0
13:1:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:1:47 = s1.
13:1:47 = s2.
13:1:48 = Start show animate
13:1:48 = Shell Excutute VerifyHost
13:46:30 = begin close Process
13:46:30 = Terminate Process
13:46:31 = end close Process
13:46:31 = DLL_PROCESS_DETACH
21:7:31 = Process Attach
21:7:31 = end process attach
21:7:31 = ***** NULL == SampleProvider *****
21:7:31 = ##### Begin waiting Mutex to release process #####
21:7:31 = hWnd = 0x00090e90; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:7:31 = hWnd = 0x000c0a62; ClassName:
ow.
x=0, y=0, width=1, height=1
21:7:31 = hWnd = 0x0035089c; ClassName:
x=0, y=0, width=0, height=0
21:7:31 = hWnd = 0x00090e92; ClassName:
x=0, y=0, width=0, height=0
21:7:31 = Need to re-create objects.
21:7:31 = s1.
21:7:31 = s2.
21:7:32 = Start show animate
21:7:32 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:29:4
21:29:4
21:29:5
21:29:5

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

21:29:27 = Process Attach

21:29:27 = end process attach
21:29:27 = ***** NULL == SampleProvider *****
21:29:27 = ##### Begin waiting Mutex to release process #####
21:29:27 = hWnd = 0x00040426; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:29:27 = hWnd = 0x00070422; ClassName:
dow.
x=0, y=0, width=1, height=1
21:29:27 = hWnd = 0x00f00368; ClassName:
x=0, y=0, width=0, height=0
21:29:27 = hWnd = 0x000504a0; ClassName:
x=0, y=0, width=0, height=0
21:30:26 = Process Attach
21:30:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:30:26 = ##### Get event and release process #####

21:30:26 = begin close Process
21:30:26 = end close Process
21:30:26 = ##### Get event and release process end #####
21:30:26 = hWnd = 0x019801fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:30:26 = hWnd = 0x016d0060; ClassName:
dow.
x=0, y=0, width=1, height=1
21:30:26 = hWnd = 0x00040056; ClassName:
x=0, y=0, width=0, height=0
21:30:26 = hWnd = 0x0168003a; ClassName:
x=0, y=0, width=0, height=0
22:22:34 = Process Attach
22:22:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:22:34 = * NULL == SampleProvider *

22:22:34 = ##### Begin waiting Mutex to release process #####
22:22:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:22:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:22:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:22:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:22:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:22:38 = s1.
22:22:38 = s2.
22:22:41
22:22:41
22:23:18
22:23:18
22:23:19
22:23:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:4:23 = Process Attach

2:4:23 = end process attach
2:4:23 = ***** NULL == SampleProvider *****
2:4:23 = hWnd = 0x000304b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:4:23 = hWnd = 0x000204bc; ClassName:
w.
x=0, y=0, width=1, height=1
2:4:23 = hWnd = 0x000204b4; ClassName:
x=0, y=0, width=0, height=0
2:4:23 = hWnd = 0x000304b0; ClassName:
x=0, y=0, width=0, height=0
2:4:36 = Process Attach
2:4:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:4:36 = ##### Get event and release process #####

2:4:36 = begin close Process
2:4:36 = end close Process
2:4:36 = ##### Get event and release process end #####
2:4:36 = hWnd = 0x004e0092; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:4:36 = hWnd = 0x0027004e; ClassName:
w.
x=0, y=0, width=1, height=1
2:4:36 = hWnd = 0x0015005c; ClassName:
x=0, y=0, width=0, height=0
2:4:36 = hWnd = 0x00530060; ClassName:
x=0, y=0, width=0, height=0
11:51:40 = Process Attach
11:51:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:51:40 = * NULL == SampleProvider *

11:51:40 = ##### Begin waiting Mutex to release process #####
11:51:41 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:51:41 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:51:41 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

11:51:41 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
11:51:44 = Need to re-create objects.
11:51:44 = s1.
11:51:44 = s2.
11:51:47
11:51:47
11:52:23
11:52:23
11:52:24
11:52:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:50:16 = Process Attach

1:50:16 = end process attach
1:50:16 = ***** NULL == SampleProvider *****
1:50:16 = ##### Begin waiting Mutex to release process #####
1:50:16 =
ow.
x=0, y=0,
1:50:16 =
x=0, y=0,
1:50:16 =
x=0, y=0,
1:50:48 =
1:50:48 =

hWnd = 0x002008fe; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001a140e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000e042a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:50:48 = ##### Get event and release process #####

1:50:48 = ***** NULL == SampleProvider *****
1:50:48 = end close Process
1:50:48 = ##### Get event and release process end #####
1:50:48 = hWnd = 0x00600054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:50:48 = hWnd = 0x00890088; ClassName:
ow.
x=0, y=0, width=1, height=1
1:50:48 = hWnd = 0x00360058; ClassName:
x=0, y=0, width=0, height=0
1:50:48 = hWnd = 0x00a5009a; ClassName:
x=0, y=0, width=0, height=0
10:6:10 = Process Attach
10:6:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:10 = * NULL == SampleProvider *

10:6:10 = ##### Begin waiting Mutex to release process #####
10:6:10 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:6:11 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
10:6:11 =
x=0, y=0,
10:6:11 =
x=0, y=0,
10:6:14 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

10:6:14 = s1.
10:6:14 = s2.
10:6:17
10:6:17
10:6:54
10:6:54
10:6:55
10:6:55

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:48:54 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:48:54 = end process attach

2:48:54 = ***** NULL == SampleProvider *****
2:48:54 = ##### Begin waiting Mutex to release process #####
2:48:54 = hWnd = 0x00080936; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:48:54 = hWnd = 0x00290d7a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:48:54 = hWnd = 0x001a04b4; ClassName:
x=0, y=0, width=0, height=0
2:48:54 = hWnd = 0x001005dc; ClassName:
x=0, y=0, width=0, height=0
2:49:23 = Process Attach
2:49:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:49:23 = * NULL == SampleProvider *

2:49:23 = begin close Process
2:49:23 = end close Process
2:49:23 = hWnd = 0x00aa0066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:49:23 = hWnd = 0x00e30050; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:35:15 = Process Attach
11:35:15 = end process attach
11:35:15 = ***** NULL == SampleProvider *****
11:35:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:35:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:35:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:35:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:35:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:35:18 = s1.
11:35:18 = s2.
11:35:22 = Start show animate
11:35:22 = Shell Excutute VerifyHost
11:35:59 = begin close Process
11:35:59 = Terminate Process
11:36:0 = end close Process
11:36:0 = DLL_PROCESS_DETACH
3:1:44 = Process Attach
3:1:44 = end process attach
3:1:44 = ***** NULL == SampleProvider *****

3:1:44 = hWnd = 0x00040676; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:1:44 = hWnd = 0x00021438; ClassName:
w.
x=0, y=0, width=1, height=1
3:1:44 = hWnd = 0x0008004c; ClassName:
x=0, y=0, width=0, height=0
3:1:44 = hWnd = 0x00340768; ClassName:
x=0, y=0, width=0, height=0
3:2:42 = Process Attach
3:2:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:2:42 = ##### Get event and release process #####

3:2:42 = ***** NULL == SampleProvider *****
3:2:42 = ##### Get event and release process end #####
3:2:42 = hWnd = 0x00ca01f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:2:42 = hWnd = 0x015e0058; ClassName:
w.
x=0, y=0, width=1, height=1
3:2:42 = hWnd = 0x001d0062; ClassName:
x=0, y=0, width=0, height=0
3:2:42 = hWnd = 0x015101fc; ClassName:
x=0, y=0, width=0, height=0
10:51:38 = Process Attach
10:51:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:38 = * NULL == SampleProvider *

10:51:38 = ##### Begin waiting Mutex to release process #####
10:51:38 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:51:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:51:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:51:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:51:42 = Need to re-create objects.
10:51:42 = s1.
10:51:42 = s2.
10:51:45
10:51:45
10:52:22
10:52:22
10:52:23
10:52:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:29:29 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:29:29 = end process attach

1:29:30 = ***** NULL == SampleProvider *****
1:29:30 = ##### Begin waiting Mutex to release process #####
1:29:30 = hWnd = 0x0044078e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:29:30 = hWnd = 0x0020071c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:29:30 = hWnd = 0x00080460; ClassName:
x=0, y=0, width=0, height=0
1:29:30 = hWnd = 0x003c07b8; ClassName:
x=0, y=0, width=0, height=0
1:30:11 = Process Attach
1:30:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:30:11 = ##### Get event and release process #####

1:30:11 = begin close Process
1:30:11 = end close Process
1:30:11 = ##### Get event and release process end #####
1:30:11 = hWnd = 0x0017007a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:11 = hWnd = 0x009e0066; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:11 = hWnd = 0x01120052; ClassName:
x=0, y=0, width=0, height=0
1:30:11 = hWnd = 0x0059006c; ClassName:
x=0, y=0, width=0, height=0
1:35:3 = Process Attach
1:35:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:3 = * NULL == SampleProvider *

1:35:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:35:4 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
1:35:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:35:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:37:28 = Need to re-create objects.
1:37:28 = s1.
1:37:28 = s2.
1:37:29 = Start show animate
1:37:29 = Shell Excutute VerifyHost
1:38:8 = begin close Process
1:38:8 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:38:9 = end close Process

1:38:9 = DLL_PROCESS_DETACH
3:17:19 = Process Attach
3:17:19 = end process attach
3:17:19 = ***** NULL == SampleProvider *****
3:17:19 = ##### Begin waiting Mutex to release process #####
3:17:19 = hWnd = 0x000204ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:17:19 = hWnd = 0x000205e2; ClassName:
ow.
x=0, y=0, width=1, height=1
3:17:19 = hWnd = 0x000204ac; ClassName:
x=0, y=0, width=0, height=0
3:17:19 = hWnd = 0x00030476; ClassName:
x=0, y=0, width=0, height=0
3:17:27 = Process Attach
3:17:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:17:27 = * NULL == SampleProvider *

3:17:27 = begin close Process
3:17:27 = end close Process
3:17:27 = ##### Get event and release process end #####
3:17:27 = hWnd = 0x00040060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:17:27 = hWnd = 0x0029002e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:17:27 = hWnd = 0x00020068; ClassName:
x=0, y=0, width=0, height=0
3:17:27 = hWnd = 0x00030062; ClassName:
x=0, y=0, width=0, height=0
6:13:41 = Process Attach
6:13:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:13:41 = * NULL == SampleProvider *

6:13:41 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:13:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:13:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:13:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:13:45 = Need to re-create objects.
6:13:45 = s1.
6:13:45 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:13:49
6:13:49
6:14:25
6:14:25
6:14:26
6:14:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:40:53 = Process Attach

6:40:53 = end process attach
6:40:53 = ***** NULL == SampleProvider *****
6:40:53 = ##### Begin waiting Mutex to release process #####
6:40:53 = hWnd = 0x00050456; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:40:53 = hWnd = 0x000d0040; ClassName:
ow.
x=0, y=0, width=1, height=1
6:40:53 = hWnd = 0x0003050a; ClassName:
x=0, y=0, width=0, height=0
6:40:53 = hWnd = 0x00030508; ClassName:
x=0, y=0, width=0, height=0
6:41:2 = Process Attach
6:41:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:41:2 = * NULL == SampleProvider *

6:41:2 = begin close Process
6:41:2 = end close Process
6:41:2 = ##### Get event and release process end #####
6:41:2 = hWnd = 0x000301a0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
6:41:2 = hWnd = 0x00050064; ClassName:
w.
x=0, y=0, width=1, height=1
6:41:2 = hWnd = 0x000301e8; ClassName:
x=0, y=0, width=0, height=0
6:41:2 = hWnd = 0x000501ea; ClassName:
x=0, y=0, width=0, height=0
11:10:44 = Process Attach
11:10:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:10:45 = * NULL == SampleProvider *

11:10:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:10:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:10:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:10:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:10:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:10:48 = s1.
11:10:48 = s2.
11:10:51
11:10:51
11:11:28
11:11:28
11:11:29
11:11:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:19:23 = Process Attach

3:19:23 = end process attach
3:19:23 = ##### Begin waiting Mutex to release process #####
3:19:23 = hWnd = 0x000705f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:19:23 = hWnd = 0x0005065e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:19:23 = hWnd = 0x001a0482; ClassName:
x=0, y=0, width=0, height=0
3:19:23 = hWnd = 0x004006b2; ClassName:
x=0, y=0, width=0, height=0
3:20:8 = Process Attach
3:20:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:20:8 = * NULL == SampleProvider *

3:20:8 = begin close Process
3:20:8 = end close Process
3:20:8 = ##### Get event and release process end #####
3:20:8 = hWnd = 0x006001fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:20:8 = hWnd = 0x019801d6; ClassName:
w.
x=0, y=0, width=1, height=1
3:20:8 = hWnd = 0x012e01d8; ClassName:
x=0, y=0, width=0, height=0
3:20:8 = hWnd = 0x0163009e; ClassName:
x=0, y=0, width=0, height=0
11:18:16 = Process Attach
11:18:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:18:16 = ##### Begin waiting Mutex to release process #####

11:18:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:18:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:18:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:18:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:18:16 = Need to re-create objects.

11:18:16 = s1.
11:18:16 = s2.
11:18:24
11:18:24
11:18:52
11:18:52
11:18:53
11:18:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:46:26 = Process Attach

1:46:26 = end process attach
1:46:26 = ***** NULL == SampleProvider *****
1:46:26 = ##### Begin waiting Mutex to release process #####
1:46:26 = hWnd = 0x0026062a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:46:26 = hWnd = 0x004d0488; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:46:26 = hWnd = 0x001205d8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:47:8 = Process Attach
1:47:8 = ## ERR ## Setevent
1:47:8 = ##### Get event and release process #####
1:47:8 = ***** NULL == SampleProvider *****
1:47:8 = ##### Get event and release process end #####
1:47:8 = hWnd = 0x020901ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:47:8 = hWnd = 0x0081005e; ClassName:
w.
x=0, y=0, width=1, height=1
1:47:8 = hWnd = 0x00e40044; ClassName:
x=0, y=0, width=0, height=0
1:47:8 = hWnd = 0x00d3005c; ClassName:
x=0, y=0, width=0, height=0
11:38:28 = Process Attach
11:38:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:38:28 = * NULL == SampleProvider *

11:38:29 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:38:29 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:38:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:38:29 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

11:38:32 = Need to re-create objects.
11:38:32 = s1.
11:38:32 = s2.
11:38:36
11:38:36
11:39:13
11:39:13
11:39:14
11:39:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:24:6 = Process Attach

2:24:6 = end process attach
2:24:6 = ***** NULL == SampleProvider *****
2:24:6 = hWnd = 0x000705fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:24:6 = hWnd = 0x00050512; ClassName:
w.
x=0, y=0, width=1, height=1
2:24:6 = hWnd = 0x00040448; ClassName:
x=0, y=0, width=0, height=0
2:24:6 = hWnd = 0x00090430; ClassName:
x=0, y=0, width=0, height=0
2:24:40 = Process Attach
2:24:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:24:40 = ##### Get event and release process #####

2:24:40 = begin close Process
2:24:40 = end close Process
2:24:40 = ##### Get event and release process end #####
2:24:40 = hWnd = 0x005301e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:24:40 = hWnd = 0x00fd01f6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:40 = hWnd = 0x0013009a; ClassName:
x=0, y=0, width=0, height=0
2:24:40 = hWnd = 0x00fa004c; ClassName:
x=0, y=0, width=0, height=0
11:38:58 = Process Attach
11:38:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:38:58 = * NULL == SampleProvider *

11:38:58 = ##### Begin waiting Mutex to release process #####
11:38:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:38:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0,
11:39:0 =
x=0, y=0,
11:39:0 =
x=0, y=0,
11:39:4 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

11:39:4 = s1.
11:39:4 = s2.
11:39:8 = Start show animate
11:39:8 = Shell Excutute VerifyHost
11:39:45 = begin close Process
11:39:45 = Terminate Process
11:39:46 = end close Process
11:39:46 = DLL_PROCESS_DETACH
15:56:16 = Process Attach
15:56:16 = end process attach
15:56:16 = ***** NULL == SampleProvider *****
15:56:16 = ##### Begin waiting Mutex to release process #####
15:56:16 = hWnd = 0x000c05f0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:56:16 = hWnd = 0x00070478; ClassName:
dow.
x=0, y=0, width=1, height=1
15:56:16 = hWnd = 0x001105ce; ClassName:
x=0, y=0, width=0, height=0
15:56:16 = hWnd = 0x000404e4; ClassName:
x=0, y=0, width=0, height=0
15:56:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:56:19 = s1.
15:56:19 = s2.
15:56:19
15:56:19
15:59:58
15:59:58
15:59:59
15:59:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:8:37 = Process Attach

16:8:37 = end process attach
16:8:37 = ##### Begin waiting Mutex to release process #####
16:8:37 = hWnd = 0x001d04b8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:8:37 = hWnd = 0x000e0622; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
16:8:37 = hWnd = 0x00090552; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
16:8:37 =
x=0, y=0,
16:8:37 =

width=0, height=0
hWnd = 0x000c04e2; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

16:8:37 = s1.
16:8:37 = s2.
16:8:37 = Start show animate
16:8:37 = Shell Excutute VerifyHost
16:11:16 = begin close Process
16:11:16 = Terminate Process
16:11:17 = end close Process
16:11:17 = DLL_PROCESS_DETACH
16:12:21 = Process Attach
16:12:21 = end process attach
16:12:21 = ***** NULL == SampleProvider *****
16:12:21 = hWnd = 0x0006078a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:12:21 = hWnd = 0x000806aa; ClassName:
dow.
x=0, y=0, width=1, height=1
16:12:21 = hWnd = 0x000605ae; ClassName:
x=0, y=0, width=0, height=0
16:12:21 = hWnd = 0x001d06f6; ClassName:
x=0, y=0, width=0, height=0
16:12:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:12:21 = s1.
16:12:21 = s2.
16:12:21
16:12:21
16:13:35
16:13:35
16:13:36
16:13:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:27:48 = Process Attach

17:27:48 = end process attach
17:27:48 = ***** NULL == SampleProvider *****
17:27:48 = ##### Begin waiting Mutex to release process #####
17:27:48 = hWnd = 0x0011052c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:27:48 = hWnd = 0x00170466; ClassName:
dow.
x=0, y=0, width=1, height=1
17:27:48 = hWnd = 0x000d04a2; ClassName:
x=0, y=0, width=0, height=0
17:27:48 = hWnd = 0x00190576; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

17:27:48 = Need to re-create objects.
17:27:48 = s1.
17:27:48 = s2.
17:27:48
17:27:48
17:56:56
17:56:56
17:56:57
17:56:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:2:29 = Process Attach

18:2:29 = end process attach
18:2:29 = ***** NULL == SampleProvider *****
18:2:29 = ##### Begin waiting Mutex to release process #####
18:2:29 = hWnd = 0x00160488; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:2:29 = hWnd = 0x000a0478; ClassName:
ow.
x=0, y=0, width=1, height=1
18:2:29 = hWnd = 0x000a04e4; ClassName:
x=0, y=0, width=0, height=0
18:2:29 = hWnd = 0x000e0540; ClassName:
x=0, y=0, width=0, height=0
18:2:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:2:29 = s1.
18:2:29 = s2.
18:2:29 = Start show animate
18:2:29 = Shell Excutute VerifyHost
18:4:1 = begin close Process
18:4:1 = Terminate Process
18:4:2 = end close Process
18:4:2 = DLL_PROCESS_DETACH
3:52:39 = Process Attach
3:52:39 = end process attach
3:52:39 = ***** NULL == SampleProvider *****
3:52:39 = ##### Begin waiting Mutex to release process #####
3:52:39 = hWnd = 0x00340820; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:52:39 = hWnd = 0x00170600; ClassName:
ow.
x=0, y=0, width=1, height=1
3:52:39 = hWnd = 0x001e0710; ClassName:
x=0, y=0, width=0, height=0
3:52:39 = hWnd = 0x000409b8; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

3:53:11 = Process Attach
3:53:11 = ## ERR ## Setevent
3:53:11 = ##### Get event and release process #####
3:53:11 = begin close Process
3:53:11 = end close Process
3:53:11 = ##### Get event and release process end #####
3:53:11 = hWnd = 0x014c0050; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:53:11 = hWnd = 0x04960066; ClassName:
ow.
x=0, y=0, width=1, height=1
3:53:11 = hWnd = 0x00a2014a; ClassName:
x=0, y=0, width=0, height=0
3:53:11 = hWnd = 0x0129010e; ClassName:
x=0, y=0, width=0, height=0
11:42:53 = Process Attach
11:42:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:42:53 = * NULL == SampleProvider *

11:42:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:42:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:42:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:42:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:43:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:43:1 = s1.
11:43:1 = s2.
11:43:5 = Start show animate
11:43:5 = Shell Excutute VerifyHost
11:43:41 = begin close Process
11:43:41 = Terminate Process
11:43:42 = end close Process
11:43:42 = DLL_PROCESS_DETACH
1:26:1 = Process Attach
1:26:1 = end process attach
1:26:1 = ***** NULL == SampleProvider *****
1:26:1 = ##### Begin waiting Mutex to release process #####
1:26:1 = hWnd = 0x000403be; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:26:1 = hWnd = 0x000303d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

1:26:1 = hWnd = 0x000403cc; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
1:26:26 = Process Attach
1:26:26 = ## ERR ## Setevent
1:26:26 = ##### Get event and release process #####
1:26:26 = begin close Process
1:26:26 = end close Process
1:26:26 = hWnd = 0x00c201ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:26:26 = hWnd = 0x00f60058; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:26 = hWnd = 0x01290050; ClassName:
x=0, y=0, width=0, height=0
1:26:26 = hWnd = 0x014c0064; ClassName:
x=0, y=0, width=0, height=0
7:55:15 = Process Attach
7:55:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:55:16 = * NULL == SampleProvider *

7:55:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:55:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:55:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:55:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:55:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:55:19 = s1.
7:55:19 = s2.
7:55:22 = Start show animate
7:55:22 = Shell Excutute VerifyHost
7:56:0 = begin close Process
7:56:0 = Terminate Process
7:56:1 = end close Process
7:56:1 = DLL_PROCESS_DETACH
3:15:34 = Process Attach
3:15:34 = end process attach
3:15:34 = ***** NULL == SampleProvider *****
3:15:34 = ##### Begin waiting Mutex to release process #####
3:15:34 = hWnd = 0x001513c8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:15:34 = hWnd = 0x0035075a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

3:15:34 =
x=0, y=0,
3:15:34 =
x=0, y=0,
3:15:55 =
3:15:55 =

hWnd = 0x003404c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x002c04c6; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:15:55 = ##### Get event and release process #####

3:15:55 = begin close Process
3:15:55 = end close Process
3:15:55 = ##### Get event and release process end #####
3:15:55 = hWnd = 0x00f00188; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:15:55 = hWnd = 0x012d005e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:15:55 = hWnd = 0x01340056; ClassName:
x=0, y=0, width=0, height=0
3:15:55 = hWnd = 0x00e200a6; ClassName:
x=0, y=0, width=0, height=0
9:49:36 = Process Attach
9:49:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:49:37 = * NULL == SampleProvider *

9:49:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:49:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:49:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:49:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:49:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:49:39 = s1.
9:49:39 = s2.
9:49:42
9:49:42
9:50:22
9:50:22
9:50:23
9:50:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:22:39 = Process Attach

16:22:39 = end process attach
16:22:39 = ***** NULL == SampleProvider *****
16:22:39 = hWnd = 0x000303ec; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:22:39 = hWnd = 0x000203f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
16:22:39 = hWnd = 0x000203e8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:22:39 = hWnd = 0x000303e4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:23:10 = Process Attach
16:23:10 = ## ERR ## Setevent
16:23:10 = ***** NULL == SampleProvider *****
16:23:10 = begin close Process
16:23:10 = end close Process
16:23:10 = ##### Get event and release process end #####
16:23:10 = hWnd = 0x0088006c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:23:10 = hWnd = 0x0137004e; ClassName:
dow.
x=0, y=0, width=1, height=1
16:23:10 = hWnd = 0x005d0036; ClassName:
x=0, y=0, width=0, height=0
16:23:10 = hWnd = 0x00830196; ClassName:
x=0, y=0, width=0, height=0
19:22:10 = Process Attach
19:22:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:22:10 = * NULL == SampleProvider *

19:22:10 = ##### Begin waiting Mutex to release process #####
19:22:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:22:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:22:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:22:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:22:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:22:14 = s1.
19:22:14 = s2.
19:22:17
19:22:17
19:22:56
19:22:56
19:22:57
19:22:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:33:56 = Process Attach

1:33:56 = end process attach
1:33:56 = ***** NULL == SampleProvider *****

1:33:56 = ##### Begin waiting Mutex to release process #####

1:33:56 = hWnd = 0x000604c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:56 = hWnd = 0x000704f0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:56 = hWnd = 0x000c054a; ClassName:
x=0, y=0, width=0, height=0
1:33:56 = hWnd = 0x00060372; ClassName:
x=0, y=0, width=0, height=0
1:34:12 = Process Attach
1:34:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:12 = ##### Get event and release process #####

1:34:12 = begin close Process
1:34:12 = end close Process
1:34:12 = ##### Get event and release process end #####
1:34:12 = hWnd = 0x011e01fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:12 = hWnd = 0x009d00e2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:12 = hWnd = 0x00580158; ClassName:
x=0, y=0, width=0, height=0
1:34:12 = hWnd = 0x00b20160; ClassName:
x=0, y=0, width=0, height=0
8:13:55 = Process Attach
8:13:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:13:55 = * NULL == SampleProvider *

8:13:55 = ##### Begin waiting Mutex to release process #####
8:13:55 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:13:56 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:13:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:13:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:13:58 = Need to re-create objects.
8:13:59 = s1.
8:13:59 = s2.
8:14:1 = Start show animate
8:14:1 = Shell Excutute VerifyHost
8:14:39 = begin close Process
8:14:39 = Terminate Process
8:14:40 = end close Process
8:14:40 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:18:33 = Process Attach

4:18:33 = end process attach
4:18:33 = ***** NULL == SampleProvider *****
4:18:33 = hWnd = 0x002703d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:18:33 = hWnd = 0x00120552; ClassName:
ow.
x=0, y=0, width=1, height=1
4:18:33 = hWnd = 0x0012083c; ClassName:
x=0, y=0, width=0, height=0
4:18:33 = hWnd = 0x0016085c; ClassName:
x=0, y=0, width=0, height=0
4:18:59 = Process Attach
4:18:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:18:59 = ##### Get event and release process #####

4:18:59 = begin close Process
4:18:59 = end close Process
4:18:59 = ##### Get event and release process end #####
4:18:59 = hWnd = 0x010f01c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:18:59 = hWnd = 0x01a20050; ClassName:
ow.
x=0, y=0, width=1, height=1
4:18:59 = hWnd = 0x023401c8; ClassName:
x=0, y=0, width=0, height=0
4:18:59 = hWnd = 0x011a005a; ClassName:
x=0, y=0, width=0, height=0
12:51:10 = Process Attach
12:51:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:51:10 = * NULL == SampleProvider *

12:51:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:51:10 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:51:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:51:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:51:14 = Need to re-create objects.
12:51:15 = s1.
12:51:15 = s2.
12:51:18
12:51:18
12:51:56
12:51:56

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:51:57 = end close Process

12:51:57 = DLL_PROCESS_DETACH
3:1:10 = Process Attach
3:1:10 = end process attach
3:1:10 = ***** NULL == SampleProvider *****
3:1:10 = hWnd = 0x001a0682; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:1:10 = hWnd = 0x001d04ce; ClassName:
w.
x=0, y=0, width=1, height=1
3:1:10 = hWnd = 0x00050752; ClassName:
x=0, y=0, width=0, height=0
3:1:10 = hWnd = 0x000d03fc; ClassName:
x=0, y=0, width=0, height=0
3:1:35 = Process Attach
3:1:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:1:35 = ##### Get event and release process #####

3:1:35 = begin close Process
3:1:35 = end close Process
3:1:35 = ##### Get event and release process end #####
3:1:35 = hWnd = 0x005501d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:1:35 = hWnd = 0x00c2005a; ClassName:
w.
x=0, y=0, width=1, height=1
3:1:35 = hWnd = 0x00c900ce; ClassName:
x=0, y=0, width=0, height=0
3:1:35 = hWnd = 0x0164004e; ClassName:
x=0, y=0, width=0, height=0
9:2:38 = Process Attach
9:2:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:2:38 = * NULL == SampleProvider *

9:2:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:2:38 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:2:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:2:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:2:43 = Need to re-create objects.
9:2:43 = s1.
9:2:43 = s2.
9:2:45 = Start show animate
9:2:45 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:3:23
9:3:23
9:3:24
9:3:24

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

2:18:36 = Process Attach

2:18:36 = end process attach
2:18:36 = ***** NULL == SampleProvider *****
2:18:36 = ##### Begin waiting Mutex to release process #####
2:18:36 = hWnd = 0x000d058e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:18:36 = hWnd = 0x00120636; ClassName:
ow.
x=0, y=0, width=1, height=1
2:18:36 = hWnd = 0x000d060c; ClassName:
x=0, y=0, width=0, height=0
2:18:36 = hWnd = 0x000e0638; ClassName:
x=0, y=0, width=0, height=0
2:18:50 = Process Attach
2:18:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:50 = ##### Get event and release process #####

2:18:50 = begin close Process
2:18:50 = end close Process
2:18:50 = ##### Get event and release process end #####
2:18:50 = hWnd = 0x006c00e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:18:50 = hWnd = 0x013c0050; ClassName:
ow.
x=0, y=0, width=1, height=1
2:18:50 = hWnd = 0x019b01f8; ClassName:
x=0, y=0, width=0, height=0
2:18:50 = hWnd = 0x00c70192; ClassName:
x=0, y=0, width=0, height=0
10:40:55 = Process Attach
10:40:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:40:55 = * NULL == SampleProvider *

10:40:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:40:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:40:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:40:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:41:0 = Need to re-create objects.
10:41:0 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:0 = s2.
10:41:4 = Start show animate
10:41:4 = Shell Excutute VerifyHost
10:41:41 = begin close Process
10:41:41 = Terminate Process
10:41:42 = end close Process
10:41:42 = DLL_PROCESS_DETACH
2:51:8 = Process Attach
2:51:8 = end process attach
2:51:8 = ##### Begin waiting Mutex to release process #####
2:51:8 = ***** NULL == SampleProvider *****
2:51:8 = hWnd = 0x000e05f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:51:8 = hWnd = 0x00140666; ClassName:
w.
x=0, y=0, width=1, height=1
2:51:8 = hWnd = 0x001903e4; ClassName:
x=0, y=0, width=0, height=0
2:51:8 = hWnd = 0x001303ca; ClassName:
x=0, y=0, width=0, height=0
2:51:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:51:8 = s1.
2:51:8 = s2.
2:51:8
2:51:8
3:1:13
3:1:13
3:1:14
3:1:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:11:33 = Process Attach

3:11:33 = end process attach
3:11:33 = ***** NULL == SampleProvider *****
3:11:33 = ##### Begin waiting Mutex to release process #####
3:11:33 = hWnd = 0x002e067a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:11:33 = hWnd = 0x00180674; ClassName:
ow.
x=0, y=0, width=1, height=1
3:11:33 = hWnd = 0x0026060c; ClassName:
x=0, y=0, width=0, height=0
3:11:33 = hWnd = 0x0014062c; ClassName:
x=0, y=0, width=0, height=0
3:11:33 = Need to re-create objects.
3:11:33 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:11:33 = s2.
3:11:33
3:11:33
3:11:44
3:11:44
3:11:45
3:11:45

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:16:46 = Process Attach

3:16:46 = end process attach
3:16:46 = ***** NULL == SampleProvider *****
3:16:46 = ##### Begin waiting Mutex to release process #####
3:16:46 = hWnd = 0x001904dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:16:46 = hWnd = 0x002805a0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:16:46 = hWnd = 0x00090566; ClassName:
x=0, y=0, width=0, height=0
3:16:46 = hWnd = 0x00250596; ClassName:
x=0, y=0, width=0, height=0
3:17:8 = Process Attach
3:17:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:17:8 = ##### Get event and release process #####

3:17:8 = ***** NULL == SampleProvider *****
3:17:8 = hWnd = 0x019101c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:17:8 = hWnd = 0x00ac00c8; ClassName:
w.
x=0, y=0, width=1, height=1
3:17:8 = hWnd = 0x00050076; ClassName:
x=0, y=0, width=0, height=0
3:17:8 = hWnd = 0x00830078; ClassName:
x=0, y=0, width=0, height=0
12:50:30 = Process Attach
12:50:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:50:30 = * NULL == SampleProvider *

12:50:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:50:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:50:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:50:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:50:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:50:34 = s1.
12:50:34 = s2.
12:50:38
12:50:38
12:51:10
12:51:10
12:51:11
12:51:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:17:34 = Process Attach

3:17:34 = end process attach
3:17:34 = ***** NULL == SampleProvider *****
3:17:34 = ##### Begin waiting Mutex to release process #####
3:17:34 =
ow.
x=0, y=0,
3:17:34 =
x=0, y=0,
3:17:34 =
x=0, y=0,
3:18:38 =
3:18:38 =

hWnd = 0x001f09e8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x004408f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001808ce; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:18:38 = ##### Get event and release process #####

3:18:38 = begin close Process
3:18:38 = end close Process
3:18:38 = ##### Get event and release process end #####
3:18:38 =
ow.
x=0, y=0,
3:18:38 =
x=0, y=0,
3:18:38 =
x=0, y=0,
12:3:52 =
12:3:52 =

hWnd = 0x006c01e4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x010a0038; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0114005c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

12:3:52 = * NULL == SampleProvider *

12:3:52 = ##### Begin waiting Mutex to release process #####
12:3:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:3:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:3:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:3:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:3:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:3:57 = s1.
12:3:57 = s2.
12:4:2 = Start show animate
12:4:2 = Shell Excutute VerifyHost
12:4:39 = begin close Process
12:4:39 = Terminate Process
12:4:40 = end close Process
12:4:40 = DLL_PROCESS_DETACH
1:53:32 = Process Attach
1:53:32 = end process attach
1:53:32 = ***** NULL == SampleProvider *****
1:53:32 = ##### Begin waiting Mutex to release process #####
1:53:32 = hWnd = 0x0022131c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:53:32 = hWnd = 0x001e0bf0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:53:32 = hWnd = 0x001805e4; ClassName:
x=0, y=0, width=0, height=0
1:53:32 = hWnd = 0x00330ac8; ClassName:
x=0, y=0, width=0, height=0
1:53:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:53:32 = s1.
1:53:32 = s2.
1:53:33
1:53:33
1:55:10
1:55:10
1:55:11
1:55:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:8:19 = Process Attach

2:8:19 = end process attach
2:8:19 = ***** NULL == SampleProvider *****
2:8:19 = hWnd = 0x00eb09b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:8:19 = hWnd = 0x00c504e2; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:19 = hWnd = 0x00100546; ClassName:
x=0, y=0, width=0, height=0
2:8:19 = hWnd = 0x012f0bb0; ClassName:
x=0, y=0, width=0, height=0
2:8:39 = Process Attach
2:8:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:8:39 = ##### Get event and release process #####

2:8:39 = * NULL == SampleProvider *

2:8:39 = ##### Get event and release process end #####
2:8:39 = hWnd = 0x00b1009a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:8:39 = hWnd = 0x02620054; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:39 = hWnd = 0x014b019e; ClassName:
x=0, y=0, width=0, height=0
2:8:39 = hWnd = 0x0104003a; ClassName:
x=0, y=0, width=0, height=0
10:45:1 = Process Attach
10:45:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:45:1 = * NULL == SampleProvider *

10:45:1 = ##### Begin waiting Mutex to release process #####
10:45:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:45:1 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:45:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:45:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:45:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:45:5 = s1.
10:45:5 = s2.
10:45:9 = Start show animate
10:45:9 = Shell Excutute VerifyHost
10:45:47 = begin close Process
10:45:47 = Terminate Process
10:45:48 = end close Process
10:45:48 = DLL_PROCESS_DETACH
3:11:45 = Process Attach
3:11:45 = end process attach
3:11:45 = ##### Begin waiting Mutex to release process #####
3:11:45 = hWnd = 0x0057047e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:11:45 = hWnd = 0x002505f0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:11:45 = hWnd = 0x0015068e; ClassName:
x=0, y=0, width=0, height=0
3:11:45 = hWnd = 0x000f0730; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:12:8 = Process Attach

3:12:8 = ## ERR ## Setevent
3:12:8 = ##### Get event and release process #####
3:12:8 = begin close Process
3:12:8 = end close Process
3:12:8 = ##### Get event and release process end #####
3:12:8 = hWnd = 0x010e00a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:12:8 = hWnd = 0x01a40052; ClassName:
w.
x=0, y=0, width=1, height=1
3:12:8 = hWnd = 0x01dc005c; ClassName:
x=0, y=0, width=0, height=0
3:12:8 = hWnd = 0x00960080; ClassName:
x=0, y=0, width=0, height=0
12:7:50 = Process Attach
12:7:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:7:50 = ##### Begin waiting Mutex to release process #####

12:7:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:7:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:7:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:7:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:7:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:7:55 = s1.
12:7:55 = s2.
12:7:58
12:7:58
12:8:35
12:8:35
12:8:36
12:8:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:34:4 = Process Attach

2:34:4 = end process attach
2:34:4 = ***** NULL == SampleProvider *****
2:34:4 = hWnd = 0x001506c2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:34:4 = hWnd = 0x001c06cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:34:4 = hWnd = 0x00250582; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

2:34:4 = hWnd = 0x00360632; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
2:34:33 = Process Attach
2:34:33 = ## ERR ## Setevent
2:34:33 = ##### Get event and release process #####
2:34:33 = begin close Process
2:34:33 = end close Process
2:34:33 = ##### Get event and release process end #####
2:34:33 = hWnd = 0x01790128; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:34:33 = hWnd = 0x00ca004e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:34:33 = hWnd = 0x0066002c; ClassName:
x=0, y=0, width=0, height=0
2:34:33 = hWnd = 0x00b60050; ClassName:
x=0, y=0, width=0, height=0
12:16:22 = Process Attach
12:16:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:16:22 = * NULL == SampleProvider *

12:16:22 = ##### Begin waiting Mutex to release process #####
12:16:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:16:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:16:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:16:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:16:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:16:27 = s1.
12:16:27 = s2.
12:16:31 = Start show animate
12:16:31 = Shell Excutute VerifyHost
12:17:8 = begin close Process
12:17:8 = Terminate Process
12:17:9 = end close Process
12:17:9 = DLL_PROCESS_DETACH
2:14:46 = Process Attach
2:14:46 = end process attach
2:14:46 = ***** NULL == SampleProvider *****
2:14:46 = hWnd = 0x00180322; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:14:46 = hWnd = 0x00030548; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
2:14:46 =
x=0, y=0,
2:14:46 =
x=0, y=0,
2:15:14 =
2:15:14 =

width=1, height=1
hWnd = 0x0003054e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000904de; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:15:14 = ##### Get event and release process #####

2:15:14 = begin close Process
2:15:14 = end close Process
2:15:14 = ##### Get event and release process end #####
2:15:14 = hWnd = 0x0071004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:15:14 = hWnd = 0x00f80062; ClassName:
ow.
x=0, y=0, width=1, height=1
2:15:14 = hWnd = 0x019600a6; ClassName:
x=0, y=0, width=0, height=0
2:15:14 = hWnd = 0x00be0192; ClassName:
x=0, y=0, width=0, height=0
11:44:20 = Process Attach
11:44:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:44:21 = * NULL == SampleProvider *

11:44:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:44:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:44:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:44:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:44:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:44:24 = s1.
11:44:24 = s2.
11:44:27 = Start show animate
11:44:27 = Shell Excutute VerifyHost
11:45:5 = begin close Process
11:45:5 = Terminate Process
11:45:6 = end close Process
11:45:6 = DLL_PROCESS_DETACH
2:24:31 = Process Attach
2:24:31 = end process attach
2:24:31 = ***** NULL == SampleProvider *****
2:24:31 = hWnd = 0x000a046c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
2:24:31 =
ow.
x=0, y=0,
2:24:31 =
x=0, y=0,
2:24:31 =
x=0, y=0,
2:24:58 =
2:24:58 =

width=1366, height=768
hWnd = 0x001f0480; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001b050e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000b04c0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:24:58 = ##### Get event and release process #####

2:24:58 = begin close Process
2:24:58 = end close Process
2:24:58 = ##### Get event and release process end #####
2:24:58 = ***** NULL == SampleProvider *****
2:24:58 = hWnd = 0x0150002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:24:58 = hWnd = 0x012f01c2; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:58 = hWnd = 0x010300a0; ClassName:
x=0, y=0, width=0, height=0
2:24:58 = hWnd = 0x019b0052; ClassName:
x=0, y=0, width=0, height=0
11:27:2 = Process Attach
11:27:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:2 = * NULL == SampleProvider *

11:27:2 = ##### Begin waiting Mutex to release process #####
11:27:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:27:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:27:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:27:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:27:6 = Need to re-create objects.
11:27:6 = s1.
11:27:6 = s2.
11:27:12
11:27:12
11:27:49
11:27:49
11:27:50
11:27:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:22:46 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:22:46 = end process attach

3:22:46 = ***** NULL == SampleProvider *****
3:22:46 = ##### Begin waiting Mutex to release process #####
3:22:46 = hWnd = 0x0014063a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
3:22:46 = hWnd = 0x0023061c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:22:46 = hWnd = 0x000406aa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:23:3 = Process Attach
3:23:3 = ## ERR ## Setevent
3:23:3 = ##### Get event and release process #####
3:23:3 = begin close Process
3:23:3 = end close Process
3:23:3 = ##### Get event and release process end #####
3:23:3 = hWnd = 0x01530060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:23:3 = hWnd = 0x014301ea; ClassName:
w.
x=0, y=0, width=1, height=1
3:23:3 = hWnd = 0x01310058; ClassName:
x=0, y=0, width=0, height=0
3:23:3 = hWnd = 0x00a30062; ClassName:
x=0, y=0, width=0, height=0
8:5:9 = Process Attach
8:5:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:9 = * NULL == SampleProvider *

8:5:9 = ##### Begin waiting Mutex to release process #####
8:5:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:5:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
8:5:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:5:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:5:13 = Need to re-create objects.
8:5:13 = s1.
8:5:13 = s2.
8:5:16
8:5:16
8:5:55
8:5:55
8:5:56

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

8:5:56 = DLL_PROCESS_DETACH
15:48:17 = Process Attach
15:48:17 = end process attach
15:48:17 = ***** NULL == SampleProvider *****
15:48:17 = ##### Begin waiting Mutex to release process #####
15:48:17 = hWnd = 0x000206d4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:48:17 = hWnd = 0x00020658; ClassName:
dow.
x=0, y=0, width=1, height=1
15:48:17 = hWnd = 0x000206d2; ClassName:
x=0, y=0, width=0, height=0
15:48:17 = hWnd = 0x0002065a; ClassName:
x=0, y=0, width=0, height=0
15:48:27 = Process Attach
15:48:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:48:27 = * NULL == SampleProvider *

15:48:27 = begin close Process
15:48:27 = end close Process
15:48:27 = ##### Get event and release process end #####
15:48:27 = hWnd = 0x00c8005e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:48:27 = hWnd = 0x0106004e; ClassName:
dow.
x=0, y=0, width=1, height=1
15:48:27 = hWnd = 0x00de01fe; ClassName:
x=0, y=0, width=0, height=0
15:48:27 = hWnd = 0x001001ea; ClassName:
x=0, y=0, width=0, height=0
18:27:25 = Process Attach
18:27:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:27:25 = * NULL == SampleProvider *

18:27:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:27:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:27:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:27:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:27:28 = Need to re-create objects.
18:27:29 = s1.
18:27:29 = s2.
18:27:32 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:27:32
18:28:10
18:28:10
18:28:11
18:28:11

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:27:23 = Process Attach

2:27:23 = end process attach
2:27:23 = ***** NULL == SampleProvider *****
2:27:23 = ##### Begin waiting Mutex to release process #####
2:27:23 = hWnd = 0x000304d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:27:23 = hWnd = 0x000205e0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:27:23 = hWnd = 0x000400f8; ClassName:
x=0, y=0, width=0, height=0
2:27:23 = hWnd = 0x000404f2; ClassName:
x=0, y=0, width=0, height=0
2:27:29 = Process Attach
2:27:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:27:29 = ##### Get event and release process #####

2:27:29 = begin close Process
2:27:29 = end close Process
2:27:29 = ##### Get event and release process end #####
2:27:29 = hWnd = 0x0101009a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:27:29 = hWnd = 0x00b0007a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:27:29 = hWnd = 0x00b00198; ClassName:
x=0, y=0, width=0, height=0
2:27:29 = hWnd = 0x00f201f8; ClassName:
x=0, y=0, width=0, height=0
12:27:6 = Process Attach
12:27:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:27:6 = * NULL == SampleProvider *

12:27:6 = ##### Begin waiting Mutex to release process #####
12:27:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:27:7 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:27:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:27:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:27:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:27:9 = s1.
12:27:9 = s2.
12:27:13
12:27:13
12:27:51
12:27:51
12:27:52
12:27:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:59:32 = Process Attach

0:59:32 = end process attach
0:59:32 = ***** NULL == SampleProvider *****
0:59:32 = ##### Begin waiting Mutex to release process #####
0:59:32 = hWnd = 0x000303b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:59:32 = hWnd = 0x000203b6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:32 = hWnd = 0x000203ae; ClassName:
x=0, y=0, width=0, height=0
0:59:32 = hWnd = 0x000303aa; ClassName:
x=0, y=0, width=0, height=0
0:59:45 = Process Attach
0:59:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:59:45 = ##### Get event and release process #####

0:59:45 = begin close Process
0:59:45 = end close Process
0:59:45 = ##### Get event and release process end #####
0:59:45 = hWnd = 0x01b101e8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:59:45 = hWnd = 0x00470064; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:45 = hWnd = 0x00260062; ClassName:
x=0, y=0, width=0, height=0
0:59:45 = hWnd = 0x013000d2; ClassName:
x=0, y=0, width=0, height=0
10:42:18 = Process Attach
10:42:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:42:18 = * NULL == SampleProvider *

10:42:19 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:42:19 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:42:19 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

10:42:19 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:42:23 = Need to re-create objects.
10:42:24 = s1.
10:42:24 = s2.
10:42:26 = Start show animate
10:42:26 = Shell Excutute VerifyHost
10:43:3 = begin close Process
10:43:3 = Terminate Process
10:43:4 = end close Process
10:43:4 = DLL_PROCESS_DETACH
3:3:11 = Process Attach
3:3:11 = end process attach
3:3:11 = ***** NULL == SampleProvider *****
3:3:11 = ##### Begin waiting Mutex to release process #####
3:3:11 = hWnd = 0x001b070a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:3:11 = hWnd = 0x0016056a; ClassName:
w.
x=0, y=0, width=1, height=1
3:3:11 = hWnd = 0x001906ec; ClassName:
x=0, y=0, width=0, height=0
3:3:11 = hWnd = 0x0014076c; ClassName:
x=0, y=0, width=0, height=0
3:4:5 = Process Attach
3:4:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:4:5 = * NULL == SampleProvider *

3:4:5 = begin close Process
3:4:5 = end close Process
3:4:5 = ##### Get event and release process end #####
3:4:5 = hWnd = 0x00f20094; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:4:5 = hWnd = 0x013d005e; ClassName:
.
x=0, y=0, width=1, height=1
3:4:5 = hWnd = 0x00e500ca; ClassName:
x=0, y=0, width=0, height=0
3:4:5 = hWnd = 0x01e8004e; ClassName:
x=0, y=0, width=0, height=0
11:40:43 = Process Attach
11:40:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:40:43 = * NULL == SampleProvider *

11:40:44 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

11:40:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:40:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:40:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:40:47 = Need to re-create objects.
11:40:47 = s1.
11:40:47 = s2.
11:40:52
11:40:52
11:41:31
11:41:31
11:41:32
11:41:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:59:38 = Process Attach

0:59:38 = end process attach
0:59:38 = ***** NULL == SampleProvider *****
0:59:38 = ##### Begin waiting Mutex to release process #####
0:59:38 = hWnd = 0x001605ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:59:38 = hWnd = 0x0017048a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:38 = hWnd = 0x00030334; ClassName:
x=0, y=0, width=0, height=0
0:59:38 = hWnd = 0x00030332; ClassName:
x=0, y=0, width=0, height=0
0:59:48 = Process Attach
0:59:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:59:48 = ##### Get event and release process #####

0:59:48 = begin close Process
0:59:48 = end close Process
0:59:48 = ##### Get event and release process end #####
0:59:48 = hWnd = 0x00620052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:59:48 = hWnd = 0x00a401d6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:48 = hWnd = 0x00bb01ec; ClassName:
x=0, y=0, width=0, height=0
0:59:48 = hWnd = 0x0044002c; ClassName:
x=0, y=0, width=0, height=0
10:45:28 = Process Attach
10:45:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:45:28 = * NULL == SampleProvider *

10:45:28 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:45:29 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:45:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:45:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:45:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:45:32 = s1.
10:45:32 = s2.
10:45:39
10:45:39
10:46:17
10:46:17
10:46:18
10:46:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:5:12 = Process Attach

3:5:12 = end process attach
3:5:12 = ***** NULL == SampleProvider *****
3:5:12 = ##### Begin waiting Mutex to release process #####
3:5:12 = hWnd = 0x0016047c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:5:12 = hWnd = 0x000805fa; ClassName:
w.
x=0, y=0, width=1, height=1
3:5:12 = hWnd = 0x002e0564; ClassName:
x=0, y=0, width=0, height=0
3:5:12 = hWnd = 0x00140478; ClassName:
x=0, y=0, width=0, height=0
3:5:36 = Process Attach
3:5:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:5:36 = ##### Get event and release process #####

3:5:36 = begin close Process
3:5:36 = end close Process
3:5:36 = ##### Get event and release process end #####
3:5:36 = hWnd = 0x00d600cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:5:36 = hWnd = 0x015900d2; ClassName:
w.
x=0, y=0, width=1, height=1
3:5:36 = hWnd = 0x00e800e8; ClassName:
x=0, y=0, width=0, height=0
3:5:36 = hWnd = 0x01a5005a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:41 = Process Attach

11:11:41 = end process attach
11:11:41 = ***** NULL == SampleProvider *****
11:11:41 = ##### Begin waiting Mutex to release process #####
11:11:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:11:42 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:11:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:11:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:11:46 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:46 = s1.
11:11:46 = s2.
11:11:50
11:11:50
11:12:29
11:12:29
11:12:30
11:12:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:9:18 = Process Attach

2:9:18 = end process attach
2:9:18 = ***** NULL == SampleProvider *****
2:9:18 = ##### Begin waiting Mutex to release process #####
2:9:18 = hWnd = 0x00050728; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:9:18 = hWnd = 0x000407a0; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:18 = hWnd = 0x00040724; ClassName:
x=0, y=0, width=0, height=0
2:9:18 = hWnd = 0x0005079a; ClassName:
x=0, y=0, width=0, height=0
2:9:32 = Process Attach
2:9:32 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:9:32 = * NULL == SampleProvider *

2:9:32 = begin close Process
2:9:32 = end close Process
2:9:32 = ##### Get event and release process end #####
2:9:32 = hWnd = 0x013901f2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:9:32 = hWnd = 0x011d01fc; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
2:9:32 = hWnd = 0x00980148; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:9:32 = hWnd = 0x017c01fa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:24:37 = Process Attach
10:24:37 = end process attach
10:24:37 = ***** NULL == SampleProvider *****
10:24:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:24:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:24:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:24:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:24:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:24:41 = s1.
10:24:41 = s2.
10:24:45
10:24:45
10:25:23
10:25:23
10:25:24
10:25:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:17:18 = Process Attach

3:17:18 = end process attach
3:17:18 = ***** NULL == SampleProvider *****
3:17:18 = hWnd = 0x00070634; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:17:18 = hWnd = 0x001f0804; ClassName:
ow.
x=0, y=0, width=1, height=1
3:17:18 = hWnd = 0x00060610; ClassName:
x=0, y=0, width=0, height=0
3:17:18 = hWnd = 0x005c0700; ClassName:
x=0, y=0, width=0, height=0
3:17:38 = Process Attach
3:17:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:17:38 = ##### Get event and release process #####

3:17:38 = begin close Process
3:17:38 = end close Process
3:17:38 = ##### Get event and release process end #####
3:17:38 = hWnd = 0x009f0050; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
3:17:38 =
ow.
x=0, y=0,
3:17:38 =
x=0, y=0,
3:17:38 =
x=0, y=0,
9:50:21 =
9:50:22 =

width=1024, height=768
hWnd = 0x01280194; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x006c00a2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00d3002c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:50:22 = ##### Begin waiting Mutex to release process #####

9:50:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:50:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:50:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:50:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:50:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:50:26 = s1.
9:50:26 = s2.
9:50:30 = Start show animate
9:50:30 = Shell Excutute VerifyHost
9:51:8 = begin close Process
9:51:8 = Terminate Process
9:51:9 = end close Process
9:51:9 = DLL_PROCESS_DETACH
1:19:56 = Process Attach
1:19:56 = end process attach
1:19:56 = ***** NULL == SampleProvider *****
1:19:56 = hWnd = 0x002005c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:19:56 = hWnd = 0x000a0666; ClassName:
ow.
x=0, y=0, width=1, height=1
1:19:56 = hWnd = 0x00200764; ClassName:
x=0, y=0, width=0, height=0
1:19:56 = hWnd = 0x003d06ea; ClassName:
x=0, y=0, width=0, height=0
1:20:11 = Process Attach
1:20:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:20:11 = * NULL == SampleProvider *

1:20:11 = begin close Process
1:20:11 = end close Process
1:20:11 = ##### Get event and release process end #####

1:20:11 = hWnd = 0x00a70056; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:20:11 = hWnd = 0x00b201b6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:20:11 = hWnd = 0x015501d0; ClassName:
x=0, y=0, width=0, height=0
1:20:11 = hWnd = 0x017201f0; ClassName:
x=0, y=0, width=0, height=0
9:13:20 = Process Attach
9:13:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:13:21 = * NULL == SampleProvider *

9:13:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:13:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:13:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:13:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:13:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:13:24 = s1.
9:13:24 = s2.
9:13:28 = Start show animate
9:13:28 = Shell Excutute VerifyHost
9:14:6 = begin close Process
9:14:6 = Terminate Process
9:14:7 = end close Process
9:14:7 = DLL_PROCESS_DETACH
2:10:32 = Process Attach
2:10:32 = end process attach
2:10:32 = ***** NULL == SampleProvider *****
2:10:32 = hWnd = 0x00120620; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:10:32 = hWnd = 0x0015060a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:32 = hWnd = 0x00440684; ClassName:
x=0, y=0, width=0, height=0
2:10:32 = hWnd = 0x001205a6; ClassName:
x=0, y=0, width=0, height=0
2:10:54 = Process Attach
2:10:54 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:54 = ##### Get event and release process #####

2:10:54 = begin close Process
2:10:54 = end close Process

2:10:54 = ##### Get event and release process end #####

2:10:54 = hWnd = 0x015f01f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:10:54 = hWnd = 0x00410066; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:54 = hWnd = 0x014401f0; ClassName:
x=0, y=0, width=0, height=0
2:10:54 = hWnd = 0x00bf0062; ClassName:
x=0, y=0, width=0, height=0
10:7:44 = Process Attach
10:7:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:7:44 = * NULL == SampleProvider *

10:7:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:7:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:7:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:7:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:7:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:7:50 = s1.
10:7:50 = s2.
10:7:54
10:7:54
10:8:32
10:8:32
10:8:33
10:8:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:30:57 = Process Attach

10:30:57 = end process attach
10:30:57 = ***** NULL == SampleProvider *****
10:30:57 = ##### Begin waiting Mutex to release process #####
10:30:57 = hWnd = 0x0005031a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:30:57 = hWnd = 0x000503d6; ClassName:
dow.
x=0, y=0, width=1, height=1
10:30:57 = hWnd = 0x000303ac; ClassName:
x=0, y=0, width=0, height=0
10:30:57 = hWnd = 0x00050318; ClassName:
x=0, y=0, width=0, height=0
10:31:11 = Process Attach
10:31:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:31:11 = ##### Get event and release process #####

10:31:11 = begin close Process
10:31:11 = end close Process
10:31:11 = ##### Get event and release process end #####
10:31:11 = hWnd = 0x00350064; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:31:11 = hWnd = 0x000a002a; ClassName:
dow.
x=0, y=0, width=1, height=1
10:31:11 = hWnd = 0x001000f2; ClassName:
x=0, y=0, width=0, height=0
10:31:11 = hWnd = 0x002000d2; ClassName:
x=0, y=0, width=0, height=0
10:32:42 = Process Attach
10:32:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:32:43 = * NULL == SampleProvider *

10:32:43 = ##### Begin waiting Mutex to release process #####
10:32:43 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:32:43 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:32:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:32:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:32:46 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:32:46 = s1.
10:32:46 = s2.
10:32:49
10:32:49
10:33:29
10:33:29
10:33:30
10:33:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:48:9 = Process Attach

2:48:9 = end process attach
2:48:9 = ***** NULL == SampleProvider *****
2:48:9 = ##### Begin waiting Mutex to release process #####
2:48:9 = hWnd = 0x00060666; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:48:9 = hWnd = 0x0008066c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:48:9 = hWnd = 0x00050670; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

2:48:9 = hWnd = 0x00070678; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:48:28 = Process Attach
2:48:28 = ## ERR ## Setevent
2:48:28 = ##### Get event and release process #####
2:48:28 = ***** NULL == SampleProvider *****
2:48:28 = end close Process
2:48:28 = ##### Get event and release process end #####
2:48:28 = hWnd = 0x025101d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:48:28 = hWnd = 0x01ee002a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:48:28 = hWnd = 0x00560094; ClassName:
x=0, y=0, width=0, height=0
2:48:28 = hWnd = 0x0134004e; ClassName:
x=0, y=0, width=0, height=0
9:17:59 = Process Attach
9:17:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:17:59 = * NULL == SampleProvider *

9:17:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:18:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:18:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:18:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:18:2 = Need to re-create objects.
9:18:3 = s1.
9:18:3 = s2.
9:18:6 = Start show animate
9:18:6 = Shell Excutute VerifyHost
9:18:45 = begin close Process
9:18:45 = Terminate Process
9:18:46 = end close Process
9:18:46 = DLL_PROCESS_DETACH
1:38:5 = Process Attach
1:38:5 = end process attach
1:38:5 = ***** NULL == SampleProvider *****
1:38:5 = ##### Begin waiting Mutex to release process #####
1:38:5 = hWnd = 0x000c08da; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

1:38:5 = hWnd = 0x000c08b8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:38:5 = hWnd = 0x000509f4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:38:37 = Process Attach
1:38:37 = ## ERR ## Setevent
1:38:37 = ##### Get event and release process #####
1:38:37 = ***** NULL == SampleProvider *****
1:38:37 = ##### Get event and release process end #####
1:38:37 = hWnd = 0x013801e8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:38:37 = hWnd = 0x004a01ea; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:37 = hWnd = 0x00d101f6; ClassName:
x=0, y=0, width=0, height=0
1:38:37 = hWnd = 0x00a501fa; ClassName:
x=0, y=0, width=0, height=0
10:41:6 = Process Attach
10:41:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:6 = * NULL == SampleProvider *

10:41:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:41:7 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:41:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:41:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:41:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:9 = s1.
10:41:9 = s2.
10:41:14
10:41:14
10:41:50
10:41:50
10:41:51
10:41:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:24:22 = Process Attach

1:24:22 = end process attach
1:24:22 = ***** NULL == SampleProvider *****
1:24:22 = ##### Begin waiting Mutex to release process #####
1:24:22 = hWnd = 0x000a05a4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:24:22 =
x=0, y=0,
1:24:22 =
x=0, y=0,
1:24:29 =
1:24:29 =

width=1, height=1
hWnd = 0x000b05ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001a0528; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:24:29 = ##### Get event and release process #####

1:24:29 = begin close Process
1:24:29 = end close Process
1:24:29 = ##### Get event and release process end #####
1:24:29 = hWnd = 0x00cd008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:24:29 = hWnd = 0x00dc01ea; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:29 = hWnd = 0x00f801e0; ClassName:
x=0, y=0, width=0, height=0
1:24:29 = hWnd = 0x011b0036; ClassName:
x=0, y=0, width=0, height=0
10:43:3 = Process Attach
10:43:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:43:3 = * NULL == SampleProvider *

10:43:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:43:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:43:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:43:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:43:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:43:7 = s1.
10:43:7 = s2.
10:43:10
10:43:10
10:43:49
10:43:49
10:43:50
10:43:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:55:38 = Process Attach

1:55:38 = end process attach
1:55:38 = ***** NULL == SampleProvider *****
1:55:38 = ##### Begin waiting Mutex to release process #####

1:55:38 = hWnd = 0x004007be; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:55:38 = hWnd = 0x00090540; ClassName:
ow.
x=0, y=0, width=1, height=1
1:55:38 = hWnd = 0x00790760; ClassName:
x=0, y=0, width=0, height=0
1:55:38 = hWnd = 0x0042011e; ClassName:
x=0, y=0, width=0, height=0
1:55:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:55:38 = s1.
1:55:38 = s2.
1:55:40
1:55:40
1:58:15
1:58:15
1:58:16
1:58:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:12:40 = Process Attach

2:12:40 = end process attach
2:12:40 = ***** NULL == SampleProvider *****
2:12:40 = ##### Begin waiting Mutex to release process #####
2:12:40 = hWnd = 0x004207be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:12:40 = hWnd = 0x000503ee; ClassName:
ow.
x=0, y=0, width=1, height=1
2:12:40 = hWnd = 0x01a9078e; ClassName:
x=0, y=0, width=0, height=0
2:12:40 = hWnd = 0x010e0774; ClassName:
x=0, y=0, width=0, height=0
2:13:0 = Process Attach
2:13:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:13:0 = * NULL == SampleProvider *

2:13:0 = begin close Process
2:13:0 = end close Process
2:13:0 = ##### Get event and release process end #####
2:13:0 = hWnd = 0x00d7003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:13:0 = hWnd = 0x00e30126; ClassName:
w.
x=0, y=0, width=1, height=1
2:13:0 = hWnd = 0x011901c8; ClassName:
x=0, y=0, width=0, height=0
2:13:0 = hWnd = 0x016e01e6; ClassName:
x=0, y=0, width=0, height=0
10:51:59 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:52:0 = end process attach

10:52:0 = ***** NULL == SampleProvider *****
10:52:0 = ##### Begin waiting Mutex to release process #####
10:52:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:52:0 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:52:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:52:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:52:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:52:3 = s1.
10:52:3 = s2.
10:52:7 = Start show animate
10:52:7 = Shell Excutute VerifyHost
10:52:44 = begin close Process
10:52:44 = Terminate Process
10:52:45 = end close Process
10:52:45 = DLL_PROCESS_DETACH
1:54:4 = Process Attach
1:54:4 = end process attach
1:54:4 = ***** NULL == SampleProvider *****
1:54:4 = hWnd = 0x006a0860; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:54:4 = hWnd = 0x0007049e; ClassName:
w.
x=0, y=0, width=1, height=1
1:54:4 = hWnd = 0x034607ea; ClassName:
x=0, y=0, width=0, height=0
1:54:4 = hWnd = 0x01380884; ClassName:
x=0, y=0, width=0, height=0
1:54:15 = Process Attach
1:54:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:54:15 = * NULL == SampleProvider *

1:54:15 = begin close Process
1:54:15 = end close Process
1:54:15 = ##### Get event and release process end #####
1:54:15 = hWnd = 0x019c01e0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:54:15 = hWnd = 0x018b01e2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:54:15 = hWnd = 0x0178004a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
1:54:15 =
x=0, y=0,
8:53:20 =
8:53:20 =

width=0, height=0
hWnd = 0x013701d6; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:53:20 = * NULL == SampleProvider *

8:53:20 = ##### Begin waiting Mutex to release process #####
8:53:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:53:21 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:53:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:53:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:53:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:53:25 = s1.
8:53:25 = s2.
8:53:30 = Start show animate
8:53:30 = Shell Excutute VerifyHost
8:54:8 = begin close Process
8:54:8 = Terminate Process
8:54:9 = end close Process
8:54:9 = DLL_PROCESS_DETACH
1:37:37 = Process Attach
1:37:37 = end process attach
1:37:37 = ***** NULL == SampleProvider *****
1:37:37 = hWnd = 0x000502ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:37:37 = hWnd = 0x009e07ba; ClassName:
ow.
x=0, y=0, width=1, height=1
1:37:37 = hWnd = 0x009107b4; ClassName:
x=0, y=0, width=0, height=0
1:37:37 = hWnd = 0x000d04a4; ClassName:
x=0, y=0, width=0, height=0
1:37:53 = Process Attach
1:37:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:37:53 = * NULL == SampleProvider *

1:37:53 = begin close Process
1:37:53 = end close Process
1:37:53 = ##### Get event and release process end #####
1:37:53 = hWnd = 0x002601ca; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:37:53 =
ow.
x=0, y=0,
1:37:53 =
x=0, y=0,
1:37:53 =
x=0, y=0,
9:49:47 =
9:49:47 =

hWnd = 0x003001d8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000b01dc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00e3002a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:49:47 = * NULL == SampleProvider *

9:49:47 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:49:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:49:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:49:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:49:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:49:51 = s1.
9:49:51 = s2.
9:49:54
9:49:54
9:50:32
9:50:32
9:50:33
9:50:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:11:46 = Process Attach

1:11:46 = end process attach
1:11:46 = ***** NULL == SampleProvider *****
1:11:46 = ##### Begin waiting Mutex to release process #####
1:11:46 = hWnd = 0x00090560; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:11:46 = hWnd = 0x000d06b6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:11:46 = hWnd = 0x003e0486; ClassName:
x=0, y=0, width=0, height=0
1:11:46 = hWnd = 0x000906c0; ClassName:
x=0, y=0, width=0, height=0
1:11:59 = Process Attach
1:11:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:11:59 = ##### Get event and release process #####

1:11:59 = begin close Process
1:11:59 = end close Process
1:11:59 = ##### Get event and release process end #####

1:11:59 = hWnd = 0x00290180; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:11:59 = hWnd = 0x01d7004c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:11:59 = hWnd = 0x006100fa; ClassName:
x=0, y=0, width=0, height=0
1:11:59 = hWnd = 0x025001aa; ClassName:
x=0, y=0, width=0, height=0
10:22:56 = Process Attach
10:22:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:22:56 = * NULL == SampleProvider *

10:22:56 = ##### Begin waiting Mutex to release process #####
10:22:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:22:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:22:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:22:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:23:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:23:3 = s1.
10:23:3 = s2.
10:23:6 = Start show animate
10:23:6 = Shell Excutute VerifyHost
10:23:43 = begin close Process
10:23:43 = Terminate Process
10:23:44 = end close Process
10:23:44 = DLL_PROCESS_DETACH
1:6:2 = Process Attach
1:6:3 = end process attach
1:6:3 = ***** NULL == SampleProvider *****
1:6:3 = hWnd = 0x000b06e6; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:6:3 = hWnd = 0x002406de; ClassName:
.
x=0, y=0, width=1, height=1
1:6:3 = hWnd = 0x00090622; ClassName:
x=0, y=0, width=0, height=0
1:6:3 = hWnd = 0x000906f2; ClassName:
x=0, y=0, width=0, height=0
1:6:40 = Process Attach
1:6:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:6:40 = ##### Get event and release process #####

1:6:40 = begin close Process

1:6:40 = end close Process
1:6:40 = ##### Get event and release process end #####
1:6:40 = hWnd = 0x00ef00d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:6:40 = hWnd = 0x0170009a; ClassName:
w.
x=0, y=0, width=1, height=1
1:6:40 = hWnd = 0x013801fc; ClassName:
x=0, y=0, width=0, height=0
1:6:40 = hWnd = 0x00b5002c; ClassName:
x=0, y=0, width=0, height=0
9:55:52 = Process Attach
9:55:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:55:52 = * NULL == SampleProvider *

9:55:52 = ##### Begin waiting Mutex to release process #####
9:55:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:55:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:55:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:55:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:55:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:55:57 = s1.
9:55:57 = s2.
9:56:1 = Start show animate
9:56:1 = Shell Excutute VerifyHost
9:56:39 = begin close Process
9:56:39 = Terminate Process
9:56:40 = end close Process
9:56:40 = DLL_PROCESS_DETACH
1:34:31 = Process Attach
1:34:31 = end process attach
1:34:31 = ***** NULL == SampleProvider *****
1:34:31 = ##### Begin waiting Mutex to release process #####
1:34:31 = hWnd = 0x000904d8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:34:31 = hWnd = 0x006d07ee; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:34:31 = hWnd = 0x000a0506; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

1:34:31 = hWnd = 0x00070502; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
1:34:33 = Need to re-create objects.
1:34:33 = s1.
1:34:33 = s2.
1:34:33
1:34:33
1:37:10
1:37:10
1:37:11
1:37:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:1:6 = Process Attach

2:1:6 = end process attach
2:1:6 = ***** NULL == SampleProvider *****
2:1:6 = ##### Begin waiting Mutex to release process #####
2:1:6 = hWnd = 0x008104b6; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
2:1:6 = hWnd = 0x001f08ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:1:6 = hWnd = 0x002404aa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:1:25 = Process Attach
2:1:25 = ## ERR ## Setevent
2:1:25 = ##### Get event and release process #####
2:1:25 = begin close Process
2:1:25 = ***** NULL == SampleProvider *****
2:1:25 = hWnd = 0x004301e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:1:25 = hWnd = 0x01960174; ClassName:
w.
x=0, y=0, width=1, height=1
2:1:25 = hWnd = 0x013b005a; ClassName:
x=0, y=0, width=0, height=0
2:1:25 = hWnd = 0x00ee0060; ClassName:
x=0, y=0, width=0, height=0
10:31:32 = Process Attach
10:31:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:31:32 = * NULL == SampleProvider *

10:31:32 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:31:33 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:31:33 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

10:31:33 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
10:31:36 = Need to re-create objects.
10:31:36 = s1.
10:31:36 = s2.
10:31:41
10:31:41
10:32:19
10:32:19
10:32:20
10:32:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:58:28 = Process Attach

1:58:28 = end process attach
1:58:28 = ***** NULL == SampleProvider *****
1:58:28 = ##### Begin waiting Mutex to release process #####
1:58:28 = hWnd = 0x0038059e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:58:28 = hWnd = 0x00040788; ClassName:
ow.
x=0, y=0, width=1, height=1
1:58:28 = hWnd = 0x00040268; ClassName:
x=0, y=0, width=0, height=0
1:58:28 = hWnd = 0x000307e4; ClassName:
x=0, y=0, width=0, height=0
1:58:41 = Process Attach
1:58:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:58:41 = ##### Get event and release process #####

1:58:41 = begin close Process
1:58:41 = end close Process
1:58:41 = ##### Get event and release process end #####
1:58:41 = hWnd = 0x01aa002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:58:41 = hWnd = 0x0066005e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:58:41 = hWnd = 0x00fd00a2; ClassName:
x=0, y=0, width=0, height=0
1:58:41 = hWnd = 0x01a201b2; ClassName:
x=0, y=0, width=0, height=0
2:36:33 = Process Attach
2:36:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:36:33 = * NULL == SampleProvider *

2:36:33 = ##### Begin waiting Mutex to release process #####
2:36:34 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
2:36:34 =
ow.
x=0, y=0,
2:36:34 =
x=0, y=0,
2:36:34 =
x=0, y=0,
2:36:39 =

2:36:39 = s1.
2:36:39 = s2.
2:36:42
2:36:42
2:37:19
2:37:19
2:37:20
2:37:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:25:40 = Process Attach

3:25:40 = end process attach
3:25:40 = ***** NULL == SampleProvider *****
3:25:40 = ##### Begin waiting Mutex to release process #####
3:25:40 = hWnd = 0x00080502; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:25:40 = hWnd = 0x000504fa; ClassName:
ow.
x=0, y=0, width=1, height=1
3:25:40 = hWnd = 0x002b0430; ClassName:
x=0, y=0, width=0, height=0
3:25:40 = hWnd = 0x0028052e; ClassName:
x=0, y=0, width=0, height=0
3:25:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:25:40 = s1.
3:25:40 = s2.
3:25:41
3:25:41
3:28:30
3:28:30
3:28:31
3:28:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:35:53 = Process Attach

3:35:53 = end process attach
3:35:53 = ***** NULL == SampleProvider *****
3:35:53 = ##### Begin waiting Mutex to release process #####
3:35:53 = hWnd = 0x000d03c6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
3:35:53 =
ow.
x=0, y=0,
3:35:53 =
x=0, y=0,
3:35:53 =
x=0, y=0,
3:35:59 =
3:35:59 =

width=1366, height=768
hWnd = 0x000b04da; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001204a6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x002e0430; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:35:59 = * NULL == SampleProvider *

3:35:59 = begin close Process
3:35:59 = end close Process
3:35:59 = ##### Get event and release process end #####
3:35:59 = hWnd = 0x0045008a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:35:59 = hWnd = 0x000701f8; ClassName:
ow.
x=0, y=0, width=1, height=1
3:35:59 = hWnd = 0x000201bc; ClassName:
x=0, y=0, width=0, height=0
3:35:59 = hWnd = 0x000201d6; ClassName:
x=0, y=0, width=0, height=0
11:6:23 = Process Attach
11:6:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:23 = * NULL == SampleProvider *

11:6:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:6:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:6:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:6:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:6:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:27 = s1.
11:6:27 = s2.
11:6:31 = Start show animate
11:6:31 = Shell Excutute VerifyHost
11:7:9 = begin close Process
11:7:9 = Terminate Process
11:7:10 = end close Process
11:7:10 = DLL_PROCESS_DETACH
3:11:32 = Process Attach
3:11:32 = end process attach
3:11:32 = ***** NULL == SampleProvider *****

3:11:32 = ##### Begin waiting Mutex to release process #####

3:11:32 = hWnd = 0x001809b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:11:32 = hWnd = 0x000b09ca; ClassName:
ow.
x=0, y=0, width=1, height=1
3:11:32 = hWnd = 0x00210918; ClassName:
x=0, y=0, width=0, height=0
3:11:32 = hWnd = 0x002a09b2; ClassName:
x=0, y=0, width=0, height=0
3:11:50 = Process Attach
3:11:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:11:50 = * NULL == SampleProvider *

3:11:50 = begin close Process
3:11:50 = end close Process
3:11:50 = ##### Get event and release process end #####
3:11:50 = hWnd = 0x007e0176; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:11:50 = hWnd = 0x016301de; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:2:7 = Process Attach
11:2:7 = end process attach
11:2:7 = ##### Begin waiting Mutex to release process #####
11:2:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:2:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
11:2:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:2:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:2:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:2:11 = s1.
11:2:11 = s2.
11:2:15
11:2:15
11:2:52
11:2:52
11:2:53
11:2:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:48:38 = Process Attach

4:48:38 = end process attach
4:48:38 = ***** NULL == SampleProvider *****
4:48:38 = ##### Begin waiting Mutex to release process #####

4:48:38 = hWnd = 0x000b04ba; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:48:38 = hWnd = 0x00de046c; ClassName:
ow.
x=0, y=0, width=1, height=1
4:48:38 = hWnd = 0x00120474; ClassName:
x=0, y=0, width=0, height=0
4:48:38 = hWnd = 0x00160672; ClassName:
x=0, y=0, width=0, height=0
4:48:46 = Process Attach
4:48:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:48:46 = ##### Get event and release process #####

4:48:46 = begin close Process
4:48:46 = end close Process
4:48:46 = ##### Get event and release process end #####
4:48:46 = hWnd = 0x010801fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:48:46 = hWnd = 0x01a401ee; ClassName:
ow.
x=0, y=0, width=1, height=1
4:48:46 = hWnd = 0x0069002e; ClassName:
x=0, y=0, width=0, height=0
4:48:46 = hWnd = 0x0181002c; ClassName:
x=0, y=0, width=0, height=0
13:12:37 = Process Attach
13:12:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:12:37 = * NULL == SampleProvider *

13:12:37 = ##### Begin waiting Mutex to release process #####
13:12:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:12:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:12:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:12:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:12:43 = Need to re-create objects.
13:12:43 = s1.
13:12:43 = s2.
13:12:46
13:12:46
13:13:24
13:13:24
13:13:25
13:13:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:35:41 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:35:41 = end process attach

0:35:41 = ##### Begin waiting Mutex to release process #####
0:35:41 = hWnd = 0x004c069c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:35:41 = hWnd = 0x0004013c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:41 = hWnd = 0x000806cc; ClassName:
x=0, y=0, width=0, height=0
0:35:41 = hWnd = 0x00040050; ClassName:
x=0, y=0, width=0, height=0
0:35:56 = Process Attach
0:35:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:35:56 = ##### Get event and release process #####

0:35:56 = begin close Process
0:35:56 = end close Process
0:35:56 = ##### Get event and release process end #####
0:35:56 = hWnd = 0x005e01ec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:35:56 = hWnd = 0x0118005c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:56 = hWnd = 0x01490058; ClassName:
x=0, y=0, width=0, height=0
0:35:56 = hWnd = 0x0132016c; ClassName:
x=0, y=0, width=0, height=0
11:55:52 = Process Attach
11:55:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:55:52 = * NULL == SampleProvider *

11:55:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:55:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:55:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:55:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:55:56 = Need to re-create objects.
11:55:56 = s1.
11:55:56 = s2.
11:56:1 = Start show animate
11:56:1 = Shell Excutute VerifyHost
11:56:38 = begin close Process
11:56:38 = Terminate Process
11:56:39 = end close Process
11:56:39 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:15 = Process Attach

2:10:15 = end process attach
2:10:15 = ***** NULL == SampleProvider *****
2:10:15 = hWnd = 0x000605b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:10:15 = hWnd = 0x00110640; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:15 = hWnd = 0x001105c4; ClassName:
x=0, y=0, width=0, height=0
2:10:15 = hWnd = 0x00040602; ClassName:
x=0, y=0, width=0, height=0
2:10:35 = Process Attach
2:10:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:35 = ##### Get event and release process #####

2:10:35 = begin close Process
2:10:35 = end close Process
2:10:35 = ##### Get event and release process end #####
2:10:35 = hWnd = 0x0199009e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:10:35 = hWnd = 0x00fb01de; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:35 = hWnd = 0x00b000e4; ClassName:
x=0, y=0, width=0, height=0
2:10:35 = hWnd = 0x00ee01dc; ClassName:
x=0, y=0, width=0, height=0
12:3:0 = Process Attach
12:3:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:3:0 = * NULL == SampleProvider *

12:3:0 = ##### Begin waiting Mutex to release process #####
12:3:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:3:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
12:3:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:3:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:3:5 = Need to re-create objects.
12:3:5 = s1.
12:3:5 = s2.
12:3:9 = Start show animate
12:3:9 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:3:48
12:3:48
12:3:49
12:3:49

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

1:24:23 = Process Attach

1:24:23 = end process attach
1:24:23 = ***** NULL == SampleProvider *****
1:24:23 = ##### Begin waiting Mutex to release process #####
1:24:23 = hWnd = 0x00030558; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:24:23 = hWnd = 0x00030564; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:23 = hWnd = 0x00030572; ClassName:
x=0, y=0, width=0, height=0
1:24:23 = hWnd = 0x00030570; ClassName:
x=0, y=0, width=0, height=0
1:24:44 = Process Attach
1:24:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:24:44 = * NULL == SampleProvider *

1:24:44 = begin close Process
1:24:44 = end close Process
1:24:44 = ##### Get event and release process end #####
1:24:44 = hWnd = 0x006401a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:24:44 = hWnd = 0x00e20064; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:44 = hWnd = 0x00ab008e; ClassName:
x=0, y=0, width=0, height=0
1:24:44 = hWnd = 0x0111004c; ClassName:
x=0, y=0, width=0, height=0
10:38:53 = Process Attach
10:38:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:38:53 = * NULL == SampleProvider *

10:38:53 = ##### Begin waiting Mutex to release process #####
10:38:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:38:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:38:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:38:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:38:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:38:57 = s1.
10:38:57 = s2.
10:39:0 = Start show animate
10:39:0 = Shell Excutute VerifyHost
10:39:37 = begin close Process
10:39:37 = Terminate Process
10:39:38 = end close Process
10:39:38 = DLL_PROCESS_DETACH
0:42:55 = Process Attach
0:42:56 = end process attach
0:42:56 = ***** NULL == SampleProvider *****
0:42:56 = ##### Begin waiting Mutex to release process #####
0:42:56 =
ow.
x=0, y=0,
0:42:56 =
x=0, y=0,
0:42:56 =
x=0, y=0,
0:43:22 =
0:43:22 =

hWnd = 0x002307c8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0006065a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001c073e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:43:22 = ##### Get event and release process #####

0:43:22 = begin close Process
0:43:22 = end close Process
0:43:22 = ##### Get event and release process end #####
0:43:22 = hWnd = 0x014801fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:43:22 = hWnd = 0x018201ea; ClassName:
ow.
x=0, y=0, width=1, height=1
0:43:22 = hWnd = 0x015f005e; ClassName:
x=0, y=0, width=0, height=0
0:43:22 = hWnd = 0x00e101f8; ClassName:
x=0, y=0, width=0, height=0
10:21:49 = Process Attach
10:21:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:21:49 = * NULL == SampleProvider *

10:21:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:21:50 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:21:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:21:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:21:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

1:26:40 = begin close Process
1:26:40 = end close Process
1:26:40 = ##### Get event and release process end #####
1:26:40 = hWnd = 0x00e700a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:26:40 = hWnd = 0x00a7008e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:40 = hWnd = 0x00150090; ClassName:
x=0, y=0, width=0, height=0
1:26:40 = hWnd = 0x01c7019a; ClassName:
x=0, y=0, width=0, height=0
10:36:53 = Process Attach
10:36:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:36:54 = * NULL == SampleProvider *

10:36:54 = ##### Begin waiting Mutex to release process #####
10:36:54 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

10:36:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:36:55 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:36:55 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:36:58 = Need to re-create objects.
10:36:58 = s1.
10:36:58 = s2.
10:37:1 = Start show animate
10:37:1 = Shell Excutute VerifyHost
10:37:39 = begin close Process
10:37:39 = Terminate Process
10:37:40 = end close Process
10:37:40 = DLL_PROCESS_DETACH
4:10:54 = Process Attach
4:10:54 = end process attach
4:10:54 = ***** NULL == SampleProvider *****
4:10:54 = ##### Begin waiting Mutex to release process #####
4:10:54 = hWnd = 0x000404b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:10:54 = hWnd = 0x000404b4; ClassName:
ow.
x=0, y=0, width=1, height=1
4:10:54 = hWnd = 0x000507b4; ClassName:
x=0, y=0, width=0, height=0
4:10:54 = hWnd = 0x000a074c; ClassName:
x=0, y=0, width=0, height=0
4:11:49 = Process Attach
4:11:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:11:49 = * NULL == SampleProvider *

4:11:49 = begin close Process
4:11:49 = end close Process
4:11:49 = ##### Get event and release process end #####
4:11:49 = hWnd = 0x01fc01f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:11:49 = hWnd = 0x0032005e; ClassName:
ow.
x=0, y=0, width=1, height=1
4:11:49 = hWnd = 0x002701ec; ClassName:
x=0, y=0, width=0, height=0
4:11:49 = hWnd = 0x00cf0094; ClassName:
x=0, y=0, width=0, height=0
7:25:5 = Process Attach
7:25:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:25:6 = * NULL == SampleProvider *

7:25:6 = ##### Begin waiting Mutex to release process #####

7:25:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:25:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:25:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:25:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:25:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:25:10 = s1.
7:25:10 = s2.
7:25:15
7:25:15
7:25:53
7:25:53
7:25:54
7:25:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:25:5 = Process Attach

3:25:5 = end process attach
3:25:5 = ***** NULL == SampleProvider *****
3:25:5 = hWnd = 0x000c1272; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:25:5 = hWnd = 0x00201534; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:25:5 = ##### Begin waiting Mutex to release process #####
3:25:41 = Process Attach
3:25:41 = ## ERR ## Setevent
3:25:41 = ##### Get event and release process #####
3:25:41 = begin close Process
3:25:41 = end close Process
3:25:41 = ##### Get event and release process end #####
3:25:41 = hWnd = 0x0062019e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:25:41 = hWnd = 0x014601e0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:25:41 = hWnd = 0x002b004a; ClassName:
x=0, y=0, width=0, height=0
3:25:41 = hWnd = 0x00b801de; ClassName:
x=0, y=0, width=0, height=0
10:25:24 = Process Attach
10:25:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:25 = * NULL == SampleProvider *

10:25:25 = ##### Begin waiting Mutex to release process #####
10:25:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:25:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:25:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:25:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:25:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:29 = s1.
10:25:29 = s2.
10:25:32 = Start show animate
10:25:32 = Shell Excutute VerifyHost
10:26:9 = begin close Process
10:26:9 = Terminate Process
10:26:10 = end close Process
10:26:10 = DLL_PROCESS_DETACH
0:50:41 = Process Attach
0:50:41 = end process attach
0:50:41 = ***** NULL == SampleProvider *****
0:50:41 = ##### Begin waiting Mutex to release process #####
0:50:41 = hWnd = 0x000b0c62; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:50:41 = hWnd = 0x00070fca; ClassName:
ow.
x=0, y=0, width=1, height=1
0:50:41 = hWnd = 0x000a0e7c; ClassName:
x=0, y=0, width=0, height=0
0:50:41 = hWnd = 0x00070fa4; ClassName:
x=0, y=0, width=0, height=0
0:52:12 = Process Attach
0:52:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:12 = ##### Get event and release process #####

0:52:12 = begin close Process
0:52:12 = end close Process
0:52:12 = ##### Get event and release process end #####
0:52:12 = hWnd = 0x015e01ce; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:52:12 = hWnd = 0x00030174; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

0:52:12 = hWnd = 0x004a01f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
0:52:12 = hWnd = 0x01a701e4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:27:44 = Process Attach
11:27:44 = end process attach
11:27:44 = ***** NULL == SampleProvider *****
11:27:44 = ##### Begin waiting Mutex to release process #####
11:27:44 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:27:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:27:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:27:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:27:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:47 = s1.
11:27:47 = s2.
11:27:51
11:27:51
11:28:29
11:28:29
11:28:30
11:28:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:38:30 = Process Attach

1:38:30 = end process attach
1:38:30 = ***** NULL == SampleProvider *****
1:38:30 = hWnd = 0x00061674; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:38:30 = hWnd = 0x00060526; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:30 = hWnd = 0x00050624; ClassName:
x=0, y=0, width=0, height=0
1:38:30 = hWnd = 0x00050626; ClassName:
x=0, y=0, width=0, height=0
1:39:24 = Process Attach
1:39:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:39:24 = ##### Get event and release process #####

1:39:24 = begin close Process
1:39:24 = end close Process
1:39:24 = ##### Get event and release process end #####
1:39:24 = hWnd = 0x00ee01b8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
1:39:24 =
ow.
x=0, y=0,
1:39:24 =
x=0, y=0,
1:39:24 =
x=0, y=0,
10:7:18 =
10:7:18 =

width=1024, height=768
hWnd = 0x015a01cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00fd019c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x01f2018c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

10:7:18 = * NULL == SampleProvider *

10:7:18 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:7:18 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:7:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:7:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:7:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:7:21 = s1.
10:7:21 = s2.
10:7:24 = Start show animate
10:7:24 = Shell Excutute VerifyHost
10:8:2 = begin close Process
10:8:2 = Terminate Process
10:8:3 = end close Process
10:8:3 = DLL_PROCESS_DETACH
1:7:38 = Process Attach
1:7:38 = end process attach
1:7:38 = ***** NULL == SampleProvider *****
1:7:38 = ##### Begin waiting Mutex to release process #####
1:7:38 = hWnd = 0x000a0666; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:7:38 = hWnd = 0x00370718; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:38 = hWnd = 0x000a0516; ClassName:
x=0, y=0, width=0, height=0
1:7:38 = hWnd = 0x00050720; ClassName:
x=0, y=0, width=0, height=0
1:7:47 = Process Attach
1:7:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:7:47 = ##### Get event and release process #####

1:7:47 = begin close Process
1:7:47 = end close Process

1:7:47 = ##### Get event and release process end #####

1:7:47 = hWnd = 0x00d901e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:7:47 = hWnd = 0x01dd0060; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:47 = hWnd = 0x0057002a; ClassName:
x=0, y=0, width=0, height=0
1:7:47 = hWnd = 0x00d901f8; ClassName:
x=0, y=0, width=0, height=0
10:19:20 = Process Attach
10:19:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:20 = * NULL == SampleProvider *

10:19:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:19:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:19:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:19:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:19:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:26 = s1.
10:19:26 = s2.
10:19:31 = Start show animate
10:19:31 = Shell Excutute VerifyHost
10:20:7 = begin close Process
10:20:7 = Terminate Process
10:20:8 = end close Process
10:20:8 = DLL_PROCESS_DETACH
0:28:26 = Process Attach
0:28:26 = end process attach
0:28:26 = ##### Begin waiting Mutex to release process #####
0:28:26 = ***** NULL == SampleProvider *****
0:28:26 = hWnd = 0x001605e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:28:26 = hWnd = 0x00200754; ClassName:
ow.
x=0, y=0, width=1, height=1
0:28:26 = hWnd = 0x001207be; ClassName:
x=0, y=0, width=0, height=0
0:28:26 = hWnd = 0x000907cc; ClassName:
x=0, y=0, width=0, height=0
0:30:13 = Process Attach
0:30:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:30:13 = ##### Get event and release process #####

0:30:13 = begin close Process
0:30:13 = end close Process
0:30:13 = ##### Get event and release process end #####
0:30:13 = ***** NULL == SampleProvider *****
0:30:13 = hWnd = 0x00f301de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:30:13 = hWnd = 0x015401c8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:30:13 = hWnd = 0x017d01ea; ClassName:
x=0, y=0, width=0, height=0
0:30:13 = hWnd = 0x008d01f4; ClassName:
x=0, y=0, width=0, height=0
8:40:26 = Process Attach
8:40:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:26 = * NULL == SampleProvider *

8:40:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:40:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:40:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:40:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:40:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:29 = s1.
8:40:29 = s2.
8:40:32
8:40:32
8:41:10
8:41:10
8:41:11
8:41:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:12:50 = Process Attach

1:12:50 = end process attach
1:12:50 = ***** NULL == SampleProvider *****
1:12:50 = ##### Begin waiting Mutex to release process #####
1:12:50 = hWnd = 0x00030630; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:12:50 = hWnd = 0x00040324; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:12:50 = hWnd = 0x000906c8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
1:12:50 =
x=0, y=0,
1:13:59 =
1:13:59 =

width=0, height=0
hWnd = 0x00a40494; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:13:59 = * NULL == SampleProvider *

1:13:59 = ##### Get event and release process #####
1:13:59 = begin close Process
1:13:59 = end close Process
1:13:59 = ##### Get event and release process end #####
1:13:59 = hWnd = 0x008901f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:13:59 = hWnd = 0x008f0038; ClassName:
ow.
x=0, y=0, width=1, height=1
1:13:59 = hWnd = 0x01520082; ClassName:
x=0, y=0, width=0, height=0
1:13:59 = hWnd = 0x01ad002e; ClassName:
x=0, y=0, width=0, height=0
10:12:1 = Process Attach
10:12:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:12:1 = ##### Begin waiting Mutex to release process #####

10:12:2 =
ow.
x=0, y=0,
10:12:3 =
x=0, y=0,
10:12:3 =
x=0, y=0,
10:12:6 =

10:12:6 = s1.
10:12:6 = s2.
10:12:10
10:12:10
10:12:48
10:12:48
10:12:49
10:12:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:24:44 = Process Attach

1:24:44 = end process attach
1:24:44 = ##### Begin waiting Mutex to release process #####
1:24:44 = ***** NULL == SampleProvider *****
1:24:44 = hWnd = 0x000b06ec; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:24:44 = hWnd = 0x000f064a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:24:44 =
x=0, y=0,
1:24:44 =
x=0, y=0,
1:24:46 =

width=1, height=1
hWnd = 0x00190528; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001607c4; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

1:24:46 = s1.
1:24:46 = s2.
1:24:46
1:24:46
1:25:43
1:25:43
1:25:44
1:25:44

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:33:40 = Process Attach

1:33:40 = end process attach
1:33:40 = ***** NULL == SampleProvider *****
1:33:40 = hWnd = 0x0011057e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:40 = hWnd = 0x001807c4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:40 = hWnd = 0x00150622; ClassName:
x=0, y=0, width=0, height=0
1:33:40 = hWnd = 0x002b0396; ClassName:
x=0, y=0, width=0, height=0
1:34:5 = Process Attach
1:34:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:5 = ##### Get event and release process #####

1:34:5 = begin close Process
1:34:5 = ***** NULL == SampleProvider *****
1:34:5 = hWnd = 0x00d201d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:5 = hWnd = 0x0107004e; ClassName:
w.
x=0, y=0, width=1, height=1
1:34:5 = hWnd = 0x013d002a; ClassName:
x=0, y=0, width=0, height=0
1:34:5 = hWnd = 0x009200a6; ClassName:
x=0, y=0, width=0, height=0
9:9:25 = Process Attach
9:9:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:9:25 = * NULL == SampleProvider *

9:9:25 = ##### Begin waiting Mutex to release process #####
9:9:26 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
9:9:26 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:9:27 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:9:27 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:9:29 = Need to re-create objects.
9:9:29 = s1.
9:9:29 = s2.
9:9:33 = Start show animate
9:9:33 = Shell Excutute VerifyHost
9:10:12 = begin close Process
9:10:12 = Terminate Process
9:10:13 = end close Process
9:10:13 = DLL_PROCESS_DETACH
1:10:8 = Process Attach
1:10:8 = end process attach
1:10:8 = ***** NULL == SampleProvider *****
1:10:8 = hWnd = 0x000e041e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:10:8 = hWnd = 0x00170494; ClassName:
w.
x=0, y=0, width=1, height=1
1:10:8 = hWnd = 0x000a073e; ClassName:
x=0, y=0, width=0, height=0
1:10:8 = hWnd = 0x000804b4; ClassName:
x=0, y=0, width=0, height=0
1:10:46 = Process Attach
1:10:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:10:46 = ##### Get event and release process #####

1:10:46 = ***** NULL == SampleProvider *****
1:10:46 = ##### Get event and release process end #####
1:10:46 = hWnd = 0x00ab01ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:10:46 = hWnd = 0x00c5008c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:10:46 = hWnd = 0x0064019e; ClassName:
x=0, y=0, width=0, height=0
1:10:46 = hWnd = 0x00af0038; ClassName:
x=0, y=0, width=0, height=0
9:31:4 = Process Attach
9:31:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:31:4 = * NULL == SampleProvider *

9:31:4 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:31:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:31:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:31:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:31:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:31:8 = s1.
9:31:8 = s2.
9:31:11
9:31:11
9:31:50
9:31:50
9:31:51
9:31:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:52:7 = Process Attach

1:52:7 = end process attach
1:52:7 = ***** NULL == SampleProvider *****
1:52:7 = ##### Begin waiting Mutex to release process #####
1:52:8 = hWnd = 0x000c0bfc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:52:8 = hWnd = 0x00090b58; ClassName:
w.
x=0, y=0, width=1, height=1
1:52:8 = hWnd = 0x001e039c; ClassName:
x=0, y=0, width=0, height=0
1:52:8 = hWnd = 0x000f0b9c; ClassName:
x=0, y=0, width=0, height=0
1:54:15 = Process Attach
1:54:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:54:15 = * NULL == SampleProvider *

1:54:15 = begin close Process
1:54:15 = end close Process
1:54:15 = ##### Get event and release process end #####
1:54:15 = hWnd = 0x00be01e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:54:15 = hWnd = 0x000201ac; ClassName:
ow.
x=0, y=0, width=1, height=1
1:54:15 = hWnd = 0x0171005a; ClassName:
x=0, y=0, width=0, height=0
1:54:15 = hWnd = 0x007201de; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:48 = Process Attach

9:28:48 = end process attach
9:28:48 = ***** NULL == SampleProvider *****
9:28:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:28:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:28:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:28:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:28:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:51 = s1.
9:28:51 = s2.
9:28:54
9:28:54
9:29:33
9:29:33
9:29:34
9:29:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:47:29 = Process Attach

0:47:29 = end process attach
0:47:29 = ***** NULL == SampleProvider *****
0:47:29 = ##### Begin waiting Mutex to release process #####
0:47:29 =
ow.
x=0, y=0,
0:47:29 =
x=0, y=0,
0:47:29 =
x=0, y=0,
0:48:16 =
0:48:16 =

hWnd = 0x000d0588; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001a052e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001908de; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:48:16 = * NULL == SampleProvider *

0:48:16 = begin close Process
0:48:16 = end close Process
0:48:16 = ##### Get event and release process end #####
0:48:16 = hWnd = 0x00870176; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:48:16 = hWnd = 0x00cf002e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:48:16 = hWnd = 0x00eb0096; ClassName:
x=0, y=0, width=0, height=0
0:48:16 = hWnd = 0x004f01e8; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

8:21:0 = Process Attach
8:21:0 = end process attach
8:21:0 = ***** NULL == SampleProvider *****
8:21:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:21:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:21:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:21:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:21:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:21:5 = s1.
8:21:5 = s2.
8:21:8 = Start show animate
8:21:8 = Shell Excutute VerifyHost
8:21:46 = begin close Process
8:21:46 = Terminate Process
8:21:47 = end close Process
8:21:47 = DLL_PROCESS_DETACH
19:54:7 = Process Attach
19:54:7 = end process attach
19:54:7 = ***** NULL == SampleProvider *****
19:54:7 = ##### Begin waiting Mutex to release process #####
19:54:7 =
ow.
x=0, y=0,
19:54:7 =
x=0, y=0,
19:54:7 =
x=0, y=0,
19:55:0 =
19:55:0 =

hWnd = 0x00040424; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00030426; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000d0b90; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

19:55:0 = ##### Get event and release process #####

19:55:0 = begin close Process
19:55:0 = end close Process
19:55:0 = ##### Get event and release process end #####
19:55:0 = hWnd = 0x009e01de; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:55:0 = hWnd = 0x01500178; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
19:55:0 = hWnd = 0x0008012a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

19:55:0 = hWnd = 0x002a01d0; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
19:58:50 = Process Attach
19:58:50 = end process attach
19:58:50 = ***** NULL == SampleProvider *****
19:58:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:58:52 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:58:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:58:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:58:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:58:54 = s1.
19:58:54 = s2.
19:58:58
19:58:58
19:59:37
19:59:37
19:59:38
19:59:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:27:43 = Process Attach

0:27:43 = end process attach
0:27:43 = ***** NULL == SampleProvider *****
0:27:43 = ##### Begin waiting Mutex to release process #####
0:27:43 =
ow.
x=0, y=0,
0:27:43 =
x=0, y=0,
0:27:43 =
x=0, y=0,
0:28:16 =
0:28:16 =

hWnd = 0x00060394; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00070408; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000503ee; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:28:16 = * NULL == SampleProvider *

0:28:16 = begin close Process
0:28:16 = end close Process
0:28:16 = ##### Get event and release process end #####
0:28:16 = hWnd = 0x00400084; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:28:16 = hWnd = 0x005b01f0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:28:16 = hWnd = 0x0012002c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

0:28:16 = hWnd = 0x00220050; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:28:5 = Process Attach
8:28:5 = end process attach
8:28:5 = ***** NULL == SampleProvider *****
8:28:5 = ##### Begin waiting Mutex to release process #####
8:28:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:28:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:28:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:28:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:28:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:28:10 = s1.
8:28:10 = s2.
8:28:14
8:28:14
8:28:52
8:28:52
8:28:53
8:28:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:54:43 = Process Attach

1:54:43 = end process attach
1:54:43 = ***** NULL == SampleProvider *****
1:54:43 = ##### Begin waiting Mutex to release process #####
1:54:43 =
ow.
x=0, y=0,
1:54:43 =
x=0, y=0,
1:54:43 =
x=0, y=0,
1:55:33 =
1:55:33 =

hWnd = 0x000d0678; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000409be; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001b03d6; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:55:33 = ##### Get event and release process #####

1:55:33 = begin close Process
1:55:33 = end close Process
1:55:33 = ##### Get event and release process end #####
1:55:33 = hWnd = 0x006d01f8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:55:33 = hWnd = 0x0023005a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:55:33 =
x=0, y=0,
1:55:33 =
x=0, y=0,
8:59:49 =
8:59:49 =

width=1, height=1
hWnd = 0x001001ba; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x005d01fa; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:59:49 = * NULL == SampleProvider *

8:59:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:59:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:59:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:59:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:59:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:59:54 = s1.
8:59:54 = s2.
8:59:57 = Start show animate
8:59:57 = Shell Excutute VerifyHost
9:0:34 = begin close Process
9:0:34 = Terminate Process
9:0:35 = end close Process
9:0:35 = DLL_PROCESS_DETACH
16:37:51 = Process Attach
16:37:51 = end process attach
16:37:51 = ***** NULL == SampleProvider *****
16:37:51 = hWnd = 0x001a05b0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:37:51 = hWnd = 0x00020408; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:37:51 = ##### Begin waiting Mutex to release process #####
16:37:51 = hWnd = 0x00110502; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:37:51 = hWnd = 0x000d0546; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:37:51 = Need to re-create objects.
16:37:51 = s1.
16:37:51 = s2.
16:37:52 = Start show animate
16:37:52 = Shell Excutute VerifyHost
17:1:14 = begin close Process

17:1:14 = Terminate Process

17:1:15 = end close Process
17:1:15 = DLL_PROCESS_DETACH
17:17:6 = Process Attach
17:17:7 = end process attach
17:17:7 = ***** NULL == SampleProvider *****
17:17:7 = ##### Begin waiting Mutex to release process #####
17:17:7 = hWnd = 0x000c05fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:17:7 = hWnd = 0x003903dc; ClassName:
ow.
x=0, y=0, width=1, height=1
17:17:7 = hWnd = 0x002a05aa; ClassName:
x=0, y=0, width=0, height=0
17:17:7 = hWnd = 0x001b05e0; ClassName:
x=0, y=0, width=0, height=0
17:17:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:17:7 = s1.
17:17:7 = s2.
17:17:7 = Start show animate
17:17:7 = Shell Excutute VerifyHost
17:22:39 = begin close Process
17:22:39 = Terminate Process
17:22:40 = end close Process
17:22:40 = DLL_PROCESS_DETACH
0:2:14 = Process Attach
0:2:14 = end process attach
0:2:14 = ***** NULL == SampleProvider *****
0:2:14 = ##### Begin waiting Mutex to release process #####
0:2:14 = hWnd = 0x000f0606; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:2:14 = hWnd = 0x00140674; ClassName:
w.
x=0, y=0, width=1, height=1
0:2:14 = hWnd = 0x00280536; ClassName:
x=0, y=0, width=0, height=0
0:2:14 = hWnd = 0x010604a6; ClassName:
x=0, y=0, width=0, height=0
0:2:57 = Process Attach
0:2:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:2:57 = ##### Get event and release process #####

0:2:57 = begin close Process
0:2:57 = end close Process
0:2:57 = ##### Get event and release process end #####

0:2:57 = hWnd = 0x014e00ca; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:2:57 = hWnd = 0x00bc0146; ClassName:
w.
x=0, y=0, width=1, height=1
0:2:57 = hWnd = 0x0102019a; ClassName:
x=0, y=0, width=0, height=0
0:2:57 = hWnd = 0x00f5014c; ClassName:
x=0, y=0, width=0, height=0
6:13:50 = Process Attach
6:13:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:13:50 = * NULL == SampleProvider *

6:13:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:13:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:13:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:13:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:13:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:13:55 = s1.
6:13:55 = s2.
6:13:59
6:13:59
6:14:37
6:14:37
6:14:38
6:14:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:1:27 = Process Attach

2:1:27 = end process attach
2:1:27 = ***** NULL == SampleProvider *****
2:1:27 = hWnd = 0x0037079c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:1:27 = hWnd = 0x003606a8; ClassName:
w.
x=0, y=0, width=1, height=1
2:1:27 = hWnd = 0x00260334; ClassName:
x=0, y=0, width=0, height=0
2:1:27 = hWnd = 0x004c04ea; ClassName:
x=0, y=0, width=0, height=0
2:3:5 = Process Attach
2:3:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:3:5 = ##### Get event and release process #####

2:3:5 = ***** NULL == SampleProvider *****

2:3:5 = end close Process

2:3:5 = ##### Get event and release process end #####
2:3:5 = hWnd = 0x024100a2; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:3:5 = hWnd = 0x02c40192; ClassName:
.
x=0, y=0, width=1, height=1
2:3:5 = hWnd = 0x021d01b2; ClassName:
x=0, y=0, width=0, height=0
2:3:5 = hWnd = 0x01ba01ae; ClassName:
x=0, y=0, width=0, height=0
8:47:13 = Process Attach
8:47:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:13 = * NULL == SampleProvider *

8:47:13 = ##### Begin waiting Mutex to release process #####
8:47:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:47:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:47:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:47:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:47:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:19 = s1.
8:47:19 = s2.
8:47:23 = Start show animate
8:47:23 = Shell Excutute VerifyHost
8:48:0 = begin close Process
8:48:0 = Terminate Process
8:48:2 = end close Process
8:48:2 = DLL_PROCESS_DETACH
13:12:23 = Process Attach
13:12:23 = end process attach
13:12:23 = ***** NULL == SampleProvider *****
13:12:23 = ##### Begin waiting Mutex to release process #####
13:12:23 = hWnd = 0x000904ea; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:12:23 = hWnd = 0x000b045a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:12:23 = hWnd = 0x000704ee; ClassName:
x=0, y=0, width=0, height=0
13:12:23 = hWnd = 0x0004051a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:12:33 = Process Attach

13:12:33 = ## ERR ## Setevent
13:12:33 = ***** NULL == SampleProvider *****
13:12:33 = begin close Process
13:12:33 = end close Process
13:12:33 = ##### Get event and release process end #####
13:12:33 = hWnd = 0x007901ea; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:12:33 = hWnd = 0x00ff005e; ClassName:
dow.
x=0, y=0, width=1, height=1
13:12:33 = hWnd = 0x0006013a; ClassName:
x=0, y=0, width=0, height=0
13:12:33 = hWnd = 0x008001e6; ClassName:
x=0, y=0, width=0, height=0
13:17:34 = Process Attach
13:17:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:17:34 = * NULL == SampleProvider *

13:17:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:17:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:17:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:17:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:17:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:17:39 = s1.
13:17:39 = s2.
13:17:42
13:17:42
13:18:19
13:18:19
13:18:20
13:18:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:20:45 = Process Attach

23:20:45 = end process attach
23:20:45 = ***** NULL == SampleProvider *****
23:20:45 = hWnd = 0x000e069c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:20:45 = hWnd = 0x000d0314; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:20:45 = hWnd = 0x001204ce; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

23:20:45 = hWnd = 0x000f0670; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
23:21:59 = Process Attach
23:21:59 = ## ERR ## Setevent
23:21:59 = ##### Get event and release process #####
23:21:59 = begin close Process
23:21:59 = end close Process
23:21:59 = ##### Get event and release process end #####
23:21:59 = hWnd = 0x009d002a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:21:59 = hWnd = 0x001100ea; ClassName:
dow.
x=0, y=0, width=1, height=1
23:21:59 = hWnd = 0x016a0056; ClassName:
x=0, y=0, width=0, height=0
23:21:59 = hWnd = 0x004b008e; ClassName:
x=0, y=0, width=0, height=0
8:32:54 = Process Attach
8:32:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:32:54 = * NULL == SampleProvider *

8:32:54 = ##### Begin waiting Mutex to release process #####
8:32:56 =
ow.
x=0, y=0,
8:32:56 =
x=0, y=0,
8:32:56 =
x=0, y=0,
8:32:58 =

8:32:58 = s1.
8:32:58 = s2.
8:33:2 = Start show animate
8:33:2 = Shell Excutute VerifyHost
8:33:39 = begin close Process
8:33:39 = Terminate Process
8:33:40 = end close Process
8:33:40 = DLL_PROCESS_DETACH
1:40:19 = Process Attach
1:40:19 = end process attach
1:40:19 = ***** NULL == SampleProvider *****
1:40:19 = ##### Begin waiting Mutex to release process #####
1:40:19 =
ow.
x=0, y=0,
1:40:19 =
x=0, y=0,

hWnd = 0x00180788; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001e0550; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0

1:40:19 =
x=0, y=0,
1:41:20 =
1:41:20 =

hWnd = 0x00190774; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

1:41:20 = ##### Get event and release process #####

1:41:20 = begin close Process
1:41:20 = end close Process
1:41:20 = ##### Get event and release process end #####
1:41:20 = hWnd = 0x031001e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:41:20 = hWnd = 0x0086008c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:41:20 = hWnd = 0x00ca002a; ClassName:
x=0, y=0, width=0, height=0
1:41:20 = hWnd = 0x00e301fe; ClassName:
x=0, y=0, width=0, height=0
7:2:9 = Process Attach
7:2:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:2:9 = * NULL == SampleProvider *

7:2:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:2:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:2:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:2:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:2:13 = Need to re-create objects.
7:2:13 = s1.
7:2:13 = s2.
7:2:17
7:2:17
7:2:55
7:2:55
7:2:56
7:2:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:34:45 = Process Attach

1:34:45 = end process attach
1:34:45 = ***** NULL == SampleProvider *****
1:34:45 = ##### Begin waiting Mutex to release process #####
1:34:45 = hWnd = 0x001e0822; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:34:45 = hWnd = 0x00050c26; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
1:34:45 =
x=0, y=0,
1:35:31 =
1:35:31 =

width=0, height=0
hWnd = 0x002207ee; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:35:31 = ##### Get event and release process #####

1:35:31 = begin close Process
1:35:31 = end close Process
1:35:31 = ##### Get event and release process end #####
1:35:31 = hWnd = 0x001901f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:35:31 = hWnd = 0x00a701e0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:31 = hWnd = 0x00ca01a8; ClassName:
x=0, y=0, width=0, height=0
1:35:31 = hWnd = 0x0204002c; ClassName:
x=0, y=0, width=0, height=0
7:37:22 = Process Attach
7:37:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:37:22 = * NULL == SampleProvider *

7:37:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:37:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:37:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:37:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:37:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:37:26 = s1.
7:37:26 = s2.
7:37:30
7:37:30
7:38:11
7:38:11
7:38:12
7:38:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:37:59 = Process Attach

0:37:59 = end process attach
0:37:59 = ***** NULL == SampleProvider *****
0:37:59 = hWnd = 0x000613ec; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:37:59 = hWnd = 0x000804a4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

0:37:59 = hWnd = 0x000c0496; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:37:59 = hWnd = 0x000c04fa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:39:4 = Process Attach
0:39:4 = ## ERR ## Setevent
0:39:4 = ***** NULL == SampleProvider *****
0:39:4 = begin close Process
0:39:4 = end close Process
0:39:4 = ##### Get event and release process end #####
0:39:4 = hWnd = 0x00db002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:39:4 = hWnd = 0x01ab0092; ClassName:
w.
x=0, y=0, width=1, height=1
0:39:4 = hWnd = 0x011e0180; ClassName:
x=0, y=0, width=0, height=0
0:39:4 = hWnd = 0x013900a2; ClassName:
x=0, y=0, width=0, height=0
9:22:37 = Process Attach
9:22:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:22:37 = * NULL == SampleProvider *

9:22:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:22:38 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:22:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:22:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:22:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:22:41 = s1.
9:22:41 = s2.
9:22:45
9:22:45
9:23:22
9:23:22
9:23:23
9:23:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:36:41 = Process Attach

21:36:41 = end process attach
21:36:41 = ***** NULL == SampleProvider *****
21:36:41 = ##### Begin waiting Mutex to release process #####
21:36:41 = hWnd = 0x000b0924; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
21:36:41 = hWnd = 0x00060810; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:36:41 = hWnd = 0x0013089e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:37:42 = Process Attach
21:37:42 = ## ERR ## Setevent
21:37:42 = ##### Get event and release process #####
21:37:42 = begin close Process
21:37:42 = end close Process
21:37:42 = ##### Get event and release process end #####
21:37:42 = hWnd = 0x00e5005a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:37:42 = hWnd = 0x00a101fa; ClassName:
dow.
x=0, y=0, width=1, height=1
21:37:42 = hWnd = 0x00a0002a; ClassName:
x=0, y=0, width=0, height=0
21:37:42 = hWnd = 0x01360080; ClassName:
x=0, y=0, width=0, height=0
21:41:56 = Process Attach
21:41:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:41:56 = * NULL == SampleProvider *

21:41:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:41:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:41:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:41:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:42:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:42:1 = s1.
21:42:1 = s2.
21:42:5 = Start show animate
21:42:5 = Shell Excutute VerifyHost
21:42:43 = begin close Process
21:42:43 = Terminate Process
21:42:44 = end close Process
21:42:44 = DLL_PROCESS_DETACH
0:51:29 = Process Attach
0:51:29 = end process attach
0:51:29 = ***** NULL == SampleProvider *****
0:51:29 = ##### Begin waiting Mutex to release process #####

0:51:30 = hWnd = 0x000907ee; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:51:30 = hWnd = 0x00110a78; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:30 = hWnd = 0x0011062a; ClassName:
x=0, y=0, width=0, height=0
0:51:30 = hWnd = 0x000704a2; ClassName:
x=0, y=0, width=0, height=0
0:52:27 = Process Attach
0:52:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:27 = * NULL == SampleProvider *

0:52:27 = begin close Process
0:52:27 = end close Process
0:52:27 = ##### Get event and release process end #####
0:52:27 = hWnd = 0x00610056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:52:27 = hWnd = 0x000801e0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:52:27 = hWnd = 0x00050118; ClassName:
x=0, y=0, width=0, height=0
0:52:27 = hWnd = 0x001001d4; ClassName:
x=0, y=0, width=0, height=0
6:18:21 = Process Attach
6:18:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:18:21 = * NULL == SampleProvider *

6:18:21 = ##### Begin waiting Mutex to release process #####
6:18:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:18:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:18:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:18:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:18:25 = Need to re-create objects.
6:18:25 = s1.
6:18:25 = s2.
6:18:27 = Start show animate
6:18:27 = Shell Excutute VerifyHost
6:19:3 = begin close Process
6:19:3 = Terminate Process
6:19:4 = end close Process
6:19:4 = DLL_PROCESS_DETACH
22:39:31 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:39:31 = end process attach

22:39:31 = ***** NULL == SampleProvider *****
22:39:31 = hWnd = 0x0004038c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:39:31 = hWnd = 0x00030384; ClassName:
dow.
x=0, y=0, width=1, height=1
22:39:31 = hWnd = 0x00040388; ClassName:
x=0, y=0, width=0, height=0
22:39:31 = hWnd = 0x000403a6; ClassName:
x=0, y=0, width=0, height=0
22:40:23 = Process Attach
22:40:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:40:23 = ##### Get event and release process #####

22:40:23 = begin close Process
22:40:23 = end close Process
22:40:23 = ##### Get event and release process end #####
22:40:23 = ***** NULL == SampleProvider *****
22:40:23 = hWnd = 0x01ad01be; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:40:23 = hWnd = 0x00760100; ClassName:
dow.
x=0, y=0, width=1, height=1
22:40:23 = hWnd = 0x00470038; ClassName:
x=0, y=0, width=0, height=0
22:40:23 = hWnd = 0x015900a2; ClassName:
x=0, y=0, width=0, height=0
9:47:32 = Process Attach
9:47:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:47:32 = * NULL == SampleProvider *

9:47:32 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:47:33 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:47:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:47:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:47:36 = Need to re-create objects.
9:47:37 = s1.
9:47:37 = s2.
9:47:41
9:47:41
9:48:19
9:48:19

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:48:20 = end close Process

9:48:20 = DLL_PROCESS_DETACH
23:47:18 = Process Attach
23:47:18 = end process attach
23:47:18 = ***** NULL == SampleProvider *****
23:47:18 = ##### Begin waiting Mutex to release process #####
23:47:18 = hWnd = 0x000a0864; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:47:18 = hWnd = 0x00200334; ClassName:
dow.
x=0, y=0, width=1, height=1
23:47:18 = hWnd = 0x000508b2; ClassName:
x=0, y=0, width=0, height=0
23:47:18 = hWnd = 0x000d04bc; ClassName:
x=0, y=0, width=0, height=0
23:48:24 = Process Attach
23:48:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:48:24 = ##### Get event and release process #####

23:48:24 = ***** NULL == SampleProvider *****
23:48:24 = end close Process
23:48:24 = ##### Get event and release process end #####
23:48:24 = hWnd = 0x011200f2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:48:24 = hWnd = 0x009e01d8; ClassName:
dow.
x=0, y=0, width=1, height=1
23:48:24 = hWnd = 0x016700d0; ClassName:
x=0, y=0, width=0, height=0
23:48:24 = hWnd = 0x013000ca; ClassName:
x=0, y=0, width=0, height=0
8:55:29 = Process Attach
8:55:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:55:29 = * NULL == SampleProvider *

8:55:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:55:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:55:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:55:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:55:33 = Need to re-create objects.
8:55:33 = s1.
8:55:33 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:55:37
8:55:37
8:56:14
8:56:14
8:56:15
8:56:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:52:23 = Process Attach

0:52:23 = end process attach
0:52:23 = ***** NULL == SampleProvider *****
0:52:23 = hWnd = 0x00040c5c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:52:23 = hWnd = 0x00030c74; ClassName:
ow.
x=0, y=0, width=1, height=1
0:52:23 = hWnd = 0x00040c52; ClassName:
x=0, y=0, width=0, height=0
0:52:23 = hWnd = 0x00050c5e; ClassName:
x=0, y=0, width=0, height=0
0:53:24 = Process Attach
0:53:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:53:24 = ##### Get event and release process #####

0:53:24 = begin close Process
0:53:24 = end close Process
0:53:24 = ##### Get event and release process end #####
0:53:24 = hWnd = 0x008801dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:53:24 = hWnd = 0x00fb01f6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:53:24 = hWnd = 0x00f701da; ClassName:
x=0, y=0, width=0, height=0
0:53:24 = hWnd = 0x00ed008e; ClassName:
x=0, y=0, width=0, height=0
8:49:25 = Process Attach
8:49:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:49:25 = * NULL == SampleProvider *

8:49:25 = ##### Begin waiting Mutex to release process #####
8:49:26 =
ow.
x=0, y=0,
8:49:26 =
x=0, y=0,
8:49:26 =
x=0, y=0,
8:49:30 =

8:49:30 = s1.

8:49:30 = s2.
8:49:34
8:49:34
8:50:10
8:50:10
8:50:11
8:50:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:0:48 = Process Attach

16:0:48 = end process attach
16:0:48 = ***** NULL == SampleProvider *****
16:0:48 = ##### Begin waiting Mutex to release process #####
16:0:48 = hWnd = 0x000305d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:0:48 = hWnd = 0x00040464; ClassName:
ow.
x=0, y=0, width=1, height=1
16:0:48 = hWnd = 0x00030506; ClassName:
x=0, y=0, width=0, height=0
16:0:48 = hWnd = 0x0005062a; ClassName:
x=0, y=0, width=0, height=0
16:0:54 = Process Attach
16:0:54 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:0:54 = ##### Get event and release process #####

16:0:54 = begin close Process
16:0:54 = end close Process
16:0:54 = ##### Get event and release process end #####
16:0:54 = hWnd = 0x000a01ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:0:54 = hWnd = 0x0016018e; ClassName:
ow.
x=0, y=0, width=1, height=1
16:0:54 = hWnd = 0x0008005a; ClassName:
x=0, y=0, width=0, height=0
16:0:54 = hWnd = 0x003401b8; ClassName:
x=0, y=0, width=0, height=0
16:36:54 = Process Attach
16:36:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:55 = ##### Begin waiting Mutex to release process #####

16:36:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:36:55 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:36:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:36:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:59 = Need to re-create objects.

16:37:0 = s1.
16:37:0 = s2.
16:37:3 = Start show animate
16:37:3 = Shell Excutute VerifyHost
16:37:39 = begin close Process
16:37:39 = Terminate Process
16:37:40 = end close Process
16:37:40 = DLL_PROCESS_DETACH
0:51:50 = Process Attach
0:51:50 = end process attach
0:51:50 = ***** NULL == SampleProvider *****
0:51:50 = hWnd = 0x000206a4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:51:50 = hWnd = 0x000206a8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:50 = hWnd = 0x0002069e; ClassName:
x=0, y=0, width=0, height=0
0:51:50 = hWnd = 0x000206a6; ClassName:
x=0, y=0, width=0, height=0
0:52:58 = Process Attach
0:52:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:58 = ##### Get event and release process #####

0:52:58 = begin close Process
0:52:58 = ***** NULL == SampleProvider *****
0:52:58 = ##### Get event and release process end #####
0:52:58 = hWnd = 0x006f013c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:52:58 = hWnd = 0x011900a8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:52:58 = hWnd = 0x006e002c; ClassName:
x=0, y=0, width=0, height=0
0:52:58 = hWnd = 0x006b01a4; ClassName:
x=0, y=0, width=0, height=0
9:19:6 = Process Attach
9:19:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:6 = * NULL == SampleProvider *

9:19:6 = ##### Begin waiting Mutex to release process #####
9:19:7 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:19:7 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

9:19:7 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:19:7 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:19:12 = Need to re-create objects.
9:19:13 = s1.
9:19:13 = s2.
9:19:17
9:19:17
9:19:54
9:19:54
9:19:55
9:19:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:49:15 = Process Attach

10:49:16 = end process attach
10:49:16 = ***** NULL == SampleProvider *****
10:49:16 = ##### Begin waiting Mutex to release process #####
10:49:16 = hWnd = 0x000e0530; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:49:16 = hWnd = 0x001f066e; ClassName:
dow.
x=0, y=0, width=1, height=1
10:49:16 = hWnd = 0x000c069e; ClassName:
x=0, y=0, width=0, height=0
10:49:16 = hWnd = 0x001b03e0; ClassName:
x=0, y=0, width=0, height=0
10:49:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:49:16 = s1.
10:49:16 = s2.
10:49:17
10:49:17
10:51:10
10:51:10
10:51:11
10:51:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:44:38 = Process Attach

1:44:38 = end process attach
1:44:38 = ##### Begin waiting Mutex to release process #####
1:44:38 = ***** NULL == SampleProvider *****
1:44:38 = hWnd = 0x000e0404; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:44:38 = hWnd = 0x000607ae; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
1:44:38 =
x=0, y=0,
1:44:38 =
x=0, y=0,
1:45:13 =
1:45:13 =

width=1, height=1
hWnd = 0x001703a2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00330856; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:45:13 = * NULL == SampleProvider *

1:45:13 = begin close Process
1:45:13 = end close Process
1:45:13 = ##### Get event and release process end #####
1:45:13 = hWnd = 0x00a901fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:45:13 = hWnd = 0x01400094; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:13 = hWnd = 0x0199006c; ClassName:
x=0, y=0, width=0, height=0
1:45:13 = hWnd = 0x007c002c; ClassName:
x=0, y=0, width=0, height=0
2:4:49 = Process Attach
2:4:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:4:49 = * NULL == SampleProvider *

2:4:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:4:50 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
2:4:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:4:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
2:4:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:4:54 = s1.
2:4:54 = s2.
2:4:57
2:4:57
2:5:35
2:5:35
2:5:36
2:5:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:24:16 = Process Attach

2:24:16 = end process attach
2:24:16 = ##### Begin waiting Mutex to release process #####
2:24:16 = hWnd = 0x00040620; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

2:24:16 =
ow.
x=0, y=0,
2:24:16 =
x=0, y=0,
2:24:16 =
x=0, y=0,
2:24:24 =
2:24:24 =

hWnd = 0x0005062a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000604b6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00050630; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:24:24 = * NULL == SampleProvider *

2:24:24 = begin close Process
2:24:24 = end close Process
2:24:24 = ##### Get event and release process end #####
2:24:24 = hWnd = 0x000d006a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:24:24 = hWnd = 0x0007005c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:24 = hWnd = 0x000301ce; ClassName:
x=0, y=0, width=0, height=0
2:24:24 = hWnd = 0x000e016a; ClassName:
x=0, y=0, width=0, height=0
10:9:4 = Process Attach
10:9:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:4 = * NULL == SampleProvider *

10:9:4 = ##### Begin waiting Mutex to release process #####
10:9:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:9:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
10:9:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:9:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:9:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:9 = s1.
10:9:9 = s2.
10:9:12
10:9:12
10:9:48
10:9:48
10:9:49
10:9:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:27:48 = Process Attach

0:27:48 = end process attach
0:27:48 = ***** NULL == SampleProvider *****

0:27:48 = hWnd = 0x000403e8; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:27:48 = hWnd = 0x00090586; ClassName:
ow.
x=0, y=0, width=1, height=1
0:27:48 = hWnd = 0x000f04a4; ClassName:
x=0, y=0, width=0, height=0
0:27:48 = hWnd = 0x000503c8; ClassName:
x=0, y=0, width=0, height=0
0:28:29 = Process Attach
0:28:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:28:29 = ##### Get event and release process #####

0:28:29 = begin close Process
0:28:29 = end close Process
0:28:29 = ##### Get event and release process end #####
0:28:29 = hWnd = 0x004501d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:28:29 = hWnd = 0x012501f2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:28:29 = hWnd = 0x002701fe; ClassName:
x=0, y=0, width=0, height=0
0:28:29 = hWnd = 0x009a0082; ClassName:
x=0, y=0, width=0, height=0
9:21:41 = Process Attach
9:21:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:42 = * NULL == SampleProvider *

9:21:42 = ##### Begin waiting Mutex to release process #####
9:21:43 =
ow.
x=0, y=0,
9:21:43 =
x=0, y=0,
9:21:43 =
x=0, y=0,
9:21:48 =

9:21:48 = s1.
9:21:48 = s2.
9:21:52
9:21:52
9:22:29
9:22:29
9:22:30
9:22:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:26:43 = Process Attach

10:26:43 = end process attach

10:26:43 = * NULL == SampleProvider *

10:26:43 = hWnd = 0x0003042a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:26:43 = hWnd = 0x00040314; ClassName:
dow.
x=0, y=0, width=1, height=1
10:26:43 = hWnd = 0x0002031a; ClassName:
x=0, y=0, width=0, height=0
10:26:43 = hWnd = 0x00040316; ClassName:
x=0, y=0, width=0, height=0
10:26:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:26:43 = s1.
10:26:43 = s2.
10:26:43 = Start show animate
10:26:43 = Shell Excutute VerifyHost
10:28:1 = begin close Process
10:28:1 = Terminate Process
10:28:2 = end close Process
10:28:2 = DLL_PROCESS_DETACH
11:58:17 = Process Attach
11:58:17 = end process attach
11:58:17 = ***** NULL == SampleProvider *****
11:58:17 = ##### Begin waiting Mutex to release process #####
11:58:17 = hWnd = 0x0005004e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:58:17 = hWnd = 0x00030646; ClassName:
dow.
x=0, y=0, width=1, height=1
11:58:17 = hWnd = 0x000f047c; ClassName:
x=0, y=0, width=0, height=0
11:58:17 = hWnd = 0x0003059a; ClassName:
x=0, y=0, width=0, height=0
11:58:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:58:17 = s1.
11:58:17 = s2.
11:58:17
11:58:17
13:10:23
13:10:23
13:10:24
13:10:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:4:57 = Process Attach

0:4:57 = end process attach
0:4:57 = ***** NULL == SampleProvider *****

0:4:57 = hWnd = 0x000e056e; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:4:57 = hWnd = 0x000906ce; ClassName:
w.
x=0, y=0, width=1, height=1
0:4:57 = hWnd = 0x000f04c0; ClassName:
x=0, y=0, width=0, height=0
0:4:57 = hWnd = 0x000d0706; ClassName:
x=0, y=0, width=0, height=0
0:5:46 = Process Attach
0:5:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:5:46 = ##### Get event and release process #####

0:5:46 = begin close Process
0:5:46 = end close Process
0:5:46 = ##### Get event and release process end #####
0:5:46 = hWnd = 0x00620172; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:5:46 = hWnd = 0x00b70184; ClassName:
w.
x=0, y=0, width=1, height=1
0:5:46 = hWnd = 0x004b002e; ClassName:
x=0, y=0, width=0, height=0
0:5:46 = hWnd = 0x00d20094; ClassName:
x=0, y=0, width=0, height=0
1:19:43 = Process Attach
1:19:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:19:43 = * NULL == SampleProvider *

1:19:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:19:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:19:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:19:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:19:47 = Need to re-create objects.
1:19:48 = s1.
1:19:48 = s2.
1:19:52
1:19:52
1:20:28
1:20:28
1:20:29
1:20:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:28:9 = Process Attach

1:28:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:28:9 = * NULL == SampleProvider *

1:28:9 = ##### Begin waiting Mutex to release process #####
1:28:9 = hWnd = 0x00030426; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:28:9 = hWnd = 0x000404ee; ClassName:
w.
x=0, y=0, width=1, height=1
1:28:9 = hWnd = 0x00030450; ClassName:
x=0, y=0, width=0, height=0
1:28:9 = hWnd = 0x00030430; ClassName:
x=0, y=0, width=0, height=0
1:28:23 = Process Attach
1:28:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:28:23 = ##### Get event and release process #####

1:28:23 = begin close Process
1:28:23 = end close Process
1:28:23 = ##### Get event and release process end #####
1:28:23 = hWnd = 0x000101f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:28:23 = hWnd = 0x000101ec; ClassName:
ow.
x=0, y=0, width=1, height=1
1:28:23 = hWnd = 0x000101f8; ClassName:
x=0, y=0, width=0, height=0
1:28:23 = hWnd = 0x000101ee; ClassName:
x=0, y=0, width=0, height=0
3:19:57 = Process Attach
3:19:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:19:57 = * NULL == SampleProvider *

3:19:57 = ##### Begin waiting Mutex to release process #####
3:19:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:19:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
3:19:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
3:19:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
3:20:2 = Need to re-create objects.
3:20:2 = s1.
3:20:2 = s2.
3:20:6 = Start show animate
3:20:6 = Shell Excutute VerifyHost
3:20:44 = begin close Process
3:20:44 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:20:45 = end close Process

3:20:45 = DLL_PROCESS_DETACH
4:42:19 = Process Attach
4:42:19 = end process attach
4:42:19 = ***** NULL == SampleProvider *****
4:42:19 = ##### Begin waiting Mutex to release process #####
4:42:19 = hWnd = 0x000405b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:42:19 = hWnd = 0x00040514; ClassName:
ow.
x=0, y=0, width=1, height=1
4:42:19 = hWnd = 0x000305d2; ClassName:
x=0, y=0, width=0, height=0
4:42:19 = hWnd = 0x000a05cc; ClassName:
x=0, y=0, width=0, height=0
4:43:11 = Process Attach
4:43:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:43:11 = * NULL == SampleProvider *

4:43:11 = begin close Process
4:43:11 = end close Process
4:43:11 = ##### Get event and release process end #####
4:43:11 = hWnd = 0x000c004a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:43:11 = hWnd = 0x000d01d8; ClassName:
ow.
x=0, y=0, width=1, height=1
4:43:11 = hWnd = 0x000b0064; ClassName:
x=0, y=0, width=0, height=0
4:43:11 = hWnd = 0x001200c6; ClassName:
x=0, y=0, width=0, height=0
10:6:2 = Process Attach
10:6:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:3 = * NULL == SampleProvider *

10:6:3 = ##### Begin waiting Mutex to release process #####
10:6:3 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
10:6:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:6:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:6:6 = Need to re-create objects.
10:6:7 = s1.
10:6:7 = s2.
10:6:10 = Start show animate

10:6:10
10:6:49
10:6:49
10:6:50
10:6:50

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:32:27 = Process Attach

1:32:27 = end process attach
1:32:27 = ##### Begin waiting Mutex to release process #####
1:32:27 = hWnd = 0x00240952; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:32:27 = hWnd = 0x001c12ec; ClassName:
ow.
x=0, y=0, width=1, height=1
1:32:27 = hWnd = 0x0005096a; ClassName:
x=0, y=0, width=0, height=0
1:32:27 = hWnd = 0x00050482; ClassName:
x=0, y=0, width=0, height=0
1:33:24 = Process Attach
1:33:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:24 = ##### Get event and release process #####

1:33:24 = begin close Process
1:33:24 = end close Process
1:33:24 = ##### Get event and release process end #####
1:33:24 = hWnd = 0x01aa01f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:33:24 = hWnd = 0x005c008e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:24 = hWnd = 0x010301fa; ClassName:
x=0, y=0, width=0, height=0
1:33:24 = hWnd = 0x010601dc; ClassName:
x=0, y=0, width=0, height=0
10:19:28 = Process Attach
10:19:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:28 = ##### Begin waiting Mutex to release process #####

10:19:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:19:29 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:19:29 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:19:32 = Need to re-create objects.
10:19:32 = s1.
10:19:32 = s2.
10:19:35 = Start show animate
10:19:35 = Shell Excutute VerifyHost

10:20:13
10:20:13
10:20:14
10:20:14

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

11:55:59 = Process Attach

11:55:59 = end process attach
11:55:59 = ***** NULL == SampleProvider *****
11:55:59 = ##### Begin waiting Mutex to release process #####
11:55:59 = hWnd = 0x000604a4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:55:59 = hWnd = 0x00060670; ClassName:
dow.
x=0, y=0, width=1, height=1
11:55:59 = hWnd = 0x000506f0; ClassName:
x=0, y=0, width=0, height=0
11:55:59 = hWnd = 0x0005065c; ClassName:
x=0, y=0, width=0, height=0
11:56:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:56:0 = s1.
11:56:0 = s2.
11:56:0 = Start show animate
11:56:0 = Shell Excutute VerifyHost
12:13:22 = begin close Process
12:13:22 = Terminate Process
12:13:23 = end close Process
12:13:23 = DLL_PROCESS_DETACH
17:36:12 = Process Attach
17:36:12 = end process attach
17:36:12 = ***** NULL == SampleProvider *****
17:36:12 = ##### Begin waiting Mutex to release process #####
17:36:13 = hWnd = 0x000b06c0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:37:9 = hWnd = 0x01440b88; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
17:37:9 = hWnd = 0x02370b22; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:37:9 = hWnd = 0x00490b3a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:37:19 = begin close Process
17:37:19 = end close Process
17:37:19 = DLL_PROCESS_DETACH
1:33:59 = Process Attach
1:33:59 = end process attach
1:33:59 = ##### Begin waiting Mutex to release process #####

1:33:59 = hWnd = 0x000507d8; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:59 = hWnd = 0x00080648; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:59 = hWnd = 0x000505b8; ClassName:
x=0, y=0, width=0, height=0
1:33:59 = hWnd = 0x001206f6; ClassName:
x=0, y=0, width=0, height=0
1:34:46 = Process Attach
1:34:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:46 = * NULL == SampleProvider *

1:34:46 = begin close Process
1:34:46 = end close Process
1:34:46 = ##### Get event and release process end #####
1:34:46 = hWnd = 0x00880052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:46 = hWnd = 0x00a001d2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:46 = hWnd = 0x006001d6; ClassName:
x=0, y=0, width=0, height=0
1:34:46 = hWnd = 0x010e01c0; ClassName:
x=0, y=0, width=0, height=0
9:43:29 = Process Attach
9:43:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:43:29 = * NULL == SampleProvider *

9:43:29 = ##### Begin waiting Mutex to release process #####
9:43:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:43:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:43:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:43:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:43:33 = Need to re-create objects.
9:43:33 = s1.
9:43:33 = s2.
9:43:37
9:43:37
9:44:14
9:44:14
9:44:15
9:44:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:13:34 = Process Attach

11:13:34 = end process attach
11:13:34 = ***** NULL == SampleProvider *****
11:13:34 = ##### Begin waiting Mutex to release process #####
11:13:34 = hWnd = 0x00030356; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:13:34 = hWnd = 0x0003035e; ClassName:
dow.
x=0, y=0, width=1, height=1
11:13:34 = hWnd = 0x00040474; ClassName:
x=0, y=0, width=0, height=0
11:13:34 = hWnd = 0x0005035a; ClassName:
x=0, y=0, width=0, height=0
11:13:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:13:34 = s1.
11:13:34 = s2.
11:13:35
11:13:35
11:14:56
11:14:56
11:14:57
11:14:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:18:56 = Process Attach

12:18:56 = end process attach
12:18:56 = ***** NULL == SampleProvider *****
12:18:56 = ##### Begin waiting Mutex to release process #####
12:18:56 = hWnd = 0x00140496; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:18:56 = hWnd = 0x0008039c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:18:56 = hWnd = 0x000403ba; ClassName:
x=0, y=0, width=0, height=0
12:18:56 = hWnd = 0x0011035e; ClassName:
x=0, y=0, width=0, height=0
12:18:56 = Need to re-create objects.
12:18:56 = s1.
12:18:56 = s2.
12:18:56
12:18:56
12:55:26
12:55:26
12:55:27
12:55:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:36:36 = Process Attach

0:36:36 = end process attach
0:36:36 = ***** NULL == SampleProvider *****
0:36:36 = ##### Begin waiting Mutex to release process #####
0:36:36 = hWnd = 0x001a030e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:36:36 = hWnd = 0x000703cc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:36:36 = hWnd = 0x002704d6; ClassName:
x=0, y=0, width=0, height=0
0:36:36 = hWnd = 0x000a0662; ClassName:
x=0, y=0, width=0, height=0
0:36:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:36:36 = s1.
0:36:36 = s2.
0:36:36
0:36:36
0:41:23
0:41:23
0:41:24
0:41:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:50:0 = Process Attach

0:50:0 = end process attach
0:50:0 = ***** NULL == SampleProvider *****
0:50:0 = ##### Begin waiting Mutex to release process #####
0:50:0 = hWnd = 0x001603aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:50:0 = hWnd = 0x007505be; ClassName:
w.
x=0, y=0, width=1, height=1
0:50:0 = hWnd = 0x0007058e; ClassName:
x=0, y=0, width=0, height=0
0:50:0 = hWnd = 0x00090576; ClassName:
x=0, y=0, width=0, height=0
0:50:34 = Process Attach
0:50:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:50:34 = * NULL == SampleProvider *

0:50:34 = begin close Process
0:50:34 = end close Process
0:50:34 = ##### Get event and release process end #####
0:50:34 = hWnd = 0x0192009a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:50:34 = hWnd = 0x003301de; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
0:50:34 =
x=0, y=0,
0:50:34 =
x=0, y=0,
7:18:46 =
7:18:46 =

width=1, height=1
hWnd = 0x0076004c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x005900a0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:18:46 = * NULL == SampleProvider *

7:18:46 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:18:46 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:18:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:18:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:18:49 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:18:50 = s1.
7:18:50 = s2.
7:18:52
7:18:52
7:19:30
7:19:30
7:19:31
7:19:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:8:59 = Process Attach

8:8:59 = end process attach
8:8:59 = ***** NULL == SampleProvider *****
8:8:59 = ##### Begin waiting Mutex to release process #####
8:8:59 = hWnd = 0x00050aa6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:8:59 = hWnd = 0x000705c6; ClassName:
w.
x=0, y=0, width=1, height=1
8:8:59 = hWnd = 0x000504ce; ClassName:
x=0, y=0, width=0, height=0
8:8:59 = hWnd = 0x0009059c; ClassName:
x=0, y=0, width=0, height=0
8:9:10 = Process Attach
8:9:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:9:10 = * NULL == SampleProvider *

8:9:10 = begin close Process
8:9:10 = end close Process
8:9:10 = ##### Get event and release process end #####

8:9:10 = hWnd = 0x00c100f4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:9:10 = hWnd = 0x015f004e; ClassName:
w.
x=0, y=0, width=1, height=1
8:9:10 = hWnd = 0x001500ec; ClassName:
x=0, y=0, width=0, height=0
8:9:10 = hWnd = 0x01630104; ClassName:
x=0, y=0, width=0, height=0
12:55:21 = Process Attach
12:55:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:55:21 = * NULL == SampleProvider *

12:55:21 = ##### Begin waiting Mutex to release process #####
12:55:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:55:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:55:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:55:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:55:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:55:26 = s1.
12:55:26 = s2.
12:55:31 = Start show animate
12:55:31 = Shell Excutute VerifyHost
12:56:8 = begin close Process
12:56:8 = Terminate Process
12:56:9 = end close Process
12:56:9 = DLL_PROCESS_DETACH
14:7:19 = Process Attach
14:7:20 = end process attach
14:7:20 = ##### Begin waiting Mutex to release process #####
14:7:20 = hWnd = 0x0008057c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:7:20 = hWnd = 0x00030440; ClassName:
ow.
x=0, y=0, width=1, height=1
14:7:20 = hWnd = 0x000a0484; ClassName:
x=0, y=0, width=0, height=0
14:7:20 = hWnd = 0x000d047e; ClassName:
x=0, y=0, width=0, height=0
14:7:30 = Process Attach
14:7:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:7:30 = * NULL == SampleProvider *

14:7:30 = begin close Process

14:7:30 = end close Process
14:7:30 = ##### Get event and release process end #####
14:7:30 = hWnd = 0x0102010e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:7:30 = hWnd = 0x0061011a; ClassName:
ow.
x=0, y=0, width=1, height=1
14:7:30 = hWnd = 0x0053003a; ClassName:
x=0, y=0, width=0, height=0
14:7:30 = hWnd = 0x01c6010c; ClassName:
x=0, y=0, width=0, height=0
16:31:32 = Process Attach
16:31:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:31:32 = * NULL == SampleProvider *

16:31:32 = ##### Begin waiting Mutex to release process #####
16:31:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:31:33 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:31:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:31:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:31:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:31:37 = s1.
16:31:37 = s2.
16:31:42
16:31:42
16:32:20
16:32:20
16:32:21
16:32:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:49:57 = Process Attach

17:49:57 = end process attach
17:49:57 = ##### Begin waiting Mutex to release process #####
17:49:57 = ***** NULL == SampleProvider *****
17:49:57 = hWnd = 0x005e06c0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:49:57 = hWnd = 0x00200708; ClassName:
dow.
x=0, y=0, width=1, height=1
17:49:57 = hWnd = 0x001204ec; ClassName:
x=0, y=0, width=0, height=0
17:49:57 = hWnd = 0x00160714; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

17:50:8 = Process Attach
17:50:8 = ## ERR ## Setevent
17:50:8 = ##### Get event and release process #####
17:50:8 = begin close Process
17:50:8 = end close Process
17:50:8 = ##### Get event and release process end #####
17:50:8 = ***** NULL == SampleProvider *****
17:50:8 = hWnd = 0x000b002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:50:8 = hWnd = 0x00090084; ClassName:
ow.
x=0, y=0, width=1, height=1
17:50:8 = hWnd = 0x00120050; ClassName:
x=0, y=0, width=0, height=0
17:50:8 = hWnd = 0x0026008e; ClassName:
x=0, y=0, width=0, height=0
17:54:22 = Process Attach
17:54:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:54:22 = * NULL == SampleProvider *

17:54:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:54:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:54:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:54:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:54:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:54:26 = s1.
17:54:26 = s2.
17:54:30 = Start show animate
17:54:30 = Shell Excutute VerifyHost
17:55:8 = begin close Process
17:55:8 = Terminate Process
17:55:9 = end close Process
17:55:9 = DLL_PROCESS_DETACH
2:43:27 = Process Attach
2:43:27 = end process attach
2:43:27 = ***** NULL == SampleProvider *****
2:43:27 = ##### Begin waiting Mutex to release process #####
2:43:27 = hWnd = 0x00020d52; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

2:43:27 =
x=0, y=0,
2:43:27 =
x=0, y=0,
2:44:12 =
2:44:12 =

hWnd = 0x000404c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00020d50; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:44:12 = ##### Get event and release process #####

2:44:12 = begin close Process
2:44:12 = end close Process
2:44:12 = ##### Get event and release process end #####
2:44:12 = hWnd = 0x0070015a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:44:12 = hWnd = 0x00960194; ClassName:
ow.
x=0, y=0, width=1, height=1
2:44:12 = hWnd = 0x003901ac; ClassName:
x=0, y=0, width=0, height=0
2:44:12 = hWnd = 0x007101f2; ClassName:
x=0, y=0, width=0, height=0
8:46:50 = Process Attach
8:46:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:46:50 = * NULL == SampleProvider *

8:46:50 = ##### Begin waiting Mutex to release process #####
8:46:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:46:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:46:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:46:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:46:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:46:55 = s1.
8:46:55 = s2.
8:46:59
8:46:59
8:47:36
8:47:36
8:47:37
8:47:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:22:20 = Process Attach

9:22:20 = end process attach
9:22:20 = ***** NULL == SampleProvider *****
9:22:20 = ##### Begin waiting Mutex to release process #####

9:22:20 = hWnd = 0x000303d2; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:22:20 = hWnd = 0x000403d4; ClassName:
ow.
x=0, y=0, width=1, height=1
9:22:20 = hWnd = 0x000202fa; ClassName:
x=0, y=0, width=0, height=0
9:22:20 = hWnd = 0x00020140; ClassName:
x=0, y=0, width=0, height=0
9:22:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:22:20 = s1.
9:22:20 = s2.
9:22:20
9:22:20
9:25:49
9:25:49
9:25:50
9:25:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:27:36 = Process Attach

11:27:36 = end process attach
11:27:36 = ***** NULL == SampleProvider *****
11:27:36 = ##### Begin waiting Mutex to release process #####
11:27:36 = hWnd = 0x000a0568; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:27:36 = hWnd = 0x00030506; ClassName:
dow.
x=0, y=0, width=1, height=1
11:27:36 = hWnd = 0x00020590; ClassName:
x=0, y=0, width=0, height=0
11:27:36 = hWnd = 0x00020596; ClassName:
x=0, y=0, width=0, height=0
11:27:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:36 = s1.
11:27:36 = s2.
11:27:36
11:27:36
11:30:18
11:30:18
11:30:19
11:30:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:22:23 = Process Attach

0:22:23 = end process attach
0:22:23 = ***** NULL == SampleProvider *****
0:22:23 = ##### Begin waiting Mutex to release process #####

0:22:23 = hWnd = 0x000708ba; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:22:23 = hWnd = 0x000b08d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:22:23 = hWnd = 0x0006095a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:23:4 = Process Attach
0:23:4 = ## ERR ## Setevent
0:23:4 = ##### Get event and release process #####
0:23:4 = begin close Process
0:23:4 = end close Process
0:23:4 = ##### Get event and release process end #####
0:23:4 = hWnd = 0x00b301f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:23:4 = hWnd = 0x007301da; ClassName:
w.
x=0, y=0, width=1, height=1
0:23:4 = hWnd = 0x008b01dc; ClassName:
x=0, y=0, width=0, height=0
0:23:4 = hWnd = 0x003a017a; ClassName:
x=0, y=0, width=0, height=0
1:19:24 = Process Attach
1:19:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:19:24 = * NULL == SampleProvider *

1:19:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:19:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:19:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:19:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:19:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:19:28 = s1.
1:19:28 = s2.
1:19:32 = Start show animate
1:19:32 = Shell Excutute VerifyHost
1:20:8 = begin close Process
1:20:8 = Terminate Process
1:20:9 = end close Process
1:20:9 = DLL_PROCESS_DETACH
1:38:1 = Process Attach
1:38:1 = end process attach
1:38:1 = ***** NULL == SampleProvider *****
1:38:1 = hWnd = 0x00030632; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
1:38:1 = hWnd = 0x0003062e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:38:1 = hWnd = 0x00040428; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:38:1 = hWnd = 0x00030630; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:38:13 = Process Attach
1:38:13 = ## ERR ## Setevent
1:38:13 = ##### Get event and release process #####
1:38:13 = begin close Process
1:38:13 = end close Process
1:38:13 = ##### Get event and release process end #####
1:38:13 = hWnd = 0x00030182; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:38:13 = hWnd = 0x00230078; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:13 = hWnd = 0x000701d2; ClassName:
x=0, y=0, width=0, height=0
1:38:13 = hWnd = 0x00030036; ClassName:
x=0, y=0, width=0, height=0
11:40:15 = Process Attach
11:40:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:40:15 = * NULL == SampleProvider *

11:40:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:40:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:40:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:40:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:40:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:40:20 = s1.
11:40:20 = s2.
11:40:23 = Start show animate
11:40:23 = Shell Excutute VerifyHost
11:41:1 = begin close Process
11:41:1 = Terminate Process
11:41:2 = end close Process
11:41:2 = DLL_PROCESS_DETACH
1:40:31 = Process Attach
1:40:31 = end process attach
1:40:31 = ***** NULL == SampleProvider *****

1:40:31 = hWnd = 0x000a04ae; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:40:31 = hWnd = 0x000b0574; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:40:31 = hWnd = 0x00100472; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:40:31 = hWnd = 0x00090638; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:40:31 = ##### Begin waiting Mutex to release process #####
1:41:20 = Process Attach
1:41:20 = ## ERR ## Setevent
1:41:20 = ##### Get event and release process #####
1:41:20 = begin close Process
1:41:20 = end close Process
1:41:20 = ##### Get event and release process end #####
1:41:20 = hWnd = 0x00570214; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:41:20 = hWnd = 0x008a0210; ClassName:
ow.
x=0, y=0, width=1, height=1
1:41:20 = hWnd = 0x008600d6; ClassName:
x=0, y=0, width=0, height=0
1:41:20 = hWnd = 0x003100d4; ClassName:
x=0, y=0, width=0, height=0
10:21:40 = Process Attach
10:21:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:21:40 = * NULL == SampleProvider *

10:21:40 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:21:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:21:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:21:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:21:46 = Need to re-create objects.
10:21:46 = s1.
10:21:46 = s2.
10:21:50
10:21:50
10:22:28
10:22:28
10:22:29
10:22:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:51:55 = Process Attach

11:51:55 = end process attach
11:51:55 = ##### Begin waiting Mutex to release process #####
11:51:55 = ***** NULL == SampleProvider *****
11:51:55 = hWnd = 0x00030606; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:51:55 = hWnd = 0x00020646; ClassName:
dow.
x=0, y=0, width=1, height=1
11:51:55 = hWnd = 0x00030604; ClassName:
x=0, y=0, width=0, height=0
11:51:55 = hWnd = 0x0011061e; ClassName:
x=0, y=0, width=0, height=0
11:51:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:51:55 = s1.
11:51:55 = s2.
11:51:55
11:51:55
11:54:45
11:54:45
11:54:46
11:54:46

1:28:41 = begin close Process
1:28:41 = end close Process
1:28:41 = ##### Get event and release process end #####
1:28:41 = hWnd = 0x00ca01a4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:28:41 = hWnd = 0x00b2006e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:28:41 =
x=0, y=0,
1:28:41 =
x=0, y=0,
9:44:10 =
9:44:10 =

width=1, height=1
hWnd = 0x01360050; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x013701ee; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:44:10 = * NULL == SampleProvider *

9:44:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:44:11 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:44:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:44:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:44:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:44:15 = s1.
9:44:15 = s2.
9:44:18
9:44:18
9:44:56
9:44:56
9:44:57
9:44:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:35:52 = Process Attach

11:35:52 = end process attach
11:35:52 = ***** NULL == SampleProvider *****
11:35:52 = ##### Begin waiting Mutex to release process #####
11:35:52 = hWnd = 0x00040590; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:35:52 = hWnd = 0x000205bc; ClassName:
dow.
x=0, y=0, width=1, height=1
11:35:52 = hWnd = 0x0002071e; ClassName:
x=0, y=0, width=0, height=0
11:35:52 = hWnd = 0x014905ba; ClassName:
x=0, y=0, width=0, height=0
11:35:52 = Need to re-create objects.
11:35:52 = s1.
11:35:52 = s2.
11:35:52 = Start show animate
11:35:52 = Shell Excutute VerifyHost
11:42:29 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:42:29 = Terminate Process

11:42:30 = end close Process
11:42:30 = DLL_PROCESS_DETACH
0:54:38 = Process Attach
0:54:38 = end process attach
0:54:38 = ##### Begin waiting Mutex to release process #####
0:54:38 = hWnd = 0x00110c2a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:54:38 = hWnd = 0x00100d5c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:54:38 = hWnd = 0x000703cc; ClassName:
x=0, y=0, width=0, height=0
0:54:38 = hWnd = 0x000a0d8c; ClassName:
x=0, y=0, width=0, height=0
0:55:40 = Process Attach
0:55:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:55:40 = ##### Get event and release process #####

0:55:40 = begin close Process
0:55:40 = end close Process
0:55:40 = ##### Get event and release process end #####
0:55:40 = hWnd = 0x013701ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:55:40 = hWnd = 0x00f8009a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:55:40 = hWnd = 0x00ee002e; ClassName:
x=0, y=0, width=0, height=0
0:55:40 = hWnd = 0x01ad0184; ClassName:
x=0, y=0, width=0, height=0
6:54:13 = Process Attach
6:54:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:54:14 = * NULL == SampleProvider *

6:54:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:54:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:54:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:54:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:54:17 = Need to re-create objects.
6:54:17 = s1.
6:54:17 = s2.
6:54:21 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:54:21 = Shell Excutute VerifyHost

6:55:0 = begin close Process
6:55:0 = Terminate Process
6:55:1 = end close Process
6:55:1 = DLL_PROCESS_DETACH
14:49:55 = Process Attach
14:49:55 = end process attach
14:49:55 = ***** NULL == SampleProvider *****
14:49:55 = ##### Begin waiting Mutex to release process #####
14:49:55 = hWnd = 0x00060526; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:49:55 = hWnd = 0x0003053e; ClassName:
dow.
x=0, y=0, width=1, height=1
14:49:55 = hWnd = 0x0003053a; ClassName:
x=0, y=0, width=0, height=0
14:49:55 = hWnd = 0x00030540; ClassName:
x=0, y=0, width=0, height=0
14:50:5 = Process Attach
14:50:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:50:5 = ##### Get event and release process #####

14:50:5 = ***** NULL == SampleProvider *****
14:50:5 = ##### Get event and release process end #####
14:50:5 = hWnd = 0x00490198; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:50:5 = hWnd = 0x008001aa; ClassName:
ow.
x=0, y=0, width=1, height=1
14:50:5 = hWnd = 0x00cb017a; ClassName:
x=0, y=0, width=0, height=0
14:50:5 = hWnd = 0x007201c2; ClassName:
x=0, y=0, width=0, height=0
18:13:0 = Process Attach
18:13:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:13:0 = * NULL == SampleProvider *

18:13:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:13:1 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
18:13:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:13:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:13:4 = Need to re-create objects.
18:13:4 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:13:4 = s2.
18:13:8 = Start show animate
18:13:8 = Shell Excutute VerifyHost
18:13:46 = begin close Process
18:13:46 = Terminate Process
18:13:47 = end close Process
18:13:47 = DLL_PROCESS_DETACH
1:23:39 = Process Attach
1:23:40 = end process attach
1:23:40 = ***** NULL == SampleProvider *****
1:23:40 = ##### Begin waiting Mutex to release process #####
1:23:40 = hWnd = 0x00040be4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:23:40 = hWnd = 0x0004092c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:23:40 = hWnd = 0x00080cfc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:24:9 = Process Attach
1:24:9 = ## ERR ## Setevent
1:24:9 = ##### Get event and release process #####
1:24:9 = begin close Process
1:24:9 = end close Process
1:24:9 = ##### Get event and release process end #####
1:24:9 = hWnd = 0x0075013e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:24:9 = hWnd = 0x00a000fa; ClassName:
w.
x=0, y=0, width=1, height=1
1:24:9 = hWnd = 0x0003004a; ClassName:
x=0, y=0, width=0, height=0
1:24:9 = hWnd = 0x011301bc; ClassName:
x=0, y=0, width=0, height=0
9:3:46 = Process Attach
9:3:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:3:46 = * NULL == SampleProvider *

9:3:46 = ##### Begin waiting Mutex to release process #####
9:3:46 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:3:47 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:3:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:3:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:3:49 = Need to re-create objects.

9:3:49 = s1.
9:3:49 = s2.
9:3:53
9:3:53
9:4:29
9:4:29
9:4:30
9:4:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:0:31 = Process Attach

0:0:31 = end process attach
0:0:31 = ***** NULL == SampleProvider *****
0:0:31 = ##### Begin waiting Mutex to release process #####
0:0:31 = hWnd = 0x003305ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:0:31 = hWnd = 0x000d096c; ClassName:
w.
x=0, y=0, width=1, height=1
0:0:31 = hWnd = 0x000a104c; ClassName:
x=0, y=0, width=0, height=0
0:0:31 = hWnd = 0x000807b6; ClassName:
x=0, y=0, width=0, height=0
0:1:29 = Process Attach
0:1:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:1:29 = ##### Get event and release process #####

0:1:29 = begin close Process
0:1:29 = end close Process
0:1:29 = ##### Get event and release process end #####
0:1:29 = hWnd = 0x00730156; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:1:29 = hWnd = 0x00ed01a8; ClassName:
w.
x=0, y=0, width=1, height=1
0:1:29 = hWnd = 0x00bd0148; ClassName:
x=0, y=0, width=0, height=0
0:1:29 = hWnd = 0x006801a6; ClassName:
x=0, y=0, width=0, height=0
8:44:49 = Process Attach
8:44:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:44:50 = * NULL == SampleProvider *

8:44:50 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:44:50 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

8:44:51 =
x=0, y=0,
8:44:51 =
x=0, y=0,
8:44:55 =

hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

8:44:56 = s1.
8:44:56 = s2.
8:45:3 = Start show animate
8:45:3 = Shell Excutute VerifyHost
8:45:40 = begin close Process
8:45:40 = Terminate Process
8:45:41 = end close Process
8:45:41 = DLL_PROCESS_DETACH
19:55:30 = Process Attach
19:55:30 = end process attach
19:55:30 = ***** NULL == SampleProvider *****
19:55:30 = ##### Begin waiting Mutex to release process #####
19:55:30 = hWnd = 0x001104d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:55:30 = hWnd = 0x000b0ce4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:55:30 = hWnd = 0x001e05ae; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:56:1 = Process Attach
19:56:1 = ## ERR ## Setevent
19:56:1 = ***** NULL == SampleProvider *****
19:56:1 = begin close Process
19:56:1 = end close Process
19:56:1 = ##### Get event and release process end #####
19:56:1 = hWnd = 0x00df0054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:56:1 = hWnd = 0x0095005c; ClassName:
ow.
x=0, y=0, width=1, height=1
19:56:1 = hWnd = 0x0108008a; ClassName:
x=0, y=0, width=0, height=0
19:56:1 = hWnd = 0x006e01f0; ClassName:
x=0, y=0, width=0, height=0
19:59:36 = Process Attach
19:59:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:59:36 = * NULL == SampleProvider *

19:59:36 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:59:37 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

19:59:37 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:59:37 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:59:40 = Need to re-create objects.
19:59:40 = s1.
19:59:40 = s2.
19:59:44 = Start show animate
19:59:44 = Shell Excutute VerifyHost
20:0:21 = begin close Process
20:0:21 = Terminate Process
20:0:22 = end close Process
20:0:22 = DLL_PROCESS_DETACH
21:39:52 = Process Attach
21:39:52 = end process attach
21:39:52 = ***** NULL == SampleProvider *****
21:39:52 = ##### Begin waiting Mutex to release process #####
21:39:52 = hWnd = 0x000905ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:39:52 = hWnd = 0x000603de; ClassName:
dow.
x=0, y=0, width=1, height=1
21:39:52 = hWnd = 0x000405ce; ClassName:
x=0, y=0, width=0, height=0
21:39:52 = hWnd = 0x000201d2; ClassName:
x=0, y=0, width=0, height=0
21:39:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:39:53 = s1.
21:39:53 = s2.
21:39:53
21:39:53
21:43:37
21:43:37
21:43:38
21:43:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:18:32 = Process Attach

23:18:32 = end process attach
23:18:32 = ***** NULL == SampleProvider *****
23:18:32 = hWnd = 0x001f03de; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:18:32 = hWnd = 0x000b02c6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:18:32 = hWnd = 0x000b076a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

23:18:32 = hWnd = 0x001203f6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:18:32 = Need to re-create objects.
23:18:32 = s1.
23:18:32 = s2.
23:18:32 = Start show animate
23:18:32 = Shell Excutute VerifyHost
23:29:2 = begin close Process
23:29:2 = Terminate Process
23:29:3 = end close Process
23:29:3 = DLL_PROCESS_DETACH
0:57:40 = Process Attach
0:57:40 = end process attach
0:57:40 = ***** NULL == SampleProvider *****
0:57:40 = ##### Begin waiting Mutex to release process #####
0:57:40 = hWnd = 0x00310400; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:40 = hWnd = 0x000d0622; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:40 = hWnd = 0x00090718; ClassName:
x=0, y=0, width=0, height=0
0:57:40 = hWnd = 0x000606da; ClassName:
x=0, y=0, width=0, height=0
0:58:0 = Process Attach
0:58:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:58:0 = ##### Get event and release process #####

0:58:0 = ***** NULL == SampleProvider *****
0:58:0 = end close Process
0:58:0 = ##### Get event and release process end #####
0:58:0 = hWnd = 0x008501a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:58:0 = hWnd = 0x00a901aa; ClassName:
w.
x=0, y=0, width=1, height=1
0:58:0 = hWnd = 0x00370064; ClassName:
x=0, y=0, width=0, height=0
0:58:0 = hWnd = 0x004a01e8; ClassName:
x=0, y=0, width=0, height=0
1:45:53 = Process Attach
1:45:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:45:53 = * NULL == SampleProvider *

1:45:53 = ##### Begin waiting Mutex to release process #####

1:45:53 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:45:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:45:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:45:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:45:57 = s1.
1:45:57 = s2.
1:46:1 = Start show animate
1:46:1 = Shell Excutute VerifyHost
1:46:39 = begin close Process
1:46:39 = Terminate Process
1:46:40 = end close Process
1:46:40 = DLL_PROCESS_DETACH
2:23:12 = Process Attach
2:23:12 = end process attach
2:23:12 = ##### Begin waiting Mutex to release process #####
2:23:12 = hWnd = 0x0012044c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:23:12 = hWnd = 0x000204ba; ClassName:
ow.
x=0, y=0, width=1, height=1
2:23:12 = hWnd = 0x000304c2; ClassName:
x=0, y=0, width=0, height=0
2:23:12 = hWnd = 0x000204be; ClassName:
x=0, y=0, width=0, height=0
2:23:19 = Process Attach
2:23:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:23:19 = ##### Get event and release process #####

2:23:19 = begin close Process
2:23:19 = end close Process
2:23:19 = hWnd = 0x000a01ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:23:19 = hWnd = 0x00020194; ClassName:
ow.
x=0, y=0, width=1, height=1
2:23:19 = hWnd = 0x00040054; ClassName:
x=0, y=0, width=0, height=0
2:23:19 = hWnd = 0x0005004c; ClassName:
x=0, y=0, width=0, height=0
10:6:43 = Process Attach
10:6:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:43 = * NULL == SampleProvider *

10:6:43 = ##### Begin waiting Mutex to release process #####

10:6:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:6:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:6:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:6:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:6:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:48 = s1.
10:6:48 = s2.
10:6:53
10:6:53
10:7:29
10:7:29
10:7:30
10:7:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:2:20 = Process Attach

11:2:20 = end process attach
11:2:20 = ##### Begin waiting Mutex to release process #####
11:2:20 = ***** NULL == SampleProvider *****
11:2:20 = hWnd = 0x000403ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:2:21 = hWnd = 0x0002062e; ClassName:
ow.
x=0, y=0, width=1, height=1
11:2:21 = hWnd = 0x000a04aa; ClassName:
x=0, y=0, width=0, height=0
11:2:21 = hWnd = 0x000402ee; ClassName:
x=0, y=0, width=0, height=0
11:2:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:2:21 = s1.
11:2:21 = s2.
11:2:22
11:2:22
11:3:39
11:3:39
11:3:40
11:3:40

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:1:53 = Process Attach

12:1:53 = end process attach
12:1:53 = ***** NULL == SampleProvider *****

12:1:53 = hWnd = 0x000a07dc; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:1:53 = hWnd = 0x000503e6; ClassName:
ow.
x=0, y=0, width=1, height=1
12:1:53 = hWnd = 0x00080b2e; ClassName:
x=0, y=0, width=0, height=0
12:1:53 = hWnd = 0x001506c0; ClassName:
x=0, y=0, width=0, height=0
12:1:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:1:53 = s1.
12:1:53 = s2.
12:1:53 = Start show animate
12:1:53 = Shell Excutute VerifyHost
13:49:47 = begin close Process
13:49:47 = Terminate Process
13:49:48 = end close Process
13:49:48 = DLL_PROCESS_DETACH
0:26:1 = Process Attach
0:26:2 = end process attach
0:26:2 = ##### Begin waiting Mutex to release process #####
0:26:2 = ***** NULL == SampleProvider *****
0:26:2 = hWnd = 0x000704f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:26:2 = hWnd = 0x00040534; ClassName:
w.
x=0, y=0, width=1, height=1
0:26:2 = hWnd = 0x00050504; ClassName:
x=0, y=0, width=0, height=0
0:26:2 = hWnd = 0x000a0430; ClassName:
x=0, y=0, width=0, height=0
0:26:34 = Process Attach
0:26:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:26:34 = * NULL == SampleProvider *

0:26:34 = begin close Process
0:26:34 = end close Process
0:26:34 = ##### Get event and release process end #####
0:26:34 = hWnd = 0x0085002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:26:34 = hWnd = 0x00200140; ClassName:
ow.
x=0, y=0, width=1, height=1
0:26:34 = hWnd = 0x00ef010c; ClassName:
x=0, y=0, width=0, height=0
0:26:34 = hWnd = 0x002701c4; ClassName:
x=0, y=0, width=0, height=0
8:43:30 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:30 = end process attach

8:43:30 = ***** NULL == SampleProvider *****
8:43:30 = ##### Begin waiting Mutex to release process #####
8:43:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:43:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:43:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:43:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:43:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:35 = s1.
8:43:35 = s2.
8:43:38
8:43:38
8:44:16
8:44:16
8:44:17
8:44:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:54:47 = Process Attach

15:54:47 = end process attach
15:54:47 = ***** NULL == SampleProvider *****
15:54:47 = ##### Begin waiting Mutex to release process #####
15:54:47 = hWnd = 0x00100518; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:54:47 = hWnd = 0x0090056c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:54:47 = hWnd = 0x000f0a08; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:55:46 = Process Attach
15:55:46 = ## ERR ## Setevent
15:55:46 = ##### Get event and release process #####
15:55:46 = begin close Process
15:55:46 = end close Process
15:55:46 = ##### Get event and release process end #####
15:55:46 = hWnd = 0x004901f8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:55:46 = hWnd = 0x00300174; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:55:46 = hWnd = 0x004b003a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

15:55:46 = hWnd = 0x00a4006e; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
16:0:50 = Process Attach
16:0:50 = end process attach
16:0:50 = ***** NULL == SampleProvider *****
16:0:50 = ##### Begin waiting Mutex to release process #####
16:0:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:0:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
16:0:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:0:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:0:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:0:54 = s1.
16:0:54 = s2.
16:0:58
16:0:58
16:1:36
16:1:36
16:1:37
16:1:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:24:57 = Process Attach

0:24:57 = end process attach
0:24:57 = ***** NULL == SampleProvider *****
0:24:57 = hWnd = 0x00180510; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:24:57 = hWnd = 0x001404e6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:24:57 = hWnd = 0x000305c6; ClassName:
x=0, y=0, width=0, height=0
0:24:57 = hWnd = 0x004c0500; ClassName:
x=0, y=0, width=0, height=0
0:25:28 = Process Attach
0:25:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:25:28 = * NULL == SampleProvider *

0:25:28 = begin close Process
0:25:28 = end close Process
0:25:28 = ##### Get event and release process end #####
0:25:28 = hWnd = 0x0080003a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:25:28 = hWnd = 0x00e8002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
0:25:28 =
x=0, y=0,
0:25:28 =
x=0, y=0,
7:52:47 =
7:52:47 =

width=1, height=1
hWnd = 0x00030086; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x009c019e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:52:47 = * NULL == SampleProvider *

7:52:47 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:52:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:52:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:52:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:52:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:52:51 = s1.
7:52:51 = s2.
7:52:54
7:52:54
7:53:34
7:53:34
7:53:35
7:53:35

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:19:3 = * NULL == SampleProvider *

7:19:3 = ##### Begin waiting Mutex to release process #####
7:19:3 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:19:3 = hWnd = 0x00010024; ClassName: UxdService; Title: UxdService.
x=19, y=25, width=1025, height=556
7:19:3 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

7:19:3 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
7:19:3 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:19:3 = hWnd = 0x00010026; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:19:4 = Need to re-create objects.
7:19:4 = s1.
7:19:4 = s2.
7:19:7
7:19:7
7:20:4
7:20:4
7:20:5
7:20:5

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:42:54 = Process Attach

11:42:54 = end process attach
11:42:54 = ***** NULL == SampleProvider *****
11:42:54 = ##### Begin waiting Mutex to release process #####
11:42:54 = hWnd = 0x0066062c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:42:54 = hWnd = 0x003c0f30; ClassName:
dow.
x=0, y=0, width=1, height=1
11:42:54 = hWnd = 0x00360f44; ClassName:
x=0, y=0, width=0, height=0
11:42:54 = hWnd = 0x0048051a; ClassName:
x=0, y=0, width=0, height=0
11:42:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:42:55 = s1.
11:42:55 = s2.
11:42:56 = Start show animate
11:42:56 = Shell Excutute VerifyHost
13:30:59 = begin close Process
13:30:59 = Terminate Process
13:31:0 = end close Process
13:31:0 = DLL_PROCESS_DETACH
1:17:20 = Process Attach
1:17:20 = end process attach
1:17:20 = ##### Begin waiting Mutex to release process #####
1:17:20 = hWnd = 0x000d06d4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:17:20 = hWnd = 0x001108b4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:17:20 = hWnd = 0x0008048c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
1:17:20 = hWnd = 0x00140e5a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:18:2 = Process Attach
1:18:2 = ## ERR ## Setevent
1:18:2 = ##### Get event and release process #####
1:18:2 = ***** NULL == SampleProvider *****
1:18:2 = ##### Get event and release process end #####
1:18:2 = hWnd = 0x00f1014e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:18:2 = hWnd = 0x0102005a; ClassName:
w.
x=0, y=0, width=1, height=1
1:18:2 = hWnd = 0x0032004c; ClassName:
x=0, y=0, width=0, height=0
1:18:2 = hWnd = 0x02500052; ClassName:
x=0, y=0, width=0, height=0
1:22:10 = Process Attach
1:22:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:22:10 = * NULL == SampleProvider *

1:22:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:22:11 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:22:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:22:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:22:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:22:13 = s1.
1:22:13 = s2.
1:22:16
1:22:16
1:22:55
1:22:55
1:22:56
1:22:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:36:3 = Process Attach

1:36:3 = end process attach
1:36:3 = ***** NULL == SampleProvider *****
1:36:3 = ##### Begin waiting Mutex to release process #####
1:36:3 = hWnd = 0x00040466; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

1:36:3 = hWnd = 0x0004048c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:36:3 = hWnd = 0x001602fc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:36:3 = hWnd = 0x00040462; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:36:12 = Process Attach
1:36:12 = ## ERR ## Setevent
1:36:12 = ##### Get event and release process #####
1:36:12 = begin close Process
1:36:12 = end close Process
1:36:12 = ##### Get event and release process end #####
1:36:12 = hWnd = 0x00040192; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:36:12 = hWnd = 0x000e008c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:36:12 = hWnd = 0x0003003a; ClassName:
x=0, y=0, width=0, height=0
1:36:12 = hWnd = 0x00050058; ClassName:
x=0, y=0, width=0, height=0
10:5:52 = Process Attach
10:5:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:5:52 = * NULL == SampleProvider *

10:5:52 = ##### Begin waiting Mutex to release process #####
10:5:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:5:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:5:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:5:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:5:55 = Need to re-create objects.
10:5:55 = s1.
10:5:55 = s2.
10:5:59
10:5:59
10:6:37
10:6:37
10:6:38
10:6:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:5:41 = Process Attach

12:5:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:42 = * NULL == SampleProvider *

12:5:42 = ##### Begin waiting Mutex to release process #####
12:5:42 =
ow.
x=0, y=0,
12:5:42 =
x=0, y=0,
12:5:42 =
x=0, y=0,
12:6:14 =
12:6:14 =

hWnd = 0x00070532; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0005030e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000904a8; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

12:6:14 = ##### Get event and release process #####

12:6:14 = begin close Process
12:6:14 = end close Process
12:6:14 = ##### Get event and release process end #####
12:6:14 = hWnd = 0x003901d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:6:14 = hWnd = 0x002601da; ClassName:
ow.
x=0, y=0, width=1, height=1
12:6:14 = hWnd = 0x000500a6; ClassName:
x=0, y=0, width=0, height=0
12:6:14 = hWnd = 0x003c01d8; ClassName:
x=0, y=0, width=0, height=0
12:10:9 = Process Attach
12:10:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:10:9 = * NULL == SampleProvider *

12:10:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:10:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:10:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:10:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:10:13 = Need to re-create objects.
12:10:13 = s1.
12:10:13 = s2.
12:10:17
12:10:17
12:10:54
12:10:54
12:10:55
12:10:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:31:9 = Process Attach

12:31:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:31:10 = * NULL == SampleProvider *

12:31:10 = ##### Begin waiting Mutex to release process #####
12:31:10 = hWnd = 0x00040486; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:31:10 = hWnd = 0x000604a2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:31:10 = hWnd = 0x000a04aa; ClassName:
x=0, y=0, width=0, height=0
12:31:10 = hWnd = 0x000b0490; ClassName:
x=0, y=0, width=0, height=0
12:31:13 = Process Attach
12:31:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:31:13 = ##### Get event and release process #####

12:31:13 = begin close Process
12:31:13 = end close Process
12:31:13 = ##### Get event and release process end #####
12:31:13 = hWnd = 0x000801dc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:31:13 = hWnd = 0x0003005c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:31:13 = hWnd = 0x0004009a; ClassName:
x=0, y=0, width=0, height=0
12:31:13 = hWnd = 0x000501d8; ClassName:
x=0, y=0, width=0, height=0
14:35:21 = Process Attach
14:35:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:35:21 = * NULL == SampleProvider *

14:35:21 = ##### Begin waiting Mutex to release process #####
14:35:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:35:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:35:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:35:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:35:25 = Need to re-create objects.
14:35:25 = s1.
14:35:25 = s2.
14:35:27 = Start show animate
14:35:27 = Shell Excutute VerifyHost
14:36:2 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:36:2 = Terminate Process

14:36:3 = end close Process
14:36:3 = DLL_PROCESS_DETACH
15:34:27 = Process Attach
15:34:27 = end process attach
15:34:27 = ***** NULL == SampleProvider *****
15:34:27 = hWnd = 0x00080494; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:34:27 = hWnd = 0x000504ce; ClassName:
dow.
x=0, y=0, width=1, height=1
15:34:27 = hWnd = 0x000a02ba; ClassName:
x=0, y=0, width=0, height=0
15:34:27 = hWnd = 0x000504d6; ClassName:
x=0, y=0, width=0, height=0
15:34:35 = Process Attach
15:34:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:34:35 = * NULL == SampleProvider *

15:34:35 = begin close Process
15:34:35 = end close Process
15:34:35 = ##### Get event and release process end #####
15:34:35 = hWnd = 0x000d012a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:34:35 = hWnd = 0x002001f6; ClassName:
dow.
x=0, y=0, width=1, height=1
15:34:35 = hWnd = 0x00110042; ClassName:
x=0, y=0, width=0, height=0
15:34:35 = hWnd = 0x001501e6; ClassName:
x=0, y=0, width=0, height=0
15:38:36 = Process Attach
15:38:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:38:36 = * NULL == SampleProvider *

15:38:36 = ##### Begin waiting Mutex to release process #####
15:38:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:38:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:38:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:38:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:38:40 = Need to re-create objects.
15:38:40 = s1.
15:38:40 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:38:43
15:38:43
15:39:21
15:39:21
15:39:22
15:39:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:11:58 = Process Attach

18:11:58 = end process attach
18:11:58 = ***** NULL == SampleProvider *****
18:11:58 = hWnd = 0x000507f0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:11:58 = hWnd = 0x002e0690; ClassName:
dow.
x=0, y=0, width=1, height=1
18:11:58 = hWnd = 0x000407aa; ClassName:
x=0, y=0, width=0, height=0
18:11:58 = hWnd = 0x000607f6; ClassName:
x=0, y=0, width=0, height=0
18:12:24 = Process Attach
18:12:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:12:24 = ##### Get event and release process #####

18:12:24 = begin close Process
18:12:24 = hWnd = 0x00bc0064; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:12:24 = hWnd = 0x005c013c; ClassName:
dow.
x=0, y=0, width=1, height=1
18:12:24 = hWnd = 0x0005004a; ClassName:
x=0, y=0, width=0, height=0
18:12:24 = hWnd = 0x0012002c; ClassName:
x=0, y=0, width=0, height=0
18:14:19 = Process Attach
18:14:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:14:19 = * NULL == SampleProvider *

18:14:20 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:14:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:14:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:14:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:14:24 = Need to re-create objects.
18:14:24 = s1.
18:14:24 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:14:27 = Start show animate

18:14:27 = Shell Excutute VerifyHost
18:15:7 = begin close Process
18:15:7 = Terminate Process
18:15:8 = end close Process
18:15:8 = DLL_PROCESS_DETACH
18:40:1 = Process Attach
18:40:1 = end process attach
18:40:1 = ##### Begin waiting Mutex to release process #####
18:40:1 = ***** NULL == SampleProvider *****
18:40:1 = hWnd = 0x000503ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:40:1 = hWnd = 0x000603e8; ClassName:
ow.
x=0, y=0, width=1, height=1
18:40:1 = hWnd = 0x00060308; ClassName:
x=0, y=0, width=0, height=0
18:40:1 = hWnd = 0x000303ea; ClassName:
x=0, y=0, width=0, height=0
18:40:7 = Process Attach
18:40:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:40:7 = * NULL == SampleProvider *

18:40:7 = begin close Process
18:40:7 = end close Process
18:40:7 = ##### Get event and release process end #####
18:40:7 = hWnd = 0x000a008a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:40:7 = hWnd = 0x00040064; ClassName:
ow.
x=0, y=0, width=1, height=1
18:40:7 = hWnd = 0x000401f2; ClassName:
x=0, y=0, width=0, height=0
18:40:7 = hWnd = 0x000801ee; ClassName:
x=0, y=0, width=0, height=0
18:41:32 = Process Attach
18:41:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:41:32 = * NULL == SampleProvider *

18:41:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:41:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:41:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:41:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:41:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:41:35 = s1.
18:41:35 = s2.
18:41:39
18:41:39
18:42:19
18:42:19
18:42:20
18:42:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:50:38 = Process Attach

18:50:38 = end process attach
18:50:38 = ***** NULL == SampleProvider *****
18:50:38 = ##### Begin waiting Mutex to release process #####
18:50:38 = hWnd = 0x001201cc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:50:38 = hWnd = 0x0011019e; ClassName:
dow.
x=0, y=0, width=1, height=1
18:50:38 = hWnd = 0x00170180; ClassName:
x=0, y=0, width=0, height=0
18:50:38 = hWnd = 0x001001c2; ClassName:
x=0, y=0, width=0, height=0
18:50:55 = Process Attach
18:50:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:50:55 = ##### Get event and release process #####

18:50:55 = begin close Process
18:50:55 = end close Process
18:50:55 = ##### Get event and release process end #####
18:50:55 = hWnd = 0x000101de; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:50:55 = hWnd = 0x000101da; ClassName:
dow.
x=0, y=0, width=1, height=1
18:50:55 = hWnd = 0x000101e6; ClassName:
x=0, y=0, width=0, height=0
18:50:55 = hWnd = 0x000101dc; ClassName:
x=0, y=0, width=0, height=0
18:54:3 = Process Attach
18:54:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:3 = * NULL == SampleProvider *

18:54:3 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:54:4 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:54:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

18:54:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
18:54:7 = Need to re-create objects.
18:54:7 = s1.
18:54:7 = s2.
18:54:10
18:54:10
18:54:51
18:54:51
18:54:52
18:54:52

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:15:21 = * NULL == SampleProvider *

23:15:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:15:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:15:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:15:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:15:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:15:24 = s1.
23:15:24 = s2.
23:15:28 = Start show animate
23:15:28 = Shell Excutute VerifyHost
23:16:5 = begin close Process
23:16:5 = Terminate Process
23:16:6 = end close Process
23:16:6 = DLL_PROCESS_DETACH
23:34:58 = Process Attach
23:34:58 = end process attach
23:34:58 = ***** NULL == SampleProvider *****
23:34:58 = ##### Begin waiting Mutex to release process #####
23:34:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:34:58 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:34:59 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:34:59 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:35:2 = Need to re-create objects.
23:35:2 = s1.
23:35:2 = s2.
23:35:6 = Start show animate
23:35:6 = Shell Excutute VerifyHost
23:35:43 = begin close Process
23:35:43 = Terminate Process
23:35:44 = end close Process
23:35:44 = DLL_PROCESS_DETACH
0:6:19 = Process Attach
0:6:19 = end process attach
0:6:19 = ***** NULL == SampleProvider *****
0:6:19 = ##### Begin waiting Mutex to release process #####
0:6:19 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:6:20 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
0:6:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:6:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:6:23 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:6:23 = s1.
0:6:23 = s2.
0:6:27 = Start show animate
0:6:27 = Shell Excutute VerifyHost
0:7:7 = begin close Process
0:7:7 = Terminate Process
0:7:8 = end close Process
0:7:8 = DLL_PROCESS_DETACH
2:9:26 = Process Attach
2:9:26 = end process attach
2:9:26 = ***** NULL == SampleProvider *****
2:9:26 = hWnd = 0x00040502; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:9:26 = hWnd = 0x000b03e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

2:9:26 = hWnd = 0x0004058a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
2:9:26 = hWnd = 0x000b040c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:9:30 = Process Attach
2:9:30 = ## ERR ## Setevent
2:9:30 = ***** NULL == SampleProvider *****
2:9:30 = begin close Process
2:9:30 = end close Process
2:9:30 = ##### Get event and release process end #####
2:9:30 = hWnd = 0x001901b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:9:30 = hWnd = 0x00c201f6; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:30 = hWnd = 0x001701f2; ClassName:
x=0, y=0, width=0, height=0
2:9:30 = hWnd = 0x00120030; ClassName:
x=0, y=0, width=0, height=0
8:15:14 = Process Attach
8:15:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:14 = * NULL == SampleProvider *

8:15:14 = ##### Begin waiting Mutex to release process #####
8:15:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:15:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:15:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:15:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:15:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:18 = s1.
8:15:18 = s2.
8:15:21
8:15:21
8:15:58
8:15:58
8:15:59
8:15:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:38:36 = Process Attach

9:38:36 = end process attach
9:38:36 = ***** NULL == SampleProvider *****
9:38:36 = ##### Begin waiting Mutex to release process #####

9:38:36 = hWnd = 0x000b0530; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:38:36 = hWnd = 0x000a051c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:38:36 = hWnd = 0x000504a6; ClassName:
x=0, y=0, width=0, height=0
9:38:36 = hWnd = 0x0011048a; ClassName:
x=0, y=0, width=0, height=0
9:38:47 = Process Attach
9:38:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:38:47 = ##### Get event and release process #####

9:38:47 = begin close Process
9:38:47 = end close Process
9:38:47 = ##### Get event and release process end #####
9:38:47 = hWnd = 0x000c01de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:38:47 = hWnd = 0x00260064; ClassName:
ow.
x=0, y=0, width=1, height=1
9:38:47 = hWnd = 0x00080052; ClassName:
x=0, y=0, width=0, height=0
9:38:47 = hWnd = 0x00280028; ClassName:
x=0, y=0, width=0, height=0
9:40:36 = Process Attach
9:40:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:36 = * NULL == SampleProvider *

9:40:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:40:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:40:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:40:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:40:39 = Need to re-create objects.
9:40:39 = s1.
9:40:39 = s2.
9:40:43
9:40:43
9:41:22
9:41:22
9:41:23
9:41:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:5:20 = Process Attach

11:5:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:20 = * NULL == SampleProvider *

11:5:20 = ##### Begin waiting Mutex to release process #####
11:5:20 = hWnd = 0x000500de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:5:20 = hWnd = 0x000f0048; ClassName:
ow.
x=0, y=0, width=1, height=1
11:5:20 = hWnd = 0x000300e2; ClassName:
x=0, y=0, width=0, height=0
11:5:20 = hWnd = 0x0005030c; ClassName:
x=0, y=0, width=0, height=0
11:5:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:20 = s1.
11:5:20 = s2.
11:5:20
11:5:20
11:9:20
11:9:20
11:9:21
11:9:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:57:1 = Process Attach

2:57:1 = end process attach
2:57:1 = ***** NULL == SampleProvider *****
2:57:1 = ##### Begin waiting Mutex to release process #####
2:57:1 = hWnd = 0x000d0b38; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:57:1 = hWnd = 0x000e0992; ClassName:
w.
x=0, y=0, width=1, height=1
2:57:1 = hWnd = 0x00070b36; ClassName:
x=0, y=0, width=0, height=0
2:57:1 = hWnd = 0x00441450; ClassName:
x=0, y=0, width=0, height=0
2:57:48 = Process Attach
2:57:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:57:48 = * NULL == SampleProvider *

2:57:48 = begin close Process
2:57:48 = end close Process
2:57:48 = ##### Get event and release process end #####
2:57:48 = hWnd = 0x010e002e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:57:48 = hWnd = 0x010201f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:57:48 = hWnd = 0x02d70056; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
2:57:48 =
x=0, y=0,
8:56:33 =
8:56:33 =

width=0, height=0
hWnd = 0x023e01ea; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:56:33 = ##### Begin waiting Mutex to release process #####

8:56:33 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:56:34 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:56:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:56:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:56:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:56:37 = s1.
8:56:37 = s2.
8:56:40
8:56:40
8:57:16
8:57:16
8:57:17
8:57:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:57:4 = Process Attach

10:57:4 = end process attach
10:57:4 = ***** NULL == SampleProvider *****
10:57:4 = ##### Begin waiting Mutex to release process #####
10:57:4 = hWnd = 0x000712f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:57:4 = hWnd = 0x0006138a; ClassName:
ow.
x=0, y=0, width=1, height=1
10:57:4 = hWnd = 0x00061304; ClassName:
x=0, y=0, width=0, height=0
10:57:4 = hWnd = 0x00081302; ClassName:
x=0, y=0, width=0, height=0
13:0:37 = Need to re-create objects.
13:0:38 = s1.
13:0:38 = s2.
13:0:38 = Start show animate
13:0:38 = Shell Excutute VerifyHost
13:2:4 = begin close Process
13:2:4 = Terminate Process
13:2:5 = end close Process
13:2:5 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:24 = Process Attach

23:22:24 = end process attach
23:22:24 = ***** NULL == SampleProvider *****
23:22:24 = hWnd = 0x000e04c4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:22:24 = hWnd = 0x00310bf8; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:24 = hWnd = 0x001a04c8; ClassName:
x=0, y=0, width=0, height=0
23:22:24 = hWnd = 0x0022058c; ClassName:
x=0, y=0, width=0, height=0
23:22:45 = Process Attach
23:22:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:45 = ##### Get event and release process #####

23:22:45 = begin close Process
23:22:45 = end close Process
23:22:45 = ##### Get event and release process end #####
23:22:45 = hWnd = 0x00480064; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:22:45 = hWnd = 0x00a0015e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:45 = hWnd = 0x00c7004e; ClassName:
x=0, y=0, width=0, height=0
23:22:45 = hWnd = 0x006801de; ClassName:
x=0, y=0, width=0, height=0
8:4:38 = Process Attach
8:4:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:4:38 = * NULL == SampleProvider *

8:4:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:4:39 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:4:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:4:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:4:41 = Need to re-create objects.
8:4:41 = s1.
8:4:41 = s2.
8:4:44
8:4:44
8:5:23
8:5:23

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:24 = end close Process

8:5:24 = DLL_PROCESS_DETACH
8:15:48 = Process Attach
8:15:48 = end process attach
8:15:48 = ***** NULL == SampleProvider *****
8:15:48 = ##### Begin waiting Mutex to release process #####
8:15:48 = hWnd = 0x0001047a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:15:48 = hWnd = 0x0003035e; ClassName:
ow.
x=0, y=0, width=1, height=1
8:15:48 = hWnd = 0x00010480; ClassName:
x=0, y=0, width=0, height=0
8:15:48 = hWnd = 0x00010478; ClassName:
x=0, y=0, width=0, height=0
8:15:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:48 = s1.
8:15:48 = s2.
8:15:48
8:15:48
8:20:14
8:20:14
8:20:15
8:20:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:36:27 = Process Attach

9:36:27 = end process attach
9:36:27 = ***** NULL == SampleProvider *****
9:36:27 = hWnd = 0x000304d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:36:27 = hWnd = 0x00150424; ClassName:
ow.
x=0, y=0, width=1, height=1
9:36:27 = hWnd = 0x000304e6; ClassName:
x=0, y=0, width=0, height=0
9:36:27 = hWnd = 0x000304d6; ClassName:
x=0, y=0, width=0, height=0
9:36:27 = Need to re-create objects.
9:36:27 = s1.
9:36:27 = s2.
9:36:27
9:36:27
9:44:14
9:44:14
9:44:15
9:44:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:13:17 = Process Attach

11:13:17 = end process attach
11:13:17 = ***** NULL == SampleProvider *****
11:13:17 = hWnd = 0x001b05c6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:13:17 = hWnd = 0x000206f8; ClassName:
dow.
x=0, y=0, width=1, height=1
11:13:17 = hWnd = 0x00050496; ClassName:
x=0, y=0, width=0, height=0
11:13:17 = hWnd = 0x000206b8; ClassName:
x=0, y=0, width=0, height=0
11:13:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:13:18 = s1.
11:13:18 = s2.
11:13:18 = Start show animate
11:13:18 = Shell Excutute VerifyHost
11:51:6 = begin close Process
11:51:6 = Terminate Process
11:51:7 = end close Process
11:51:7 = DLL_PROCESS_DETACH
23:45:32 = Process Attach
23:45:32 = end process attach
23:45:32 = ***** NULL == SampleProvider *****
23:45:32 = hWnd = 0x00030414; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:45:32 = hWnd = 0x0003041c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:45:32 = hWnd = 0x000504c8; ClassName:
x=0, y=0, width=0, height=0
23:45:32 = hWnd = 0x000f06a6; ClassName:
x=0, y=0, width=0, height=0
23:46:21 = Process Attach
23:46:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:46:21 = ##### Get event and release process #####

23:46:21 = ***** NULL == SampleProvider *****
23:46:21 = end close Process
23:46:21 = ##### Get event and release process end #####
23:46:21 = hWnd = 0x00a001d4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:46:21 = hWnd = 0x011d018c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

23:46:21 = hWnd = 0x007c01c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
23:46:21 = hWnd = 0x0056002a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:21:48 = Process Attach
8:21:48 = end process attach
8:21:48 = ***** NULL == SampleProvider *****
8:21:48 = ##### Begin waiting Mutex to release process #####
8:21:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:21:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:21:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:21:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:21:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:21:55 = s1.
8:21:55 = s2.
8:21:58
8:21:58
8:22:36
8:22:36
8:22:37
8:22:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:57:18 = Process Attach

0:57:18 = end process attach
0:57:18 = ##### Begin waiting Mutex to release process #####
0:57:18 = hWnd = 0x00140fe6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:18 = hWnd = 0x002e157e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:18 = hWnd = 0x0025079e; ClassName:
x=0, y=0, width=0, height=0
0:57:18 = hWnd = 0x0016136e; ClassName:
x=0, y=0, width=0, height=0
0:57:18 = Need to re-create objects.
0:57:18 = s1.
0:57:18 = s2.
0:57:19 = Start show animate
0:57:19 = Shell Excutute VerifyHost
1:1:26 = begin close Process
1:1:26 = Terminate Process
1:1:27 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:27 = DLL_PROCESS_DETACH
1:10:29 = Process Attach
1:10:29 = end process attach
1:10:29 = ***** NULL == SampleProvider *****
1:10:29 = ##### Begin waiting Mutex to release process #####
1:10:29 = hWnd = 0x0016071e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:10:29 = hWnd = 0x00130510; ClassName:
ow.
x=0, y=0, width=1, height=1
1:10:29 = hWnd = 0x000c0600; ClassName:
x=0, y=0, width=0, height=0
1:10:29 = hWnd = 0x002c078c; ClassName:
x=0, y=0, width=0, height=0
1:11:0 = Process Attach
1:11:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:11:0 = * NULL == SampleProvider *

1:11:0 = begin close Process
1:11:0 = end close Process
1:11:0 = ##### Get event and release process end #####
1:11:0 = hWnd = 0x014b01d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:11:0 = hWnd = 0x001e01b6; ClassName:
w.
x=0, y=0, width=1, height=1
1:11:0 = hWnd = 0x00b801dc; ClassName:
x=0, y=0, width=0, height=0
1:11:0 = hWnd = 0x00c401cc; ClassName:
x=0, y=0, width=0, height=0
9:58:1 = Process Attach
9:58:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:58:1 = * NULL == SampleProvider *

9:58:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:58:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:58:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:58:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:58:8 = Need to re-create objects.
9:58:8 = s1.
9:58:8 = s2.
9:58:13 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:58:13
9:58:49
9:58:49
9:58:50
9:58:50

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:30:2 = Process Attach

11:30:2 = end process attach
11:30:2 = ***** NULL == SampleProvider *****
11:30:2 = hWnd = 0x00030b04; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:30:2 = hWnd = 0x000304be; ClassName:
ow.
x=0, y=0, width=1, height=1
11:30:2 = hWnd = 0x000304c4; ClassName:
x=0, y=0, width=0, height=0
11:30:2 = hWnd = 0x0003052a; ClassName:
x=0, y=0, width=0, height=0
11:30:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:2 = s1.
11:30:2 = s2.
11:30:3 = Start show animate
11:30:3 = Shell Excutute VerifyHost
11:53:33 = begin close Process
11:53:33 = Terminate Process
11:53:34 = end close Process
11:53:34 = DLL_PROCESS_DETACH
0:55:18 = Process Attach
0:55:18 = end process attach
0:55:18 = ***** NULL == SampleProvider *****
0:55:18 = hWnd = 0x00280814; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:55:18 = hWnd = 0x000e0b24; ClassName:
ow.
x=0, y=0, width=1, height=1
0:55:18 = hWnd = 0x0020069a; ClassName:
x=0, y=0, width=0, height=0
0:55:18 = hWnd = 0x00030ad0; ClassName:
x=0, y=0, width=0, height=0
0:56:14 = Process Attach
0:56:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:56:14 = ##### Get event and release process #####

0:56:14 = begin close Process
0:56:14 = end close Process
0:56:14 = ##### Get event and release process end #####
0:56:14 = hWnd = 0x009800d8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
0:56:14 =
ow.
x=0, y=0,
0:56:14 =
x=0, y=0,
0:56:14 =
x=0, y=0,
8:25:16 =
8:25:16 =

width=1024, height=768
hWnd = 0x0049004c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x006c01b8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x005900d4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:25:16 = ##### Begin waiting Mutex to release process #####

8:25:17 =
ow.
x=0, y=0,
8:25:17 =
x=0, y=0,
8:25:17 =
x=0, y=0,
8:25:20 =

8:25:20 = s1.
8:25:20 = s2.
8:25:24 = Start show animate
8:25:24 = Shell Excutute VerifyHost
8:26:2 = begin close Process
8:26:2 = Terminate Process
8:26:3 = end close Process
8:26:3 = DLL_PROCESS_DETACH
0:42:12 = Process Attach
0:42:12 = end process attach
0:42:12 = ***** NULL == SampleProvider *****
0:42:12 = ##### Begin waiting Mutex to release process #####
0:42:12 =
ow.
x=0, y=0,
0:42:12 =
x=0, y=0,
0:42:12 =
x=0, y=0,
0:42:43 =
0:42:43 =

hWnd = 0x001502a6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000f1164; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00200d34; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:42:43 = ##### Get event and release process #####

0:42:43 = begin close Process
0:42:43 = end close Process
0:42:43 = ##### Get event and release process end #####
0:42:43 = ***** NULL == SampleProvider *****
0:42:43 = hWnd = 0x001101dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
0:42:43 =
ow.
x=0, y=0,
0:42:43 =
x=0, y=0,
0:42:43 =
x=0, y=0,
8:48:34 =
8:48:34 =

width=1024, height=768
hWnd = 0x0091009a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00fa01d6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00a3005c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:48:34 = * NULL == SampleProvider *

8:48:34 = ##### Begin waiting Mutex to release process #####
8:48:35 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:48:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:48:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:48:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:48:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:48:38 = s1.
8:48:38 = s2.
8:48:42
8:48:42
8:49:18
8:49:18
8:49:19
8:49:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:29:13 = Process Attach

1:29:13 = end process attach
1:29:13 = ***** NULL == SampleProvider *****
1:29:13 = ##### Begin waiting Mutex to release process #####
1:29:13 = hWnd = 0x00060584; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:29:13 = hWnd = 0x00270a9c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:29:13 = hWnd = 0x000b03b4; ClassName:
x=0, y=0, width=0, height=0
1:29:13 = hWnd = 0x00030b4a; ClassName:
x=0, y=0, width=0, height=0
1:30:29 = Process Attach
1:30:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:30:29 = ##### Get event and release process #####

1:30:29 = begin close Process

1:30:29 = end close Process
1:30:29 = ##### Get event and release process end #####
1:30:29 = ***** NULL == SampleProvider *****
1:30:29 = hWnd = 0x020401dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:29 = hWnd = 0x00c2002a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:29 = hWnd = 0x00ab01f6; ClassName:
x=0, y=0, width=0, height=0
1:30:29 = hWnd = 0x007f016e; ClassName:
x=0, y=0, width=0, height=0
8:50:23 = Process Attach
8:50:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:50:23 = * NULL == SampleProvider *

8:50:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:50:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:50:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:50:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:50:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:50:29 = s1.
8:50:29 = s2.
8:50:34
8:50:34
8:51:10
8:51:10
8:51:11
8:51:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:49:42 = Process Attach

9:49:42 = end process attach
9:49:42 = ***** NULL == SampleProvider *****
9:49:42 = ##### Begin waiting Mutex to release process #####
9:49:42 = hWnd = 0x000304be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:49:42 = hWnd = 0x0006003e; ClassName:
ow.
x=0, y=0, width=1, height=1
9:49:42 = hWnd = 0x000204b6; ClassName:
x=0, y=0, width=0, height=0
9:49:42 = hWnd = 0x00390488; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

9:49:42 = Need to re-create objects.
9:49:42 = s1.
9:49:42 = s2.
9:49:42 = Start show animate
9:49:42 = Shell Excutute VerifyHost
10:12:46 = begin close Process
10:12:46 = Terminate Process
10:12:47 = end close Process
10:12:47 = DLL_PROCESS_DETACH
11:52:28 = Process Attach
11:52:28 = end process attach
11:52:28 = ***** NULL == SampleProvider *****
11:52:28 = ##### Begin waiting Mutex to release process #####
11:52:28 = hWnd = 0x000404bc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:52:28 = hWnd = 0x000205a0; ClassName:
dow.
x=0, y=0, width=1, height=1
11:52:28 = hWnd = 0x003b0488; ClassName:
x=0, y=0, width=0, height=0
11:52:28 = hWnd = 0x0009003e; ClassName:
x=0, y=0, width=0, height=0
11:52:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:52:29 = s1.
11:52:29 = s2.
11:52:29
11:52:29
11:55:21
11:55:21
11:55:22
11:55:22

16:47:1 =
x=0, y=0,
16:47:1 =
x=0, y=0,
16:47:1 =

hWnd = 0x00070570; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x002003b6; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

16:47:1 = s1.
16:47:1 = s2.
16:47:1
16:47:1
17:1:35
17:1:35
17:1:36
17:1:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:25:12 = Process Attach

17:25:12 = end process attach
17:25:12 = ##### Begin waiting Mutex to release process #####
17:25:12 = hWnd = 0x002203b6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:25:12 = hWnd = 0x00080c88; ClassName:
dow.
x=0, y=0, width=1, height=1
17:25:12 = hWnd = 0x000f0586; ClassName:
x=0, y=0, width=0, height=0
17:25:12 = hWnd = 0x00070c04; ClassName:
x=0, y=0, width=0, height=0
17:25:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:25:12 = s1.
17:25:12 = s2.
17:25:12 = Start show animate
17:25:12 = Shell Excutute VerifyHost
18:5:41 = begin close Process
18:5:41 = end close Process
18:5:41 = DLL_PROCESS_DETACH
1:23:28 = Process Attach
1:23:28 = end process attach
1:23:28 = ***** NULL == SampleProvider *****
1:23:28 = ##### Begin waiting Mutex to release process #####
1:23:28 =
ow.
x=0, y=0,
1:23:28 =
x=0, y=0,
1:23:28 =
x=0, y=0,
1:23:28 =

hWnd = 0x000d06d0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000709e4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00150d4e; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

1:23:28 = s1.
1:23:28 = s2.
1:23:30
1:23:30
1:25:18
1:25:18
1:25:19
1:25:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:34:43 = Process Attach

1:34:43 = end process attach
1:34:43 = ***** NULL == SampleProvider *****
1:34:43 = hWnd = 0x000609b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:34:43 = hWnd = 0x000c0b3c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:43 = hWnd = 0x000609bc; ClassName:
x=0, y=0, width=0, height=0
1:34:43 = hWnd = 0x000609c2; ClassName:
x=0, y=0, width=0, height=0
1:35:25 = Process Attach
1:35:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:25 = ##### Get event and release process #####

1:35:25 = ***** NULL == SampleProvider *****
1:35:25 = hWnd = 0x00090086; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:35:25 = hWnd = 0x012b009c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:25 = hWnd = 0x001d01e6; ClassName:
x=0, y=0, width=0, height=0
1:35:25 = hWnd = 0x00d30170; ClassName:
x=0, y=0, width=0, height=0
9:15:0 = Process Attach
9:15:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:0 = * NULL == SampleProvider *

9:15:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:15:0 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:15:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:15:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:15:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:3 = s1.
9:15:3 = s2.
9:15:6 = Start show animate
9:15:6 = Shell Excutute VerifyHost
9:15:44 = begin close Process
9:15:44 = Terminate Process
9:15:45 = end close Process
9:15:45 = DLL_PROCESS_DETACH
0:27:38 = Process Attach
0:27:38 = end process attach
0:27:38 = ***** NULL == SampleProvider *****
0:27:38 = hWnd = 0x003307aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:27:38 = hWnd = 0x00340bf6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:27:38 = hWnd = 0x006419b0; ClassName:
x=0, y=0, width=0, height=0
0:27:38 = hWnd = 0x00090c30; ClassName:
x=0, y=0, width=0, height=0
0:27:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:27:39 = s1.
0:27:39 = s2.
0:27:42 = Start show animate
0:27:42 = Shell Excutute VerifyHost
0:31:6 = begin close Process
0:31:6 = Terminate Process
0:31:7 = end close Process
0:31:7 = DLL_PROCESS_DETACH
2:42:38 = Process Attach
2:42:38 = end process attach
2:42:38 = ***** NULL == SampleProvider *****
2:42:38 = ##### Begin waiting Mutex to release process #####
2:42:38 = hWnd = 0x001115d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:42:38 = hWnd = 0x007703fe; ClassName:
ow.
x=0, y=0, width=1, height=1
2:42:38 = hWnd = 0x000e1114; ClassName:
x=0, y=0, width=0, height=0
2:42:38 = hWnd = 0x001305fc; ClassName:
x=0, y=0, width=0, height=0
2:43:23 = Process Attach
2:43:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:43:23 = ##### Get event and release process #####

2:43:23 = begin close Process

2:43:23 = end close Process
2:43:23 = ##### Get event and release process end #####
2:43:23 = hWnd = 0x000b01da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:43:23 = hWnd = 0x000b00c2; ClassName:
ow.
x=0, y=0, width=1, height=1
2:43:23 = hWnd = 0x0004011c; ClassName:
x=0, y=0, width=0, height=0
2:43:23 = hWnd = 0x0003008c; ClassName:
x=0, y=0, width=0, height=0
9:45:15 = Process Attach
9:45:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:45:15 = * NULL == SampleProvider *

9:45:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:45:17 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:45:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:45:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:45:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:45:21 = s1.
9:45:21 = s2.
9:45:24 = Start show animate
9:45:24 = Shell Excutute VerifyHost
9:46:4 = begin close Process
9:46:4 = Terminate Process
9:46:5 = end close Process
9:46:5 = DLL_PROCESS_DETACH
16:5:46 = Process Attach
16:5:47 = end process attach
16:5:47 = ***** NULL == SampleProvider *****
16:5:47 = ##### Begin waiting Mutex to release process #####
16:5:47 =
ow.
x=0, y=0,
16:5:47 =
x=0, y=0,
16:5:47 =
x=0, y=0,
16:6:30 =
16:6:30 =

hWnd = 0x00d10d8c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00131250; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00530c80; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

16:6:30 = * NULL == SampleProvider *

16:6:30 = begin close Process
16:6:30 = end close Process
16:6:30 = ##### Get event and release process end #####
16:6:30 = hWnd = 0x011801d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:6:30 = hWnd = 0x003801b4; ClassName:
ow.
x=0, y=0, width=1, height=1
16:6:30 = hWnd = 0x00aa01c2; ClassName:
x=0, y=0, width=0, height=0
16:6:30 = hWnd = 0x0031013c; ClassName:
x=0, y=0, width=0, height=0
16:10:22 = Process Attach
16:10:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:10:22 = * NULL == SampleProvider *

16:10:22 = ##### Begin waiting Mutex to release process #####
16:10:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:10:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:10:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:10:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:10:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:10:29 = s1.
16:10:29 = s2.
16:10:32
16:10:32
16:11:10
16:11:10
16:11:11
16:11:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:3:23 = Process Attach

22:3:23 = end process attach
22:3:23 = ***** NULL == SampleProvider *****
22:3:23 = ##### Begin waiting Mutex to release process #####
22:3:23 = hWnd = 0x000603e2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:3:23 = hWnd = 0x00080486; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
22:3:23 = hWnd = 0x000503b2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
22:3:23 =
x=0, y=0,
22:3:35 =
22:3:35 =

width=0, height=0
hWnd = 0x001a04c8; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

22:3:35 = ##### Get event and release process #####

22:3:35 = ***** NULL == SampleProvider *****
22:3:35 = ##### Get event and release process end #####
22:3:35 = hWnd = 0x00c30124; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:3:35 = hWnd = 0x006e0052; ClassName:
ow.
x=0, y=0, width=1, height=1
22:3:35 = hWnd = 0x0040004a; ClassName:
x=0, y=0, width=0, height=0
22:3:35 = hWnd = 0x003f00a4; ClassName:
x=0, y=0, width=0, height=0
22:7:12 = Process Attach
22:7:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:7:12 = * NULL == SampleProvider *

22:7:12 = ##### Begin waiting Mutex to release process #####
22:7:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:7:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:7:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:7:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:7:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:7:17 = s1.
22:7:17 = s2.
22:7:20
22:7:20
22:7:57
22:7:57
22:7:58
22:7:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:29:32 = Process Attach

0:29:32 = end process attach
0:29:32 = ***** NULL == SampleProvider *****
0:29:32 = ##### Begin waiting Mutex to release process #####
0:29:32 = hWnd = 0x00021080; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
0:29:32 = hWnd = 0x00021188; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:29:32 = hWnd = 0x00071038; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:29:32 = hWnd = 0x0003105a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:30:15 = Process Attach
0:30:15 = ## ERR ## Setevent
0:30:15 = ##### Get event and release process #####
0:30:15 = ***** NULL == SampleProvider *****
0:30:15 = end close Process
0:30:15 = ##### Get event and release process end #####
0:30:15 = hWnd = 0x000500c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:30:15 = hWnd = 0x000401fc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:30:15 = hWnd = 0x000801ca; ClassName:
x=0, y=0, width=0, height=0
0:30:15 = hWnd = 0x000901f0; ClassName:
x=0, y=0, width=0, height=0
9:45:40 = Process Attach
9:45:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:45:40 = * NULL == SampleProvider *

9:45:40 = ##### Begin waiting Mutex to release process #####
9:45:40 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:45:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:45:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:45:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:45:44 = Need to re-create objects.
9:45:45 = s1.
9:45:45 = s2.
9:45:47
9:45:47
9:46:25
9:46:25
9:46:26
9:46:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:57:20 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:57:20 = end process attach

12:57:20 = ##### Begin waiting Mutex to release process #####
12:57:20 = hWnd = 0x00070314; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:57:20 = hWnd = 0x000803e2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:57:20 = hWnd = 0x000703f4; ClassName:
x=0, y=0, width=0, height=0
12:57:20 = hWnd = 0x000803d2; ClassName:
x=0, y=0, width=0, height=0
12:57:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:57:21 = s1.
12:57:21 = s2.
12:57:22
12:57:22
13:24:11
13:24:11
13:24:12
13:24:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:33:7 = Process Attach

15:33:7 = end process attach
15:33:7 = ***** NULL == SampleProvider *****
15:33:7 = hWnd = 0x00060374; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:33:7 = hWnd = 0x00120676; ClassName:
ow.
x=0, y=0, width=1, height=1
15:33:7 = hWnd = 0x00660640; ClassName:
x=0, y=0, width=0, height=0
15:33:7 = hWnd = 0x000803d0; ClassName:
x=0, y=0, width=0, height=0
15:33:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:33:7 = s1.
15:33:7 = s2.
15:33:7 = Start show animate
15:33:7 = Shell Excutute VerifyHost
17:1:6 = begin close Process
17:1:6 = Terminate Process
17:1:7 = end close Process
17:1:7 = DLL_PROCESS_DETACH
17:18:26 = Process Attach
17:18:26 = end process attach
17:18:26 = ***** NULL == SampleProvider *****

17:18:26 = hWnd = 0x000a03f6; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:18:26 = hWnd = 0x000e0314; ClassName:
dow.
x=0, y=0, width=1, height=1
17:18:26 = hWnd = 0x00070310; ClassName:
x=0, y=0, width=0, height=0
17:18:26 = hWnd = 0x000f03d2; ClassName:
x=0, y=0, width=0, height=0
17:18:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:18:26 = s1.
17:18:26 = s2.
17:18:26 = Start show animate
17:18:26 = Shell Excutute VerifyHost
17:41:4 = begin close Process
17:41:4 = Terminate Process
17:41:5 = end close Process
17:41:5 = DLL_PROCESS_DETACH
1:26:13 = Process Attach
1:26:13 = end process attach
1:26:13 = ***** NULL == SampleProvider *****
1:26:13 = ##### Begin waiting Mutex to release process #####
1:26:13 = hWnd = 0x000b03d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:26:13 = hWnd = 0x001803e2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:13 = hWnd = 0x0010014a; ClassName:
x=0, y=0, width=0, height=0
1:26:13 = hWnd = 0x001003f0; ClassName:
x=0, y=0, width=0, height=0
1:26:43 = Process Attach
1:26:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:26:43 = ##### Get event and release process #####

1:26:43 = begin close Process
1:26:43 = end close Process
1:26:43 = hWnd = 0x003b012c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:26:43 = hWnd = 0x0188002a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:43 = hWnd = 0x00e201a4; ClassName:
x=0, y=0, width=0, height=0
1:26:43 = hWnd = 0x004a0050; ClassName:
x=0, y=0, width=0, height=0
8:49:0 = Process Attach
8:49:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:49:0 = * NULL == SampleProvider *

8:49:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:49:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:49:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:49:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:49:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:49:4 = s1.
8:49:4 = s2.
8:49:8 = Start show animate
8:49:8 = Shell Excutute VerifyHost
8:49:47 = begin close Process
8:49:47 = Terminate Process
8:49:48 = end close Process
8:49:48 = DLL_PROCESS_DETACH
10:4:42 = Process Attach
10:4:42 = end process attach
10:4:42 = ***** NULL == SampleProvider *****
10:4:42 = hWnd = 0x000403fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:4:42 = hWnd = 0x000603ea; ClassName:
ow.
x=0, y=0, width=1, height=1
10:4:42 = hWnd = 0x000804d2; ClassName:
x=0, y=0, width=0, height=0
10:4:42 = hWnd = 0x000403dc; ClassName:
x=0, y=0, width=0, height=0
10:4:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:4:43 = s1.
10:4:43 = s2.
10:4:43
10:4:43
10:8:20
10:8:20
10:8:21
10:8:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:58:2 = Process Attach

11:58:2 = end process attach
11:58:2 = ***** NULL == SampleProvider *****
11:58:2 = hWnd = 0x000703f0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
11:58:2 =
ow.
x=0, y=0,
11:58:2 =
x=0, y=0,
11:58:2 =
x=0, y=0,
11:58:2 =

width=1366, height=768
hWnd = 0x000d03c2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000603e0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00050516; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

11:58:2 = s1.
11:58:2 = s2.
11:58:2
11:58:2
12:1:18
12:1:18
12:1:19
12:1:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:18:56 = Process Attach

13:18:56 = end process attach
13:18:56 = ##### Begin waiting Mutex to release process #####
13:18:56 = ***** NULL == SampleProvider *****
13:18:56 = hWnd = 0x000d0574; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:18:56 = hWnd = 0x0024014e; ClassName:
dow.
x=0, y=0, width=1, height=1
13:18:56 = hWnd = 0x000c058e; ClassName:
x=0, y=0, width=0, height=0
13:18:56 = hWnd = 0x000c0bce; ClassName:
x=0, y=0, width=0, height=0
13:19:42 = Process Attach
13:19:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:19:42 = * NULL == SampleProvider *

13:19:42 = ##### Get event and release process #####
13:19:42 = begin close Process
13:19:42 = end close Process
13:19:42 = ##### Get event and release process end #####
13:19:42 = hWnd = 0x002f01ec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:19:42 = hWnd = 0x0040005a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:19:42 = hWnd = 0x001e01de; ClassName:
x=0, y=0, width=0, height=0
13:19:42 = hWnd = 0x003d01a2; ClassName:
x=0, y=0, width=0, height=0
13:23:31 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:23:31 = end process attach

13:23:31 = ***** NULL == SampleProvider *****
13:23:31 = ##### Begin waiting Mutex to release process #####
13:23:32 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:23:32 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:23:32 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:23:35 = Need to re-create objects.
13:23:35 = s1.
13:23:35 = s2.
13:23:40
13:23:40
13:24:17
13:24:17
13:24:18
13:24:18

12:10:1 = begin close Process
12:10:1 = end close Process
12:10:1 = ##### Get event and release process end #####
12:10:1 = hWnd = 0x000101f0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:10:1 = hWnd = 0x000101ec; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0, width=1, height=1
12:10:1 = hWnd = 0x000101f8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:10:1 = hWnd = 0x000101ee; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:11:37 = Process Attach
12:11:37 = end process attach
12:11:37 = ***** NULL == SampleProvider *****
12:11:37 = ##### Begin waiting Mutex to release process #####
12:11:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:11:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:11:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:11:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:11:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:11:41 = s1.
12:11:41 = s2.
12:11:44
12:11:44
12:12:22
12:12:22
12:12:23
12:12:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:11:1 = Process Attach

1:11:1 = end process attach
1:11:1 = ***** NULL == SampleProvider *****
1:11:1 = hWnd = 0x002a0756; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:11:1 = hWnd = 0x00a000fc; ClassName:
w.
x=0, y=0, width=1, height=1
1:11:1 = hWnd = 0x001d06c2; ClassName:
x=0, y=0, width=0, height=0
1:11:1 = hWnd = 0x01b005c4; ClassName:
x=0, y=0, width=0, height=0
1:11:4 = Need to re-create objects.
1:11:4 = s1.
1:11:4 = s2.
1:11:4 = Start show animate
1:11:4 = Shell Excutute VerifyHost
1:15:40 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:15:40 = Terminate Process

1:15:41 = end close Process
1:15:41 = DLL_PROCESS_DETACH
1:25:10 = Process Attach
1:25:10 = end process attach
1:25:10 = ##### Begin waiting Mutex to release process #####
1:25:10 = ***** NULL == SampleProvider *****
1:25:10 = hWnd = 0x002d070c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:25:10 = hWnd = 0x004006e4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:25:10 = hWnd = 0x000e07a2; ClassName:
x=0, y=0, width=0, height=0
1:25:10 = hWnd = 0x00190660; ClassName:
x=0, y=0, width=0, height=0
1:25:20 = Process Attach
1:25:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:25:20 = ##### Get event and release process #####

1:25:20 = ***** NULL == SampleProvider *****
1:25:20 = end close Process
1:25:20 = ##### Get event and release process end #####
1:25:20 = hWnd = 0x006f00d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:25:20 = hWnd = 0x024001c0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:25:20 = hWnd = 0x00f40058; ClassName:
x=0, y=0, width=0, height=0
1:25:20 = hWnd = 0x01250086; ClassName:
x=0, y=0, width=0, height=0
10:34:31 = Process Attach
10:34:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:34:31 = ##### Begin waiting Mutex to release process #####

10:34:31 = ***** NULL == SampleProvider *****
10:34:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:34:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:34:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:34:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:34:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:34:35 = s1.
10:34:35 = s2.
10:34:38
10:34:38
10:35:16
10:35:16
10:35:17
10:35:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:3:19 = Process Attach

1:3:19 = end process attach
1:3:19 = ***** NULL == SampleProvider *****
1:3:19 = hWnd = 0x0003040a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:3:19 = hWnd = 0x000a03b4; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:19 = hWnd = 0x000318bc; ClassName:
x=0, y=0, width=0, height=0
1:3:19 = hWnd = 0x00060420; ClassName:
x=0, y=0, width=0, height=0
1:4:29 = Process Attach
1:4:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:4:29 = ##### Get event and release process #####

1:4:29 = ***** NULL == SampleProvider *****
1:4:29 = ##### Get event and release process end #####
1:4:29 = hWnd = 0x010601c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:4:29 = hWnd = 0x00030038; ClassName:
w.
x=0, y=0, width=1, height=1
1:4:29 = hWnd = 0x00710036; ClassName:
x=0, y=0, width=0, height=0
1:4:29 = hWnd = 0x0065002a; ClassName:
x=0, y=0, width=0, height=0
11:3:16 = Process Attach
11:3:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:3:16 = * NULL == SampleProvider *

11:3:16 = ##### Begin waiting Mutex to release process #####
11:3:17 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:3:17 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
11:3:17 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

11:3:17 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
11:3:21 = Need to re-create objects.
11:3:21 = s1.
11:3:21 = s2.
11:3:26 = Start show animate
11:3:26 = Shell Excutute VerifyHost
11:4:5 = begin close Process
11:4:5 = Terminate Process
11:4:6 = end close Process
11:4:6 = DLL_PROCESS_DETACH
16:29:55 = Process Attach
16:29:55 = end process attach
16:29:55 = ***** NULL == SampleProvider *****
16:29:55 = ##### Begin waiting Mutex to release process #####
16:29:55 = hWnd = 0x000507fc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:29:55 = hWnd = 0x000e0624; ClassName:
dow.
x=0, y=0, width=1, height=1
16:29:55 = hWnd = 0x0004052e; ClassName:
x=0, y=0, width=0, height=0
16:29:55 = hWnd = 0x00050550; ClassName:
x=0, y=0, width=0, height=0
16:31:0 = Process Attach
16:31:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:31:0 = * NULL == SampleProvider *

16:31:0 = begin close Process
16:31:0 = end close Process
16:31:0 = ##### Get event and release process end #####
16:31:0 = hWnd = 0x005a003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:31:0 = hWnd = 0x00b10188; ClassName:
ow.
x=0, y=0, width=1, height=1
16:31:0 = hWnd = 0x001801f2; ClassName:
x=0, y=0, width=0, height=0
16:31:0 = hWnd = 0x00a30054; ClassName:
x=0, y=0, width=0, height=0
16:34:59 = Process Attach
16:34:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:34:59 = * NULL == SampleProvider *

16:34:59 = ##### Begin waiting Mutex to release process #####
16:34:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0,
16:35:0 =
x=0, y=0,
16:35:0 =
x=0, y=0,
16:35:3 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

16:35:3 = s1.
16:35:3 = s2.
16:35:6 = Start show animate
16:35:6 = Shell Excutute VerifyHost
16:35:45 = begin close Process
16:35:45 = Terminate Process
16:35:46 = end close Process
16:35:46 = DLL_PROCESS_DETACH
1:24:18 = Process Attach
1:24:18 = end process attach
1:24:18 = ***** NULL == SampleProvider *****
1:24:18 = ##### Begin waiting Mutex to release process #####
1:24:18 =
ow.
x=0, y=0,
1:24:18 =
x=0, y=0,
1:24:18 =
x=0, y=0,
1:24:57 =
1:24:57 =

hWnd = 0x00140a50; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0009168a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000903c4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:24:57 = ##### Get event and release process #####

1:24:57 = begin close Process
1:24:57 = end close Process
1:24:57 = ##### Get event and release process end #####
1:24:57 = hWnd = 0x007f012e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:24:57 = hWnd = 0x015001ea; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:57 = hWnd = 0x00d801f2; ClassName:
x=0, y=0, width=0, height=0
1:24:57 = hWnd = 0x009500ce; ClassName:
x=0, y=0, width=0, height=0
10:15:53 = Process Attach
10:15:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:15:53 = * NULL == SampleProvider *

10:15:53 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:15:53 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
10:15:54 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:15:54 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:15:59 = Need to re-create objects.
10:15:59 = s1.
10:15:59 = s2.
10:16:3 = Start show animate
10:16:3 = Shell Excutute VerifyHost
10:16:40 = begin close Process
10:16:40 = Terminate Process
10:16:41 = end close Process
10:16:41 = DLL_PROCESS_DETACH
1:56:9 = Process Attach
1:56:9 = end process attach
1:56:9 = ***** NULL == SampleProvider *****
1:56:9 = hWnd = 0x00160504; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:56:9 = hWnd = 0x001904a4; ClassName:
w.
x=0, y=0, width=1, height=1
1:56:9 = hWnd = 0x0021060a; ClassName:
x=0, y=0, width=0, height=0
1:56:9 = hWnd = 0x001e05b4; ClassName:
x=0, y=0, width=0, height=0
1:56:41 = Process Attach
1:56:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:56:41 = ##### Get event and release process #####

1:56:41 = begin close Process
1:56:41 = end close Process
1:56:41 = ##### Get event and release process end #####
1:56:41 = hWnd = 0x00a5004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:56:41 = hWnd = 0x009f00e2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:56:41 = hWnd = 0x002a0038; ClassName:
x=0, y=0, width=0, height=0
1:56:41 = hWnd = 0x00eb01e8; ClassName:
x=0, y=0, width=0, height=0
3:17:40 = Process Attach
3:17:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:17:40 = * NULL == SampleProvider *

3:17:40 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
3:17:41 =
ow.
x=0, y=0,
3:17:41 =
x=0, y=0,
3:17:41 =
x=0, y=0,
3:17:44 =

3:17:44 = s1.
3:17:44 = s2.
3:17:47
3:17:47
3:18:25
3:18:25
3:18:26
3:18:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:26:39 = Process Attach

3:26:39 = end process attach
3:26:39 = ***** NULL == SampleProvider *****
3:26:39 = ##### Begin waiting Mutex to release process #####
3:26:39 = hWnd = 0x000403f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:26:39 = hWnd = 0x000503ca; ClassName:
ow.
x=0, y=0, width=1, height=1
3:26:39 = hWnd = 0x0003038e; ClassName:
x=0, y=0, width=0, height=0
3:26:39 = hWnd = 0x000303c6; ClassName:
x=0, y=0, width=0, height=0
3:26:44 = Process Attach
3:26:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:26:44 = * NULL == SampleProvider *

3:26:44 = ##### Get event and release process #####
3:26:44 = begin close Process
3:26:44 = end close Process
3:26:44 = ##### Get event and release process end #####
3:26:44 = hWnd = 0x000101e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:26:44 = hWnd = 0x000101e0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:26:44 = hWnd = 0x000101ec; ClassName:
x=0, y=0, width=0, height=0
3:26:44 = hWnd = 0x000101e2; ClassName:
x=0, y=0, width=0, height=0
10:16:9 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:16:9 = end process attach

10:16:9 = ***** NULL == SampleProvider *****
10:16:9 = ##### Begin waiting Mutex to release process #####
10:16:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:16:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:16:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:16:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:16:13 = Need to re-create objects.
10:16:13 = s1.
10:16:13 = s2.
10:16:17
10:16:17
10:16:54
10:16:54
10:16:55
10:16:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:34:48 = Process Attach

23:34:48 = end process attach
23:34:49 = ***** NULL == SampleProvider *****
23:34:49 = hWnd = 0x000b09ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:34:49 = hWnd = 0x00560baa; ClassName:
dow.
x=0, y=0, width=1, height=1
23:34:49 = hWnd = 0x01b10b3e; ClassName:
x=0, y=0, width=0, height=0
23:34:49 = hWnd = 0x00050bf8; ClassName:
x=0, y=0, width=0, height=0
23:35:6 = Process Attach
23:35:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:35:6 = ##### Get event and release process #####

23:35:6 = ***** NULL == SampleProvider *****
23:35:6 = ##### Get event and release process end #####
23:35:6 = hWnd = 0x007a002e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:35:6 = hWnd = 0x0079005e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
23:35:6 = hWnd = 0x010100e2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

23:35:6 = hWnd = 0x002a006c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:39:47 = Process Attach
23:39:47 = end process attach
23:39:47 = ***** NULL == SampleProvider *****
23:39:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:39:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:39:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:39:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:39:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:39:52 = s1.
23:39:52 = s2.
23:39:57
23:39:57
23:40:34
23:40:34
23:40:35
23:40:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:24:13 = Process Attach

1:24:13 = end process attach
1:24:13 = ***** NULL == SampleProvider *****
1:24:13 = ##### Begin waiting Mutex to release process #####
1:24:13 = hWnd = 0x00040328; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:24:13 = hWnd = 0x0007033c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:13 = hWnd = 0x00030324; ClassName:
x=0, y=0, width=0, height=0
1:24:13 = hWnd = 0x000503ee; ClassName:
x=0, y=0, width=0, height=0
1:24:18 = Process Attach
1:24:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:24:18 = * NULL == SampleProvider *

1:24:18 = begin close Process
1:24:18 = end close Process
1:24:18 = ##### Get event and release process end #####
1:24:18 = hWnd = 0x001f0186; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:24:18 =
ow.
x=0, y=0,
1:24:18 =
x=0, y=0,
1:24:18 =
x=0, y=0,
9:50:50 =
9:50:50 =

hWnd = 0x0029004c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0003012a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0003012e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:50:50 = * NULL == SampleProvider *

9:50:50 = ##### Begin waiting Mutex to release process #####
9:50:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:50:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:50:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:50:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:50:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:50:55 = s1.
9:50:55 = s2.
9:50:58
9:50:58
9:51:36
9:51:36
9:51:37
9:51:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:17:2 = Process Attach

2:17:2 = end process attach
2:17:2 = ***** NULL == SampleProvider *****
2:17:2 = ##### Begin waiting Mutex to release process #####
2:17:2 = hWnd = 0x00070cdc; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:17:2 = hWnd = 0x000907ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:17:2 = hWnd = 0x00070cb0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:17:37 = Process Attach
2:17:37 = ## ERR ## Setevent
2:17:37 = ##### Get event and release process #####
2:17:37 = begin close Process
2:17:37 = end close Process
2:17:37 = ##### Get event and release process end #####

2:17:37 = hWnd = 0x00b80088; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:17:37 = hWnd = 0x01480178; ClassName:
ow.
x=0, y=0, width=1, height=1
2:17:37 = hWnd = 0x0016004c; ClassName:
x=0, y=0, width=0, height=0
2:17:37 = hWnd = 0x00d401e8; ClassName:
x=0, y=0, width=0, height=0
9:10:14 = Process Attach
9:10:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:14 = * NULL == SampleProvider *

9:10:14 = ##### Begin waiting Mutex to release process #####
9:10:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:10:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:10:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:10:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:10:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:19 = s1.
9:10:19 = s2.
9:10:23 = Start show animate
9:10:23 = Shell Excutute VerifyHost
9:11:0 = begin close Process
9:11:0 = Terminate Process
9:11:1 = end close Process
9:11:1 = DLL_PROCESS_DETACH
18:16:41 = Process Attach
18:16:41 = end process attach
18:16:41 = ***** NULL == SampleProvider *****
18:16:41 = ##### Begin waiting Mutex to release process #####
18:16:41 = hWnd = 0x000204fe; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:16:41 = hWnd = 0x000204fa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:16:41 = hWnd = 0x00020520; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:17:33 = Process Attach
18:17:33 = ## ERR ## Setevent
18:17:33 = ##### Get event and release process #####
18:17:33 = begin close Process

18:17:33 = end close Process

18:17:33 = ***** NULL == SampleProvider *****
18:17:33 = hWnd = 0x00f401b6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:17:33 = hWnd = 0x0046005a; ClassName:
dow.
x=0, y=0, width=1, height=1
18:17:33 = hWnd = 0x000e003a; ClassName:
x=0, y=0, width=0, height=0
18:17:33 = hWnd = 0x0059009e; ClassName:
x=0, y=0, width=0, height=0
18:21:22 = Process Attach
18:21:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:21:22 = * NULL == SampleProvider *

18:21:22 = ##### Begin waiting Mutex to release process #####
18:21:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:21:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:21:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:21:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:21:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:21:26 = s1.
18:21:26 = s2.
18:21:29 = Start show animate
18:21:29 = Shell Excutute VerifyHost
18:22:6 = begin close Process
18:22:6 = Terminate Process
18:22:7 = end close Process
18:22:7 = DLL_PROCESS_DETACH
1:2:20 = Process Attach
1:2:20 = end process attach
1:2:20 = ***** NULL == SampleProvider *****
1:2:20 = ##### Begin waiting Mutex to release process #####
1:2:20 = hWnd = 0x000a0482; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:2:20 = hWnd = 0x00050410; ClassName:
w.
x=0, y=0, width=1, height=1
1:2:20 = hWnd = 0x000504c4; ClassName:
x=0, y=0, width=0, height=0
1:2:20 = hWnd = 0x000704c8; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:3:20 = Process Attach

1:3:20 = ## ERR ## Setevent
1:3:20 = ##### Get event and release process #####
1:3:20 = begin close Process
1:3:20 = end close Process
1:3:20 = ##### Get event and release process end #####
1:3:20 = hWnd = 0x01150192; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:3:20 = hWnd = 0x0055018c; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:20 = hWnd = 0x00020188; ClassName:
x=0, y=0, width=0, height=0
1:3:20 = hWnd = 0x00450190; ClassName:
x=0, y=0, width=0, height=0
9:1:29 = Process Attach
9:1:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:1:29 = * NULL == SampleProvider *

9:1:29 = ##### Begin waiting Mutex to release process #####
9:1:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:1:30 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:1:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:1:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:1:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:1:36 = s1.
9:1:36 = s2.
9:1:39
9:1:39
9:2:16
9:2:16
9:2:17
9:2:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:0:37 = Process Attach

13:0:37 = end process attach
13:0:37 = ***** NULL == SampleProvider *****
13:0:37 = ##### Begin waiting Mutex to release process #####
13:0:37 = hWnd = 0x00060b28; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
13:0:37 = hWnd = 0x000813ce; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
13:0:37 =
x=0, y=0,
13:1:20 =
13:1:20 =

width=0, height=0
hWnd = 0x000904aa; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

13:1:20 = ##### Get event and release process #####

13:1:20 = hWnd = 0x00540094; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:1:20 = end close Process
13:1:20 = hWnd = 0x000501f8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:1:20 = hWnd = 0x00210174; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:14:1 = Process Attach
13:14:1 = end process attach
13:14:1 = ***** NULL == SampleProvider *****
13:14:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:14:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:14:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:14:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:14:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:14:7 = s1.
13:14:7 = s2.
13:14:10
13:14:10
13:14:48
13:14:48
13:14:49
13:14:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:48:30 = Process Attach

1:48:30 = end process attach
1:48:30 = ***** NULL == SampleProvider *****
1:48:30 = ##### Begin waiting Mutex to release process #####
1:48:30 = hWnd = 0x000404aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:48:30 = hWnd = 0x00140524; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:30 = hWnd = 0x00020b98; ClassName:
x=0, y=0, width=0, height=0
1:48:30 = hWnd = 0x001206ac; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

1:49:2 = Process Attach
1:49:2 = ## ERR ## Setevent
1:49:2 = ***** NULL == SampleProvider *****
1:49:2 = ##### Get event and release process #####
1:49:2 = begin close Process
1:49:2 = hWnd = 0x003f00de; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:49:2 = ##### Get event and release process end #####
1:49:2 = hWnd = 0x0013009a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:49:2 = hWnd = 0x0030018a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:13:8 = Process Attach
10:13:8 = end process attach
10:13:8 = ***** NULL == SampleProvider *****
10:13:8 = ##### Begin waiting Mutex to release process #####
10:13:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:13:9 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:13:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:13:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:13:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:13:14 = s1.
10:13:14 = s2.
10:13:17
10:13:17
10:13:54
10:13:54
10:13:55
10:13:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:34:22 = Process Attach

10:34:22 = end process attach
10:34:22 = ***** NULL == SampleProvider *****
10:34:22 = ##### Begin waiting Mutex to release process #####
10:34:22 = hWnd = 0x000403d8; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:34:22 = hWnd = 0x00090404; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

10:34:22 = hWnd = 0x00060402; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
10:34:55 = Process Attach
10:34:55 = ## ERR ## Setevent
10:34:55 = ##### Get event and release process #####
10:34:55 = ***** NULL == SampleProvider *****
10:34:55 = end close Process
10:34:55 = ##### Get event and release process end #####
10:34:55 = hWnd = 0x000c01e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:34:55 = hWnd = 0x00050058; ClassName:
dow.
x=0, y=0, width=1, height=1
10:34:55 = hWnd = 0x000501e0; ClassName:
x=0, y=0, width=0, height=0
10:34:55 = hWnd = 0x0006005a; ClassName:
x=0, y=0, width=0, height=0
10:36:19 = Process Attach
10:36:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:36:19 = * NULL == SampleProvider *

10:36:19 = ##### Begin waiting Mutex to release process #####
10:36:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:36:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:36:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:36:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:36:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:36:25 = s1.
10:36:25 = s2.
10:36:29 = Start show animate
10:36:29 = Shell Excutute VerifyHost
10:37:5 = begin close Process
10:37:5 = Terminate Process
10:37:6 = end close Process
10:37:6 = DLL_PROCESS_DETACH
0:45:17 = Process Attach
0:45:17 = end process attach
0:45:17 = ***** NULL == SampleProvider *****
0:45:18 = hWnd = 0x000f059a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

0:45:18 = hWnd = 0x0015061e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:45:18 = hWnd = 0x000b0622; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:45:18 = hWnd = 0x00210514; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:46:1 = Process Attach
0:46:1 = ## ERR ## Setevent
0:46:1 = ##### Get event and release process #####
0:46:1 = begin close Process
0:46:1 = end close Process
0:46:1 = ##### Get event and release process end #####
0:46:1 = hWnd = 0x006c01e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:46:1 = hWnd = 0x004b005c; ClassName:
w.
x=0, y=0, width=1, height=1
0:46:1 = hWnd = 0x004301ea; ClassName:
x=0, y=0, width=0, height=0
0:46:1 = hWnd = 0x00dd016a; ClassName:
x=0, y=0, width=0, height=0
10:4:7 = Process Attach
10:4:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:4:7 = * NULL == SampleProvider *

10:4:7 = ##### Begin waiting Mutex to release process #####
10:4:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:4:9 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
10:4:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:4:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:4:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:4:13 = s1.
10:4:13 = s2.
10:4:16
10:4:16
10:4:54
10:4:54
10:4:55
10:4:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:8:53 = Process Attach

1:8:53 = end process attach
1:8:53 = ***** NULL == SampleProvider *****

1:8:53 = hWnd = 0x00110884; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:8:53 = hWnd = 0x000d09fe; ClassName:
w.
x=0, y=0, width=1, height=1
1:8:53 = hWnd = 0x000d0e6e; ClassName:
x=0, y=0, width=0, height=0
1:8:53 = hWnd = 0x0013172c; ClassName:
x=0, y=0, width=0, height=0
1:9:59 = Process Attach
1:9:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:9:59 = ##### Get event and release process #####

1:9:59 = begin close Process
1:9:59 = ***** NULL == SampleProvider *****
1:9:59 = hWnd = 0x01100084; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:9:59 = hWnd = 0x00870096; ClassName:
w.
x=0, y=0, width=1, height=1
1:9:59 = hWnd = 0x0059004e; ClassName:
x=0, y=0, width=0, height=0
1:9:59 = hWnd = 0x003701b0; ClassName:
x=0, y=0, width=0, height=0
10:3:50 = Process Attach
10:3:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:50 = * NULL == SampleProvider *

10:3:50 = ##### Begin waiting Mutex to release process #####
10:3:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:3:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:3:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:3:53 = Need to re-create objects.
10:3:54 = s1.
10:3:54 = s2.
10:3:56
10:3:56
10:4:35
10:4:35
10:4:36
10:4:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:41:10 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:41:10 = end process attach

17:41:10 = ##### Begin waiting Mutex to release process #####
17:41:10 = hWnd = 0x000a16da; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:41:10 = hWnd = 0x000e0ba2; ClassName:
dow.
x=0, y=0, width=1, height=1
17:41:10 = hWnd = 0x000e0698; ClassName:
x=0, y=0, width=0, height=0
17:41:10 = hWnd = 0x00090b5c; ClassName:
x=0, y=0, width=0, height=0
17:42:8 = Process Attach
17:42:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:42:8 = * NULL == SampleProvider *

17:42:8 = ##### Get event and release process #####
17:42:8 = begin close Process
17:42:8 = end close Process
17:42:8 = ##### Get event and release process end #####
17:42:8 = hWnd = 0x003e01c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:42:8 = hWnd = 0x00d2004c; ClassName:
ow.
x=0, y=0, width=1, height=1
17:42:8 = hWnd = 0x000f0082; ClassName:
x=0, y=0, width=0, height=0
17:42:8 = hWnd = 0x0055009e; ClassName:
x=0, y=0, width=0, height=0
19:43:39 = Process Attach
19:43:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:43:39 = * NULL == SampleProvider *

19:43:40 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:43:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:43:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:43:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:43:45 = Need to re-create objects.
19:43:45 = s1.
19:43:45 = s2.
19:43:49
19:43:49
19:44:27
19:44:27

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:44:28 = end close Process

19:44:28 = DLL_PROCESS_DETACH
0:9:21 = Process Attach
0:9:21 = end process attach
0:9:21 = ***** NULL == SampleProvider *****
0:9:21 = ##### Begin waiting Mutex to release process #####
0:9:21 = hWnd = 0x000904c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:9:21 = hWnd = 0x000b0520; ClassName:
w.
x=0, y=0, width=1, height=1
0:9:21 = hWnd = 0x0028045a; ClassName:
x=0, y=0, width=0, height=0
0:9:21 = hWnd = 0x0016053a; ClassName:
x=0, y=0, width=0, height=0
0:9:35 = Process Attach
0:9:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:9:35 = ##### Get event and release process #####

0:9:35 = begin close Process
0:9:35 = end close Process
0:9:35 = ##### Get event and release process end #####
0:9:35 = hWnd = 0x006101b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:9:35 = hWnd = 0x00a3013c; ClassName:
w.
x=0, y=0, width=1, height=1
0:9:35 = hWnd = 0x000c01f4; ClassName:
x=0, y=0, width=0, height=0
0:9:35 = hWnd = 0x001e0086; ClassName:
x=0, y=0, width=0, height=0
10:29:55 = Process Attach
10:29:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:55 = * NULL == SampleProvider *

10:29:55 = ##### Begin waiting Mutex to release process #####
10:29:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:29:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:29:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:29:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:29:58 = Need to re-create objects.
10:29:59 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:59 = s2.
10:30:1 = Start show animate
10:30:1 = Shell Excutute VerifyHost
10:30:40 = begin close Process
10:30:40 = Terminate Process
10:30:41 = end close Process
10:30:41 = DLL_PROCESS_DETACH
2:0:39 = Process Attach
2:0:39 = end process attach
2:0:39 = ***** NULL == SampleProvider *****
2:0:39 = ##### Begin waiting Mutex to release process #####
2:0:39 = hWnd = 0x0013090c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:0:39 = hWnd = 0x00030790; ClassName:
w.
x=0, y=0, width=1, height=1
2:0:39 = hWnd = 0x00110688; ClassName:
x=0, y=0, width=0, height=0
2:0:39 = hWnd = 0x000b0a58; ClassName:
x=0, y=0, width=0, height=0
2:1:29 = Process Attach
2:1:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:1:29 = * NULL == SampleProvider *

2:1:29 = begin close Process
2:1:29 = end close Process
2:1:29 = ##### Get event and release process end #####
2:1:29 = hWnd = 0x005e0080; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:1:29 = hWnd = 0x00f70082; ClassName:
w.
x=0, y=0, width=1, height=1
2:1:29 = hWnd = 0x00e3006a; ClassName:
x=0, y=0, width=0, height=0
2:1:29 = hWnd = 0x006701dc; ClassName:
x=0, y=0, width=0, height=0
8:47:17 = Process Attach
8:47:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:17 = * NULL == SampleProvider *

8:47:17 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:47:18 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:47:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:47:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:20 = Need to re-create objects.

8:47:20 = s1.
8:47:20 = s2.
8:47:24 = Start show animate
8:47:24 = Shell Excutute VerifyHost
8:48:3 = begin close Process
8:48:3 = Terminate Process
8:48:4 = end close Process
8:48:4 = DLL_PROCESS_DETACH
0:11:9 = Process Attach
0:11:9 = end process attach
0:11:9 = ***** NULL == SampleProvider *****
0:11:9 = ##### Begin waiting Mutex to release process #####
0:11:9 = hWnd = 0x0049047c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:11:9 = hWnd = 0x000d045a; ClassName:
w.
x=0, y=0, width=1, height=1
0:11:9 = hWnd = 0x000f0478; ClassName:
x=0, y=0, width=0, height=0
0:11:9 = hWnd = 0x001d010e; ClassName:
x=0, y=0, width=0, height=0
0:11:24 = Process Attach
0:11:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:11:24 = ##### Get event and release process #####

0:11:24 = begin close Process
0:11:24 = end close Process
0:11:24 = ##### Get event and release process end #####
0:11:24 = hWnd = 0x002001f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:11:24 = hWnd = 0x00ec016e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:11:24 = hWnd = 0x0065019a; ClassName:
x=0, y=0, width=0, height=0
0:11:24 = hWnd = 0x001801d4; ClassName:
x=0, y=0, width=0, height=0
8:29:48 = Process Attach
8:29:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:29:48 = * NULL == SampleProvider *

8:29:48 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:29:49 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

8:29:49 =
x=0, y=0,
8:29:49 =
x=0, y=0,
8:29:53 =

hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

8:29:53 = s1.
8:29:53 = s2.
8:29:57
8:29:57
8:30:34
8:30:34
8:30:35
8:30:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:10:31 = Process Attach

15:10:31 = end process attach
15:10:31 = ***** NULL == SampleProvider *****
15:10:31 = ##### Begin waiting Mutex to release process #####
15:10:31 = hWnd = 0x000404fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:10:31 = hWnd = 0x00060492; ClassName:
dow.
x=0, y=0, width=1, height=1
15:10:31 = hWnd = 0x0005048e; ClassName:
x=0, y=0, width=0, height=0
15:10:31 = hWnd = 0x000604b8; ClassName:
x=0, y=0, width=0, height=0
15:10:38 = Process Attach
15:10:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:10:38 = ##### Get event and release process #####

15:10:38 = begin close Process
15:10:38 = end close Process
15:10:38 = ##### Get event and release process end #####
15:10:38 = hWnd = 0x005001d6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:10:38 = hWnd = 0x002a0058; ClassName:
dow.
x=0, y=0, width=1, height=1
15:10:38 = hWnd = 0x00600182; ClassName:
x=0, y=0, width=0, height=0
15:10:38 = hWnd = 0x00550028; ClassName:
x=0, y=0, width=0, height=0
19:25:18 = Process Attach
19:25:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:25:18 = * NULL == SampleProvider *

19:25:18 = ##### Begin waiting Mutex to release process #####

19:25:18 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:25:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:25:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:25:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:25:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:25:22 = s1.
19:25:22 = s2.
19:25:26 = Start show animate
19:25:26 = Shell Excutute VerifyHost
19:26:5 = begin close Process
19:26:5 = Terminate Process
19:26:6 = end close Process
19:26:6 = DLL_PROCESS_DETACH
1:18:31 = Process Attach
1:18:31 = end process attach
1:18:31 = ***** NULL == SampleProvider *****
1:18:31 = ##### Begin waiting Mutex to release process #####
1:18:31 = hWnd = 0x00060438; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:18:31 = hWnd = 0x0005040a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:18:31 = hWnd = 0x000a0400; ClassName:
x=0, y=0, width=0, height=0
1:18:31 = hWnd = 0x0002044a; ClassName:
x=0, y=0, width=0, height=0
1:18:37 = Process Attach
1:18:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:18:37 = ##### Get event and release process #####

1:18:37 = begin close Process
1:18:37 = end close Process
1:18:37 = ##### Get event and release process end #####
1:18:37 = hWnd = 0x00660086; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:18:37 = hWnd = 0x0031004e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:18:37 = hWnd = 0x003801ce; ClassName:
x=0, y=0, width=0, height=0
1:18:37 = hWnd = 0x000e0098; ClassName:
x=0, y=0, width=0, height=0
9:10:14 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:14 = end process attach

9:10:14 = ***** NULL == SampleProvider *****
9:10:14 = ##### Begin waiting Mutex to release process #####
9:10:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:10:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:10:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:10:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:10:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:19 = s1.
9:10:19 = s2.
9:10:22 = Start show animate
9:10:22 = Shell Excutute VerifyHost
9:10:59 = begin close Process
9:10:59 = Terminate Process
9:11:0 = end close Process
9:11:0 = DLL_PROCESS_DETACH
16:48:28 = Process Attach
16:48:28 = end process attach
16:48:28 = ***** NULL == SampleProvider *****
16:48:28 = ##### Begin waiting Mutex to release process #####
16:48:28 = hWnd = 0x001511e6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:48:28 = hWnd = 0x00080f4a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:48:28 = hWnd = 0x00071244; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:49:4 = Process Attach
16:49:4 = ## ERR ## Setevent
16:49:4 = ##### Get event and release process #####
16:49:4 = ***** NULL == SampleProvider *****
16:49:4 = end close Process
16:49:4 = ##### Get event and release process end #####
16:49:4 = hWnd = 0x006a009a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:49:4 = hWnd = 0x013b0198; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
16:49:4 = hWnd = 0x00470146; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

16:49:4 = hWnd = 0x0107002a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:47:32 = Process Attach
18:47:32 = end process attach
18:47:32 = ***** NULL == SampleProvider *****
18:47:32 = ##### Begin waiting Mutex to release process #####
18:47:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:47:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:47:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:47:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:47:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:47:36 = s1.
18:47:36 = s2.
18:47:39
18:47:39
18:48:16
18:48:16
18:48:17
18:48:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:40:38 = Process Attach

3:40:38 = end process attach
3:40:38 = ##### Begin waiting Mutex to release process #####
3:40:38 = ***** NULL == SampleProvider *****
3:40:38 = hWnd = 0x000304aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:40:38 = hWnd = 0x000404be; ClassName:
ow.
x=0, y=0, width=1, height=1
3:40:38 = hWnd = 0x000304f4; ClassName:
x=0, y=0, width=0, height=0
3:40:38 = hWnd = 0x000304bc; ClassName:
x=0, y=0, width=0, height=0
3:41:8 = Process Attach
3:41:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:41:8 = * NULL == SampleProvider *

3:41:8 = begin close Process
3:41:8 = end close Process
3:41:8 = ##### Get event and release process end #####
3:41:8 = hWnd = 0x00a90128; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
3:41:8 = hWnd = 0x0004005c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:41:8 = hWnd = 0x00c4018c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:23:19 = Process Attach
9:23:19 = end process attach
9:23:19 = ***** NULL == SampleProvider *****
9:23:20 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:23:20 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:23:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:23:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:23:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:23:22 = s1.
9:23:22 = s2.
9:23:26 = Start show animate
9:23:26 = Shell Excutute VerifyHost
9:24:6 = begin close Process
9:24:6 = Terminate Process
9:24:7 = end close Process
9:24:7 = DLL_PROCESS_DETACH
1:47:16 = Process Attach
1:47:16 = end process attach
1:47:16 = ##### Begin waiting Mutex to release process #####
1:47:16 = ***** NULL == SampleProvider *****
1:47:16 = hWnd = 0x000e0436; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:47:16 = hWnd = 0x00340498; ClassName:
ow.
x=0, y=0, width=1, height=1
1:47:16 = hWnd = 0x001a042c; ClassName:
x=0, y=0, width=0, height=0
1:47:16 = hWnd = 0x00110468; ClassName:
x=0, y=0, width=0, height=0
1:47:46 = Process Attach
1:47:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:47:46 = ##### Get event and release process #####

1:47:46 = ***** NULL == SampleProvider *****
1:47:46 = end close Process
1:47:46 = ##### Get event and release process end #####

1:47:46 = hWnd = 0x00ad002c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:47:46 = hWnd = 0x00f80084; ClassName:
ow.
x=0, y=0, width=1, height=1
1:47:46 = hWnd = 0x000a0192; ClassName:
x=0, y=0, width=0, height=0
1:47:46 = hWnd = 0x00ae014e; ClassName:
x=0, y=0, width=0, height=0
10:7:48 = Process Attach
10:7:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:7:48 = * NULL == SampleProvider *

10:7:48 = ##### Begin waiting Mutex to release process #####
10:7:49 =
ow.
x=0, y=0,
10:7:50 =
x=0, y=0,
10:7:50 =
x=0, y=0,
10:7:52 =

10:7:52 = s1.
10:7:52 = s2.
10:7:56
10:7:56
10:8:33
10:8:33
10:8:34
10:8:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:54:17 = Process Attach

0:54:17 = end process attach
0:54:17 = ***** NULL == SampleProvider *****
0:54:17 = ##### Begin waiting Mutex to release process #####
0:54:17 = hWnd = 0x00240426; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:54:17 = hWnd = 0x001d047e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:54:17 = hWnd = 0x001b05ac; ClassName:
x=0, y=0, width=0, height=0
0:54:17 = hWnd = 0x001106b2; ClassName:
x=0, y=0, width=0, height=0
0:54:17 = Need to re-create objects.
0:54:17 = s1.
0:54:17 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:54:20
0:54:20
0:55:41
0:55:41
0:55:42
0:55:42

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:8:56 = Process Attach

1:8:56 = end process attach
1:8:56 = ***** NULL == SampleProvider *****
1:8:56 = ##### Begin waiting Mutex to release process #####
1:8:56 = hWnd = 0x00080558; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:8:56 = hWnd = 0x001c0518; ClassName:
w.
x=0, y=0, width=1, height=1
1:8:56 = hWnd = 0x000c04e8; ClassName:
x=0, y=0, width=0, height=0
1:8:56 = hWnd = 0x00090486; ClassName:
x=0, y=0, width=0, height=0
1:9:10 = Process Attach
1:9:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:9:10 = * NULL == SampleProvider *

1:9:10 = ##### Get event and release process #####
1:9:10 = begin close Process
1:9:10 = end close Process
1:9:10 = ##### Get event and release process end #####
1:9:10 = hWnd = 0x001b00de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:9:10 = hWnd = 0x0056005a; ClassName:
w.
x=0, y=0, width=1, height=1
1:9:10 = hWnd = 0x000d0188; ClassName:
x=0, y=0, width=0, height=0
1:9:10 = hWnd = 0x001101b8; ClassName:
x=0, y=0, width=0, height=0
10:3:34 = Process Attach
10:3:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:34 = * NULL == SampleProvider *

10:3:34 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:3:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:3:35 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

10:3:38 = Need to re-create objects.
10:3:38 = s1.
10:3:38 = s2.
10:3:41
10:3:41
10:4:19
10:4:19
10:4:20
10:4:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:48:37 = Process Attach

1:48:37 = end process attach
1:48:37 = ***** NULL == SampleProvider *****
1:48:37 = hWnd = 0x004f0576; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:48:37 = hWnd = 0x000b0504; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:37 = hWnd = 0x0019041e; ClassName:
x=0, y=0, width=0, height=0
1:48:37 = hWnd = 0x000c050e; ClassName:
x=0, y=0, width=0, height=0
1:49:9 = Process Attach
1:49:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:49:9 = ##### Get event and release process #####

1:49:9 = begin close Process
1:49:9 = end close Process
1:49:9 = ***** NULL == SampleProvider *****
1:49:9 = hWnd = 0x00070064; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:49:9 = hWnd = 0x011e003a; ClassName:
w.
x=0, y=0, width=1, height=1
1:49:9 = hWnd = 0x00030082; ClassName:
x=0, y=0, width=0, height=0
1:49:9 = hWnd = 0x006101e4; ClassName:
x=0, y=0, width=0, height=0
1:58:7 = Process Attach
1:58:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:58:8 = * NULL == SampleProvider *

1:58:8 = ##### Begin waiting Mutex to release process #####
1:58:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:58:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

1:58:9 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:58:9 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:58:12 = Need to re-create objects.
1:58:12 = s1.
1:58:12 = s2.
1:58:15
1:58:15
1:58:54
1:58:54
1:58:55
1:58:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:14:50 = Process Attach

2:14:50 = end process attach
2:14:50 = ***** NULL == SampleProvider *****
2:14:50 = hWnd = 0x00030572; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:14:50 = hWnd = 0x001a04fa; ClassName:
ow.
x=0, y=0, width=1, height=1
2:14:50 = hWnd = 0x0002056a; ClassName:
x=0, y=0, width=0, height=0
2:14:50 = hWnd = 0x00020574; ClassName:
x=0, y=0, width=0, height=0
2:14:55 = Process Attach
2:14:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:14:55 = * NULL == SampleProvider *

2:14:55 = begin close Process
2:14:55 = end close Process
2:14:55 = ##### Get event and release process end #####
2:14:55 = hWnd = 0x000501d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:14:55 = hWnd = 0x000301d0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:14:55 = hWnd = 0x000201d2; ClassName:
x=0, y=0, width=0, height=0
2:14:55 = hWnd = 0x00070062; ClassName:
x=0, y=0, width=0, height=0
9:37:43 = Process Attach
9:37:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:37:44 = * NULL == SampleProvider *

9:37:44 = ##### Begin waiting Mutex to release process #####
9:37:44 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
9:37:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:37:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:37:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:37:48 = Need to re-create objects.
9:37:49 = s1.
9:37:49 = s2.
9:37:52
9:37:52
9:38:31
9:38:31
9:38:32
9:38:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:8:9 = Process Attach

0:8:9 = end process attach
0:8:9 = ***** NULL == SampleProvider *****
0:8:9 = ##### Begin waiting Mutex to release process #####
0:8:9 = hWnd = 0x0008052a; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:8:9 = hWnd = 0x000f047c; ClassName:
.
x=0, y=0, width=1, height=1
0:8:9 = hWnd = 0x001a0524; ClassName:
x=0, y=0, width=0, height=0
0:8:9 = hWnd = 0x00040572; ClassName:
x=0, y=0, width=0, height=0
0:8:31 = Process Attach
0:8:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:8:31 = ##### Get event and release process #####

0:8:31 = begin close Process
0:8:31 = end close Process
0:8:31 = ##### Get event and release process end #####
0:8:31 = hWnd = 0x00a1019e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:8:31 = hWnd = 0x001801e0; ClassName:
w.
x=0, y=0, width=1, height=1
0:8:31 = hWnd = 0x01430056; ClassName:
x=0, y=0, width=0, height=0
0:8:31 = hWnd = 0x00fd01bc; ClassName:
x=0, y=0, width=0, height=0
10:23:31 = Process Attach
10:23:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:23:31 = * NULL == SampleProvider *

10:23:31 = ##### Begin waiting Mutex to release process #####
10:23:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:23:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:23:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:23:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:23:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:23:35 = s1.
10:23:35 = s2.
10:23:38
10:23:38
10:24:16
10:24:16
10:24:17
10:24:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:58:5 = Process Attach

23:58:5 = end process attach
23:58:5 = ***** NULL == SampleProvider *****
23:58:5 = ##### Begin waiting Mutex to release process #####
23:58:5 = hWnd = 0x001d0ae8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:58:5 = hWnd = 0x000d07fa; ClassName:
ow.
x=0, y=0, width=1, height=1
23:58:5 = hWnd = 0x002b0b2a; ClassName:
x=0, y=0, width=0, height=0
23:58:5 = hWnd = 0x001f046c; ClassName:
x=0, y=0, width=0, height=0
23:58:29 = Process Attach
23:58:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:58:29 = ##### Get event and release process #####

23:58:29 = begin close Process
23:58:29 = end close Process
23:58:29 = ##### Get event and release process end #####
23:58:29 = hWnd = 0x003701dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:29 = hWnd = 0x00a101d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

23:58:29 = hWnd = 0x000b00dc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
23:58:29 = hWnd = 0x004a0038; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:0:36 = Process Attach
10:0:36 = end process attach
10:0:36 = ***** NULL == SampleProvider *****
10:0:36 = ##### Begin waiting Mutex to release process #####
10:0:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:0:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:0:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:0:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:0:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:0:39 = s1.
10:0:39 = s2.
10:0:43
10:0:43
10:1:22
10:1:22
10:1:23
10:1:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:38:26 = Process Attach

1:38:26 = end process attach
1:38:26 = ***** NULL == SampleProvider *****
1:38:26 = ##### Begin waiting Mutex to release process #####
1:38:26 =
ow.
x=0, y=0,
1:38:26 =
x=0, y=0,
1:38:26 =
x=0, y=0,
1:39:14 =
1:39:14 =

hWnd = 0x001f10b8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001507c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x002108e2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:39:14 = ##### Get event and release process #####

1:39:14 = ***** NULL == SampleProvider *****
1:39:14 = ##### Get event and release process end #####
1:39:14 = hWnd = 0x02260142; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:39:14 =
ow.
x=0, y=0,
1:39:14 =
x=0, y=0,
1:39:14 =
x=0, y=0,
9:21:10 =
9:21:10 =

hWnd = 0x01440092; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000401a2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00250140; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:21:10 = * NULL == SampleProvider *

9:21:10 = ##### Begin waiting Mutex to release process #####
9:21:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:21:11 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:21:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:21:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:21:15 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:15 = s1.
9:21:15 = s2.
9:21:18
9:21:18
9:21:55
9:21:55
9:21:56
9:21:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:4:45 = Process Attach

1:4:45 = end process attach
1:4:45 = ***** NULL == SampleProvider *****
1:4:45 = ##### Begin waiting Mutex to release process #####
1:4:45 = hWnd = 0x000e1606; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:4:45 = hWnd = 0x0013042e; ClassName:
w.
x=0, y=0, width=1, height=1
1:4:45 = hWnd = 0x000f03d6; ClassName:
x=0, y=0, width=0, height=0
1:4:45 = hWnd = 0x001804ce; ClassName:
x=0, y=0, width=0, height=0
1:4:45 = Need to re-create objects.
1:4:46 = s1.
1:4:46 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:4:47
1:4:47
1:10:6
1:10:6
1:10:7
1:10:7

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:26:34 = Process Attach

1:26:34 = end process attach
1:26:34 = ***** NULL == SampleProvider *****
1:26:34 = hWnd = 0x000a129c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:26:34 = hWnd = 0x000d12cc; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:34 = hWnd = 0x002105a8; ClassName:
x=0, y=0, width=0, height=0
1:26:34 = hWnd = 0x0015048e; ClassName:
x=0, y=0, width=0, height=0
1:27:1 = Process Attach
1:27:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:27:2 = ##### Get event and release process #####

1:27:2 = begin close Process
1:27:2 = end close Process
1:27:2 = ***** NULL == SampleProvider *****
1:27:2 = hWnd = 0x004d0052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:27:2 = hWnd = 0x013a008c; ClassName:
w.
x=0, y=0, width=1, height=1
1:27:2 = hWnd = 0x000f01e8; ClassName:
x=0, y=0, width=0, height=0
1:27:2 = hWnd = 0x013501ea; ClassName:
x=0, y=0, width=0, height=0
10:41:25 = Process Attach
10:41:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:25 = * NULL == SampleProvider *

10:41:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:41:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:41:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:41:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:41:30 = Need to re-create objects.
10:41:31 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:31 = s2.
10:41:34
10:41:34
10:42:12
10:42:12
10:42:13
10:42:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:29:18 = Process Attach

1:29:18 = end process attach
1:29:18 = ***** NULL == SampleProvider *****
1:29:18 = ##### Begin waiting Mutex to release process #####
1:29:18 =
ow.
x=0, y=0,
1:29:18 =
x=0, y=0,
1:29:18 =
x=0, y=0,
1:29:55 =
1:29:55 =

hWnd = 0x00020440; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000302fe; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0003045a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:29:55 = ##### Get event and release process #####

1:29:55 = begin close Process
1:29:55 = end close Process
1:29:55 = ##### Get event and release process end #####
1:29:55 = ***** NULL == SampleProvider *****
1:29:55 = hWnd = 0x00d401d0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:29:55 = hWnd = 0x008a01d8; ClassName:
ow.
x=0, y=0, width=1, height=1
1:29:55 = hWnd = 0x0007005c; ClassName:
x=0, y=0, width=0, height=0
1:29:55 = hWnd = 0x013d008e; ClassName:
x=0, y=0, width=0, height=0
2:58:10 = Process Attach
2:58:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:58:10 = * NULL == SampleProvider *

2:58:10 = ##### Begin waiting Mutex to release process #####
2:58:11 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:58:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
2:58:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:58:12 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

2:58:14 = Need to re-create objects.
2:58:14 = s1.
2:58:14 = s2.
2:58:18
2:58:18
2:58:55
2:58:55
2:58:56
2:58:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:22:42 = Process Attach

3:22:42 = end process attach
3:22:42 = ##### Begin waiting Mutex to release process #####
3:22:42 = hWnd = 0x000b051c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:22:42 = hWnd = 0x000d05f6; ClassName:
ow.
x=0, y=0, width=1, height=1
3:22:42 = hWnd = 0x000a0512; ClassName:
x=0, y=0, width=0, height=0
3:22:42 = hWnd = 0x00060604; ClassName:
x=0, y=0, width=0, height=0
3:22:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:22:42 = s1.
3:22:42 = s2.
3:22:42
3:22:42
3:26:43
3:26:43
3:26:44
3:26:44

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:26:56 = Process Attach

3:26:56 = end process attach
3:26:56 = ***** NULL == SampleProvider *****
3:26:56 = ##### Begin waiting Mutex to release process #####
3:26:56 = hWnd = 0x00030574; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:26:56 = hWnd = 0x000605fc; ClassName:
ow.
x=0, y=0, width=1, height=1
3:26:56 = hWnd = 0x00030334; ClassName:
x=0, y=0, width=0, height=0
3:26:56 = hWnd = 0x0003057e; ClassName:
x=0, y=0, width=0, height=0
3:27:2 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:27:2 = ## ERR ## Setevent

3:27:2 = ##### Get event and release process #####
3:27:2 = begin close Process
3:27:2 = end close Process
3:27:2 = ##### Get event and release process end #####
3:27:2 = hWnd = 0x0008008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:27:2 = hWnd = 0x0008009a; ClassName:
w.
x=0, y=0, width=1, height=1
3:27:2 = hWnd = 0x000601e2; ClassName:
x=0, y=0, width=0, height=0
3:27:2 = hWnd = 0x000301cc; ClassName:
x=0, y=0, width=0, height=0
11:8:27 = Process Attach
11:8:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:8:27 = * NULL == SampleProvider *

11:8:27 = ##### Begin waiting Mutex to release process #####
11:8:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:8:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:8:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:8:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:8:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:8:30 = s1.
11:8:30 = s2.
11:8:34
11:8:34
11:9:12
11:9:12
11:9:13
11:9:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:3:27 = Process Attach

1:3:27 = end process attach
1:3:27 = ***** NULL == SampleProvider *****
1:3:27 = hWnd = 0x000a042c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:3:27 = hWnd = 0x00090abe; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:3:27 = hWnd = 0x002303fc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

1:3:27 = hWnd = 0x0017068a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:4:18 = Process Attach
1:4:18 = ## ERR ## Setevent
1:4:18 = ##### Get event and release process #####
1:4:18 = begin close Process
1:4:18 = end close Process
1:4:18 = ##### Get event and release process end #####
1:4:18 = hWnd = 0x00ec002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:4:18 = hWnd = 0x012001c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:4:18 = hWnd = 0x00fc01c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:9:2 = Process Attach
10:9:2 = end process attach
10:9:2 = ***** NULL == SampleProvider *****
10:9:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:9:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
10:9:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:9:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:9:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:6 = s1.
10:9:6 = s2.
10:9:9 = Start show animate
10:9:9 = Shell Excutute VerifyHost
10:9:46 = begin close Process
10:9:46 = Terminate Process
10:9:47 = end close Process
10:9:47 = DLL_PROCESS_DETACH
2:27:27 = Process Attach
2:27:27 = end process attach
2:27:27 = ***** NULL == SampleProvider *****
2:27:27 = hWnd = 0x000304c6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:27:27 = hWnd = 0x00050498; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:27:27 = hWnd = 0x000304b8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

2:27:27 = hWnd = 0x00070508; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
2:28:8 = Process Attach
2:28:8 = ## ERR ## Setevent
2:28:8 = ##### Get event and release process #####
2:28:8 = begin close Process
2:28:8 = end close Process
2:28:8 = ##### Get event and release process end #####
2:28:8 = hWnd = 0x00730050; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:28:8 = hWnd = 0x012c005a; ClassName:
w.
x=0, y=0, width=1, height=1
2:28:8 = hWnd = 0x000601ea; ClassName:
x=0, y=0, width=0, height=0
2:28:8 = hWnd = 0x02420056; ClassName:
x=0, y=0, width=0, height=0
10:34:10 = Process Attach
10:34:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:34:10 = * NULL == SampleProvider *

10:34:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:34:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:34:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:34:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:34:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:34:13 = s1.
10:34:13 = s2.
10:34:17
10:34:17
10:34:54
10:34:54
10:34:55
10:34:55

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:5:4 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:5:4 = end process attach

3:5:4 = ***** NULL == SampleProvider *****
3:5:4 = ##### Begin waiting Mutex to release process #####
3:5:4 = hWnd = 0x000303b4; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:5:4 = hWnd = 0x00030394; ClassName:
.
x=0, y=0, width=1, height=1
3:5:4 = hWnd = 0x00020504; ClassName:
x=0, y=0, width=0, height=0
3:5:4 = hWnd = 0x00030512; ClassName:
x=0, y=0, width=0, height=0
3:5:10 = Process Attach
3:5:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:5:10 = ##### Get event and release process #####

3:5:10 = begin close Process
3:5:10 = end close Process
3:5:10 = ##### Get event and release process end #####
3:5:10 = hWnd = 0x00040058; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:5:10 = hWnd = 0x000501da; ClassName:
w.
x=0, y=0, width=1, height=1
3:5:10 = hWnd = 0x00050084; ClassName:
x=0, y=0, width=0, height=0
3:5:10 = hWnd = 0x000c01ce; ClassName:
x=0, y=0, width=0, height=0
10:44:13 = Process Attach
10:44:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:44:13 = ##### Begin waiting Mutex to release process #####

10:44:13 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:44:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:44:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:44:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:44:17 = Need to re-create objects.
10:44:17 = s1.
10:44:17 = s2.
10:44:20
10:44:20
10:44:57
10:44:57

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:44:58 = end close Process

10:44:58 = DLL_PROCESS_DETACH
1:59:13 = Process Attach
1:59:13 = end process attach
1:59:13 = ***** NULL == SampleProvider *****
1:59:13 = hWnd = 0x001004fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:59:13 = hWnd = 0x000a0bf6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:59:13 = hWnd = 0x00070760; ClassName:
x=0, y=0, width=0, height=0
1:59:13 = hWnd = 0x001605ec; ClassName:
x=0, y=0, width=0, height=0
2:0:13 = Process Attach
2:0:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:0:13 = ##### Get event and release process #####

2:0:13 = ***** NULL == SampleProvider *****
2:0:13 = end close Process
2:0:13 = ##### Get event and release process end #####
2:0:13 = hWnd = 0x018801ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:0:13 = hWnd = 0x008101d2; ClassName:
w.
x=0, y=0, width=1, height=1
2:0:13 = hWnd = 0x013e0098; ClassName:
x=0, y=0, width=0, height=0
2:0:13 = hWnd = 0x00ce0052; ClassName:
x=0, y=0, width=0, height=0
10:49:34 = Process Attach
10:49:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:49:35 = * NULL == SampleProvider *

10:49:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:49:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:49:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:49:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:49:39 = Need to re-create objects.
10:49:39 = s1.
10:49:39 = s2.
10:49:43 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:49:43
10:50:21
10:50:21
10:50:22
10:50:22

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:43:46 = Process Attach

0:43:46 = end process attach
0:43:46 = ***** NULL == SampleProvider *****
0:43:46 = ##### Begin waiting Mutex to release process #####
0:43:46 =
ow.
x=0, y=0,
0:43:46 =
x=0, y=0,
0:43:46 =
x=0, y=0,
0:44:40 =
0:44:40 =

hWnd = 0x000a110a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0005040c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00080426; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:44:40 = * NULL == SampleProvider *

0:44:40 = begin close Process
0:44:40 = end close Process
0:44:40 = ##### Get event and release process end #####
0:44:40 = hWnd = 0x00ed012c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:44:40 = hWnd = 0x01490056; ClassName:
ow.
x=0, y=0, width=1, height=1
0:44:40 = hWnd = 0x00f80060; ClassName:
x=0, y=0, width=0, height=0
0:44:40 = hWnd = 0x007701fc; ClassName:
x=0, y=0, width=0, height=0
11:23:2 = Process Attach
11:23:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:23:2 = * NULL == SampleProvider *

11:23:2 = ##### Begin waiting Mutex to release process #####
11:23:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:23:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:23:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:23:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:23:6 = Need to re-create objects.
11:23:6 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:23:6 = s2.
11:23:11
11:23:11
11:23:48
11:23:48
11:23:49
11:23:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:44:12 = Process Attach

0:44:12 = end process attach
0:44:12 = ***** NULL == SampleProvider *****
0:44:12 = hWnd = 0x000314ea; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:44:12 = ##### Begin waiting Mutex to release process #####
0:44:12 =
ow.
x=0, y=0,
0:44:12 =
x=0, y=0,
0:44:12 =
x=0, y=0,
0:45:14 =
0:45:14 =

hWnd = 0x00050b1e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000316e8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00050b10; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:45:14 = * NULL == SampleProvider *

0:45:14 = begin close Process
0:45:14 = end close Process
0:45:14 = ##### Get event and release process end #####
0:45:14 = hWnd = 0x003001de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:45:14 = hWnd = 0x00cb004c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:14 = hWnd = 0x00d901ce; ClassName:
x=0, y=0, width=0, height=0
0:45:14 = hWnd = 0x00ed0146; ClassName:
x=0, y=0, width=0, height=0
9:43:24 = Process Attach
9:43:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:43:24 = * NULL == SampleProvider *

9:43:24 = ##### Begin waiting Mutex to release process #####
9:43:24 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:43:24 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:43:25 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

9:43:25 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
9:43:27 = Need to re-create objects.
9:43:28 = s1.
9:43:28 = s2.
9:43:30 = Start show animate
9:43:30 = Shell Excutute VerifyHost
9:44:9 = begin close Process
9:44:9 = Terminate Process
9:44:10 = end close Process
9:44:10 = DLL_PROCESS_DETACH
1:57:24 = Process Attach
1:57:24 = end process attach
1:57:24 = ***** NULL == SampleProvider *****
1:57:24 = hWnd = 0x002a1658; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:57:24 = hWnd = 0x002114f6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:57:24 = hWnd = 0x000905e0; ClassName:
x=0, y=0, width=0, height=0
1:57:24 = hWnd = 0x000d0e86; ClassName:
x=0, y=0, width=0, height=0
1:58:12 = Process Attach
1:58:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:58:12 = ##### Get event and release process #####

1:58:12 = begin close Process
1:58:12 = end close Process
1:58:12 = ##### Get event and release process end #####
1:58:12 = hWnd = 0x00fd01e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:58:12 = hWnd = 0x007301c6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:58:12 = hWnd = 0x006c01f8; ClassName:
x=0, y=0, width=0, height=0
1:58:12 = hWnd = 0x013801cc; ClassName:
x=0, y=0, width=0, height=0
10:18:23 = Process Attach
10:18:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:18:23 = * NULL == SampleProvider *

10:18:23 = ##### Begin waiting Mutex to release process #####
10:18:24 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:18:24 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

10:18:24 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:18:27 = Need to re-create objects.
10:18:27 = s1.
10:18:27 = s2.
10:18:33 = Start show animate
10:18:33 = Shell Excutute VerifyHost
10:19:9 = begin close Process
10:19:9 = Terminate Process
10:19:10 = end close Process
10:19:10 = DLL_PROCESS_DETACH
1:27:36 = Process Attach
1:27:36 = end process attach
1:27:36 = ***** NULL == SampleProvider *****
1:27:36 = hWnd = 0x00080050; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:27:36 = hWnd = 0x002e0468; ClassName:
ow.
x=0, y=0, width=1, height=1
1:27:36 = hWnd = 0x0009066e; ClassName:
x=0, y=0, width=0, height=0
1:27:36 = hWnd = 0x00090408; ClassName:
x=0, y=0, width=0, height=0
1:28:16 = Process Attach
1:28:16 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:28:16 = * NULL == SampleProvider *

1:28:16 = begin close Process
1:28:16 = end close Process
1:28:16 = ##### Get event and release process end #####
1:28:16 = hWnd = 0x00dc0038; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:28:16 = hWnd = 0x01560174; ClassName:
ow.
x=0, y=0, width=1, height=1
1:28:16 = hWnd = 0x001001c2; ClassName:
x=0, y=0, width=0, height=0
1:28:16 = hWnd = 0x016301c4; ClassName:
x=0, y=0, width=0, height=0
11:27:5 = Process Attach
11:27:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:5 = ##### Begin waiting Mutex to release process #####

11:27:5 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:27:6 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

11:27:6 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:27:6 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:27:10 = Need to re-create objects.
11:27:10 = s1.
11:27:10 = s2.
11:27:14
11:27:14
11:27:51
11:27:51
11:27:52
11:27:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:31:40 = Process Attach

0:31:40 = end process attach
0:31:40 = ***** NULL == SampleProvider *****
0:31:40 = ##### Begin waiting Mutex to release process #####
0:31:40 = hWnd = 0x00020566; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:31:40 = hWnd = 0x00130774; ClassName:
ow.
x=0, y=0, width=1, height=1
0:31:40 = hWnd = 0x00020564; ClassName:
x=0, y=0, width=0, height=0
0:31:40 = hWnd = 0x00470462; ClassName:
x=0, y=0, width=0, height=0
0:31:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:31:41 = s1.
0:31:41 = s2.
0:31:41 = Start show animate
0:31:41 = Shell Excutute VerifyHost
0:41:8 = begin close Process
0:41:8 = Terminate Process
0:41:9 = end close Process
0:41:9 = DLL_PROCESS_DETACH
0:49:30 = Process Attach
0:49:30 = end process attach
0:49:30 = ***** NULL == SampleProvider *****
0:49:30 = ##### Begin waiting Mutex to release process #####
0:49:30 = hWnd = 0x00180634; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:49:30 = hWnd = 0x0015066c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
0:49:30 =
x=0, y=0,
0:49:30 =
x=0, y=0,
0:49:30 =

width=1, height=1
hWnd = 0x000205aa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00300716; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

0:49:30 = s1.
0:49:30 = s2.
0:49:30
0:49:30
0:51:35
0:51:35
0:51:36
0:51:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:21:36 = Process Attach

3:21:36 = end process attach
3:21:36 = ***** NULL == SampleProvider *****
3:21:36 = ##### Begin waiting Mutex to release process #####
3:21:36 =
ow.
x=0, y=0,
3:21:36 =
x=0, y=0,
3:21:36 =
x=0, y=0,
3:21:53 =
3:21:53 =

hWnd = 0x001c08d2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00270768; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001303d2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:21:53 = ##### Get event and release process #####

3:21:53 = hWnd = 0x00f9004e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:21:53 = end close Process
3:21:53 = ##### Get event and release process end #####
3:21:53 = hWnd = 0x01750202; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:31:53 = Process Attach
11:31:53 = end process attach
11:31:53 = ***** NULL == SampleProvider *****
11:31:53 = ##### Begin waiting Mutex to release process #####
11:31:53 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:31:54 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:31:54 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

11:31:54 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
11:31:57 = Need to re-create objects.
11:31:57 = s1.
11:31:57 = s2.
11:32:0 = Start show animate
11:32:0 = Shell Excutute VerifyHost
11:32:38 = begin close Process
11:32:38 = Terminate Process
11:32:39 = end close Process
11:32:39 = DLL_PROCESS_DETACH
1:2:5 = Process Attach
1:2:5 = end process attach
1:2:5 = ##### Begin waiting Mutex to release process #####
1:2:5 = hWnd = 0x00060412; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:2:5 = hWnd = 0x00060414; ClassName:
.
x=0, y=0, width=1, height=1
1:2:5 = hWnd = 0x0003031e; ClassName:
x=0, y=0, width=0, height=0
1:2:5 = hWnd = 0x0007041e; ClassName:
x=0, y=0, width=0, height=0
1:2:39 = Process Attach
1:2:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:2:39 = ##### Get event and release process #####

1:2:39 = ***** NULL == SampleProvider *****
1:2:39 = ##### Get event and release process end #####
1:2:39 = hWnd = 0x00970036; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:2:39 = hWnd = 0x006a0136; ClassName:
w.
x=0, y=0, width=1, height=1
1:2:39 = hWnd = 0x010f01cc; ClassName:
x=0, y=0, width=0, height=0
1:2:39 = hWnd = 0x006f01a8; ClassName:
x=0, y=0, width=0, height=0
10:26:52 = Process Attach
10:26:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:26:52 = * NULL == SampleProvider *

10:26:52 = ##### Begin waiting Mutex to release process #####
10:26:52 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:26:53 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
10:26:53 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:26:53 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:26:56 = Need to re-create objects.
10:26:56 = s1.
10:26:56 = s2.
10:26:59
10:26:59
10:27:36
10:27:36
10:27:37
10:27:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:5:2 = Process Attach

21:5:2 = end process attach
21:5:2 = ***** NULL == SampleProvider *****
21:5:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:5:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
21:5:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:5:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:5:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:5:6 = s1.
21:5:6 = s2.
21:5:10
21:5:10
21:5:48
21:5:48
21:5:49
21:5:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:53:45 = Process Attach

1:53:45 = end process attach
1:53:45 = ***** NULL == SampleProvider *****
1:53:45 = ##### Begin waiting Mutex to release process #####
1:53:45 =
ow.
x=0, y=0,
1:53:45 =
x=0, y=0,
1:53:45 =

hWnd = 0x000404d0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x003f0de6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000504c0; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0

1:54:26 = Process Attach
1:54:26 = ## ERR ## Setevent
1:54:26 = ***** NULL == SampleProvider *****
1:54:26 = begin close Process
1:54:26 = end close Process
1:54:26 = ##### Get event and release process end #####
1:54:26 = hWnd = 0x0051004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:54:26 = hWnd = 0x009d0056; ClassName:
ow.
x=0, y=0, width=1, height=1
1:54:26 = hWnd = 0x000a01f0; ClassName:
x=0, y=0, width=0, height=0
1:54:26 = hWnd = 0x006501c2; ClassName:
x=0, y=0, width=0, height=0
11:15:33 = Process Attach
11:15:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:15:33 = * NULL == SampleProvider *

11:15:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:15:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:15:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:15:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:15:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:15:38 = s1.
11:15:38 = s2.
11:15:41
11:15:41
11:16:18
11:16:18
11:16:19
11:16:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:34:13 = Process Attach

1:34:13 = end process attach
1:34:13 = ***** NULL == SampleProvider *****
1:34:13 = hWnd = 0x000c0aa4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:34:13 = hWnd = 0x000d0462; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:34:13 = hWnd = 0x00080744; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
1:34:13 =
x=0, y=0,
1:34:59 =
1:34:59 =

width=0, height=0
hWnd = 0x001a05a8; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:34:59 = ##### Get event and release process #####

1:34:59 = ***** NULL == SampleProvider *****
1:34:59 = hWnd = 0x0092005a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:59 = hWnd = 0x00f5002c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:59 = hWnd = 0x016700a2; ClassName:
x=0, y=0, width=0, height=0
1:34:59 = hWnd = 0x011e01d0; ClassName:
x=0, y=0, width=0, height=0
9:8:41 = Process Attach
9:8:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:8:42 = * NULL == SampleProvider *

9:8:42 = ##### Begin waiting Mutex to release process #####
9:8:42 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:8:43 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:8:43 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:8:45 = Need to re-create objects.
9:8:46 = s1.
9:8:46 = s2.
9:8:49
9:8:49
9:9:26
9:9:26
9:9:27
9:9:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:14:49 = Process Attach

18:14:49 = end process attach
18:14:49 = ***** NULL == SampleProvider *****
18:14:49 = ##### Begin waiting Mutex to release process #####
18:14:49 = hWnd = 0x000a0412; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:14:49 = hWnd = 0x000803d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:14:49 = hWnd = 0x00090544; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0

18:15:14 = Process Attach
18:15:14 = ## ERR ## Setevent
18:15:14 = ##### Get event and release process #####
18:15:14 = begin close Process
18:15:14 = end close Process
18:15:14 = ##### Get event and release process end #####
18:15:14 = hWnd = 0x00ce01dc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:15:14 = hWnd = 0x00e801e4; ClassName:
dow.
x=0, y=0, width=1, height=1
18:15:14 = hWnd = 0x00d10092; ClassName:
x=0, y=0, width=0, height=0
18:15:14 = hWnd = 0x01210056; ClassName:
x=0, y=0, width=0, height=0
18:19:20 = Process Attach
18:19:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:19:20 = * NULL == SampleProvider *

18:19:20 = ##### Begin waiting Mutex to release process #####
18:19:20 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:19:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:19:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:19:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:19:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:19:24 = s1.
18:19:24 = s2.
18:19:29 = Start show animate
18:19:29 = Shell Excutute VerifyHost
18:20:7 = begin close Process
18:20:7 = Terminate Process
18:20:8 = end close Process
18:20:8 = DLL_PROCESS_DETACH
0:25:8 = Process Attach
0:25:8 = end process attach
0:25:8 = ***** NULL == SampleProvider *****
0:25:8 = ##### Begin waiting Mutex to release process #####
0:25:8 = hWnd = 0x00020712; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

0:25:8 = hWnd = 0x0008057e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:25:8 = hWnd = 0x00050490; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:25:8 = hWnd = 0x000504fa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:25:29 = Process Attach
0:25:29 = ## ERR ## Setevent
0:25:29 = ##### Get event and release process #####
0:25:29 = ***** NULL == SampleProvider *****
0:25:29 = end close Process
0:25:29 = ##### Get event and release process end #####
0:25:29 = hWnd = 0x006101e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:25:29 = hWnd = 0x009d01b8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:25:29 = hWnd = 0x00050084; ClassName:
x=0, y=0, width=0, height=0
0:25:29 = hWnd = 0x006e0058; ClassName:
x=0, y=0, width=0, height=0
0:40:32 = Process Attach
0:40:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:40:32 = * NULL == SampleProvider *

0:40:32 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:40:34 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
0:40:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:40:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:40:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:40:38 = s1.
0:40:38 = s2.
0:40:42
0:40:42
0:41:19
0:41:19
0:41:20
0:41:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:14:35 = Process Attach

1:14:35 = end process attach
1:14:35 = ***** NULL == SampleProvider *****

1:14:35 = ##### Begin waiting Mutex to release process #####

1:14:35 = hWnd = 0x001e0508; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:14:35 = hWnd = 0x0084057e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:35 = hWnd = 0x000a043a; ClassName:
x=0, y=0, width=0, height=0
1:14:35 = hWnd = 0x00c8057a; ClassName:
x=0, y=0, width=0, height=0
1:14:42 = Process Attach
1:14:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:14:42 = ##### Get event and release process #####

1:14:42 = begin close Process
1:14:42 = end close Process
1:14:42 = ##### Get event and release process end #####
1:14:42 = hWnd = 0x000301da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:14:42 = hWnd = 0x000400a2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:42 = hWnd = 0x0006003a; ClassName:
x=0, y=0, width=0, height=0
1:14:42 = hWnd = 0x0006005e; ClassName:
x=0, y=0, width=0, height=0
8:33:26 = Process Attach
8:33:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:33:26 = * NULL == SampleProvider *

8:33:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:33:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:33:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:33:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:33:30 = Need to re-create objects.
8:33:30 = s1.
8:33:30 = s2.
8:33:33
8:33:33
8:34:12
8:34:12
8:34:13
8:34:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:41:5 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:5 = end process attach

9:41:5 = ***** NULL == SampleProvider *****
9:41:5 = hWnd = 0x0002040a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:41:5 = hWnd = 0x00040416; ClassName:
w.
x=0, y=0, width=1, height=1
9:41:5 = hWnd = 0x000303f0; ClassName:
x=0, y=0, width=0, height=0
9:41:5 = hWnd = 0x00020404; ClassName:
x=0, y=0, width=0, height=0
9:41:12 = Process Attach
9:41:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:12 = ##### Get event and release process #####

9:41:12 = begin close Process
9:41:12 = end close Process
9:41:12 = ##### Get event and release process end #####
9:41:12 = hWnd = 0x000c0066; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:41:12 = hWnd = 0x000c0088; ClassName:
ow.
x=0, y=0, width=1, height=1
9:41:12 = hWnd = 0x000401c0; ClassName:
x=0, y=0, width=0, height=0
9:41:12 = hWnd = 0x0004005a; ClassName:
x=0, y=0, width=0, height=0
12:13:25 = Process Attach
12:13:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:13:25 = * NULL == SampleProvider *

12:13:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:13:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:13:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:13:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:13:29 = Need to re-create objects.
12:13:29 = s1.
12:13:29 = s2.
12:13:32
12:13:32
12:14:11
12:14:11
12:14:12
12:14:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:42:36 = Process Attach

1:42:36 = end process attach
1:42:36 = ***** NULL == SampleProvider *****
1:42:36 = ##### Begin waiting Mutex to release process #####
1:42:36 = hWnd = 0x000f0648; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:42:36 = hWnd = 0x000803f4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:42:36 = hWnd = 0x000a0692; ClassName:
x=0, y=0, width=0, height=0
1:42:36 = hWnd = 0x001b06da; ClassName:
x=0, y=0, width=0, height=0
1:43:19 = Process Attach
1:43:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:43:19 = * NULL == SampleProvider *

1:43:19 = begin close Process
1:43:19 = end close Process
1:43:19 = ##### Get event and release process end #####
1:43:19 = hWnd = 0x000401c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:43:19 = hWnd = 0x003201c4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:43:19 = hWnd = 0x0114005c; ClassName:
x=0, y=0, width=0, height=0
1:43:19 = hWnd = 0x00360162; ClassName:
x=0, y=0, width=0, height=0
7:45:39 = Process Attach
7:45:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:45:39 = * NULL == SampleProvider *

7:45:40 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:45:40 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:45:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:45:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:45:42 = Need to re-create objects.
7:45:42 = s1.
7:45:42 = s2.
7:45:45 = Start show animate
7:45:45 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:46:21
7:46:21
7:46:22
7:46:22

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

0:16:46 = Process Attach

0:16:47 = end process attach
0:16:47 = ***** NULL == SampleProvider *****
0:16:47 = ##### Begin waiting Mutex to release process #####
0:16:47 =
ow.
x=0, y=0,
0:16:47 =
x=0, y=0,
0:16:47 =
x=0, y=0,
0:17:24 =
0:17:24 =

hWnd = 0x000a04e4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0008043a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0065046e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:17:24 = * NULL == SampleProvider *

0:17:24 = begin close Process
0:17:24 = end close Process
0:17:24 = ##### Get event and release process end #####
0:17:24 = hWnd = 0x01c40058; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:17:24 = hWnd = 0x025800c4; ClassName:
ow.
x=0, y=0, width=1, height=1
0:17:24 = hWnd = 0x00ea00ee; ClassName:
x=0, y=0, width=0, height=0
0:17:24 = hWnd = 0x00c40190; ClassName:
x=0, y=0, width=0, height=0
10:8:20 = Process Attach
10:8:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:8:20 = * NULL == SampleProvider *

10:8:20 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:8:20 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:8:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:8:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:8:23 = Need to re-create objects.
10:8:23 = s1.
10:8:23 = s2.
10:8:26 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:8:26 = Shell Excutute VerifyHost

10:9:3 = begin close Process
10:9:3 = Terminate Process
10:9:4 = end close Process
10:9:4 = DLL_PROCESS_DETACH
0:2:56 = Process Attach
0:2:57 = end process attach
0:2:57 = ***** NULL == SampleProvider *****
0:2:57 = ##### Begin waiting Mutex to release process #####
0:2:57 = hWnd = 0x00140562; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:2:57 = hWnd = 0x001408e4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:2:57 = hWnd = 0x00120684; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:5:28 = Need to re-create objects.
0:5:28 = s1.
0:5:28 = s2.
0:5:28
0:5:28
0:6:39
0:6:39
0:6:40
0:6:40

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:27:34 = Process Attach

3:27:34 = end process attach
3:27:34 = ***** NULL == SampleProvider *****
3:27:34 = ##### Begin waiting Mutex to release process #####
3:27:34 =
ow.
x=0, y=0,
3:27:34 =
x=0, y=0,
3:27:34 =
x=0, y=0,
3:27:52 =
3:27:52 =

hWnd = 0x000409b4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00060b36; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00060b46; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

3:27:52 = ##### Get event and release process #####

3:27:52 = begin close Process
3:27:52 = end close Process
3:27:52 = ##### Get event and release process end #####
3:27:52 = hWnd = 0x005e0058; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:27:52 = hWnd = 0x0147002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
3:27:52 =
x=0, y=0,
3:27:52 =
x=0, y=0,
11:40:2 =
11:40:2 =

width=1, height=1
hWnd = 0x000c0164; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x005701a0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

11:40:2 = * NULL == SampleProvider *

11:40:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:40:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:40:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:40:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:40:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:40:7 = s1.
11:40:7 = s2.
11:40:11
11:40:11
11:40:48
11:40:48
11:40:49
11:40:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:33:0 = Process Attach

13:33:0 = end process attach
13:33:0 = ##### Begin waiting Mutex to release process #####
13:33:0 = hWnd = 0x000606a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:33:0 = hWnd = 0x000c0416; ClassName:
ow.
x=0, y=0, width=1, height=1
13:33:0 = hWnd = 0x000f03f0; ClassName:
x=0, y=0, width=0, height=0
13:33:0 = hWnd = 0x0029050e; ClassName:
x=0, y=0, width=0, height=0
13:33:4 = begin close Process
13:33:4 = end close Process
13:33:4 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:33:23 = Process Attach

13:33:23 = end process attach
13:33:23 = ***** NULL == SampleProvider *****
13:33:23 = ##### Begin waiting Mutex to release process #####

13:33:23 = hWnd = 0x00100044; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:33:23 = hWnd = 0x000803fa; ClassName:
dow.
x=0, y=0, width=1, height=1
13:33:23 = hWnd = 0x000707a8; ClassName:
x=0, y=0, width=0, height=0
13:33:23 = hWnd = 0x000d0416; ClassName:
x=0, y=0, width=0, height=0
13:33:26 = begin close Process
13:33:26 = end close Process
13:33:26 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:28:39 = Process Attach

14:28:39 = end process attach
14:28:39 = ##### Begin waiting Mutex to release process #####
14:28:39 = hWnd = 0x002c06c0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
14:28:39 = hWnd = 0x000c05a0; ClassName:
dow.
x=0, y=0, width=1, height=1
14:28:39 = hWnd = 0x000f04fc; ClassName:
x=0, y=0, width=0, height=0
14:28:39 = hWnd = 0x001906de; ClassName:
x=0, y=0, width=0, height=0
14:28:41 = begin close Process
14:28:41 = end close Process
14:28:41 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:4:22 = Process Attach

20:4:22 = end process attach
20:4:22 = ***** NULL == SampleProvider *****
20:4:22 = ##### Begin waiting Mutex to release process #####
20:4:22 = hWnd = 0x0007042c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
20:4:22 = hWnd = 0x000f05d0; ClassName:
ow.
x=0, y=0, width=1, height=1
20:4:22 = hWnd = 0x000a0602; ClassName:
x=0, y=0, width=0, height=0
20:4:22 = hWnd = 0x00100400; ClassName:
x=0, y=0, width=0, height=0
20:4:23 = begin close Process
20:4:23 = end close Process
20:4:23 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:51:56 = Process Attach

20:51:56 = end process attach
20:51:56 = ***** NULL == SampleProvider *****
20:51:56 = ##### Begin waiting Mutex to release process #####

20:51:56 = hWnd = 0x0012049c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
20:51:56 = hWnd = 0x001204e4; ClassName:
dow.
x=0, y=0, width=1, height=1
20:51:57 = hWnd = 0x001b0048; ClassName:
x=0, y=0, width=0, height=0
20:51:57 = hWnd = 0x00110420; ClassName:
x=0, y=0, width=0, height=0
20:51:58 = begin close Process
20:51:58 = end close Process
20:51:58 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:39:16 = Process Attach

2:39:16 = end process attach
2:39:16 = ***** NULL == SampleProvider *****
2:39:16 = ##### Begin waiting Mutex to release process #####
2:39:16 = hWnd = 0x00030340; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:39:16 = hWnd = 0x00040436; ClassName:
ow.
x=0, y=0, width=1, height=1
2:39:16 = hWnd = 0x000204a8; ClassName:
x=0, y=0, width=0, height=0
2:39:16 = hWnd = 0x00030338; ClassName:
x=0, y=0, width=0, height=0
2:39:25 = Process Attach
2:39:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:39:25 = * NULL == SampleProvider *

2:39:25 = begin close Process
2:39:25 = end close Process
2:39:25 = ##### Get event and release process end #####
2:39:25 = hWnd = 0x012201ec; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:39:25 = hWnd = 0x0080018e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:39:25 = hWnd = 0x0085004c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:57:15 = Process Attach
10:57:15 = end process attach
10:57:15 = ***** NULL == SampleProvider *****
10:57:15 = ##### Begin waiting Mutex to release process #####
10:57:15 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:57:16 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

10:57:17 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:57:17 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:57:20 = Need to re-create objects.
10:57:20 = s1.
10:57:20 = s2.
10:57:23 = Start show animate
10:57:23 = Shell Excutute VerifyHost
10:58:0 = begin close Process
10:58:0 = Terminate Process
10:58:1 = end close Process
10:58:1 = DLL_PROCESS_DETACH
0:34:28 = Process Attach
0:34:28 = end process attach
0:34:28 = ***** NULL == SampleProvider *****
0:34:28 = ##### Begin waiting Mutex to release process #####
0:34:28 = hWnd = 0x000310bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:34:28 = hWnd = 0x000310b8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:34:28 = hWnd = 0x000310a6; ClassName:
x=0, y=0, width=0, height=0
0:34:28 = hWnd = 0x0004109e; ClassName:
x=0, y=0, width=0, height=0
0:34:29 = begin close Process
0:34:29 = end close Process
0:34:29 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:44:33 = Process Attach

0:44:33 = end process attach
0:44:33 = ***** NULL == SampleProvider *****
0:44:33 = hWnd = 0x0008168c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:44:33 = hWnd = 0x00201760; ClassName:
ow.
x=0, y=0, width=1, height=1
0:44:33 = hWnd = 0x000a129e; ClassName:
x=0, y=0, width=0, height=0
0:44:33 = hWnd = 0x000b0848; ClassName:
x=0, y=0, width=0, height=0
0:44:35 = begin close Process
0:44:35 = end close Process
0:44:35 = DLL_PROCESS_DETACH
0:55:31 = Process Attach
0:55:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:55:31 = * NULL == SampleProvider *

0:55:31 = ##### Begin waiting Mutex to release process #####
0:55:31 = hWnd = 0x000710ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:55:31 = hWnd = 0x000a1984; ClassName:
ow.
x=0, y=0, width=1, height=1
0:55:31 = hWnd = 0x000710b8; ClassName:
x=0, y=0, width=0, height=0
0:55:31 = hWnd = 0x000610ac; ClassName:
x=0, y=0, width=0, height=0
0:55:33 = begin close Process
0:55:33 = end close Process
0:55:33 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:14:37 = Process Attach

1:14:37 = end process attach
1:14:37 = ***** NULL == SampleProvider *****
1:14:37 = ##### Begin waiting Mutex to release process #####
1:14:37 = hWnd = 0x00040562; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:14:37 = hWnd = 0x000c03ea; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:37 = hWnd = 0x000903de; ClassName:
x=0, y=0, width=0, height=0
1:14:37 = hWnd = 0x000c03f8; ClassName:
x=0, y=0, width=0, height=0
1:15:27 = Process Attach
1:15:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:15:27 = ##### Get event and release process #####

1:15:27 = begin close Process
1:15:27 = end close Process
1:15:27 = ##### Get event and release process end #####
1:15:27 = hWnd = 0x016901ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:15:27 = hWnd = 0x003100c4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:15:27 = hWnd = 0x01ff007c; ClassName:
x=0, y=0, width=0, height=0
1:15:27 = hWnd = 0x007501de; ClassName:
x=0, y=0, width=0, height=0
8:20:13 = Process Attach
8:20:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:20:13 = * NULL == SampleProvider *

8:20:13 = ##### Begin waiting Mutex to release process #####

8:20:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:20:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:20:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:20:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:20:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:20:17 = s1.
8:20:17 = s2.
8:20:21 = Start show animate
8:20:21 = Shell Excutute VerifyHost
8:21:0 = begin close Process
8:21:0 = Terminate Process
8:21:1 = end close Process
8:21:1 = DLL_PROCESS_DETACH
10:42:6 = Process Attach
10:42:6 = end process attach
10:42:6 = ***** NULL == SampleProvider *****
10:42:6 = ##### Begin waiting Mutex to release process #####
10:42:6 = hWnd = 0x00030628; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:42:6 = hWnd = 0x0004062c; ClassName:
ow.
x=0, y=0, width=1, height=1
10:42:6 = hWnd = 0x000b04a6; ClassName:
x=0, y=0, width=0, height=0
10:42:6 = hWnd = 0x000d063c; ClassName:
x=0, y=0, width=0, height=0
10:42:15 = Process Attach
10:42:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:42:15 = * NULL == SampleProvider *

10:42:15 = begin close Process
10:42:15 = end close Process
10:42:15 = ##### Get event and release process end #####
10:42:15 = hWnd = 0x0021005a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:42:15 = hWnd = 0x003601e6; ClassName:
dow.
x=0, y=0, width=1, height=1
10:42:15 = hWnd = 0x000a009a; ClassName:
x=0, y=0, width=0, height=0
10:42:15 = hWnd = 0x0047005e; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

10:45:45 = Process Attach
10:45:45 = end process attach
10:45:45 = ***** NULL == SampleProvider *****
10:45:45 = ##### Begin waiting Mutex to release process #####
10:45:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:45:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:45:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:45:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:45:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:45:51 = s1.
10:45:51 = s2.
10:45:54
10:45:54
10:46:32
10:46:32
10:46:33
10:46:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:58:1 = Process Attach

18:58:1 = end process attach
18:58:1 = ***** NULL == SampleProvider *****
18:58:1 = ##### Begin waiting Mutex to release process #####
18:58:1 = hWnd = 0x001303f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:58:1 = hWnd = 0x000d04a0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:58:1 = hWnd = 0x002004d6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:58:15 = Process Attach
18:58:15 = ## ERR ## Setevent
18:58:15 = ***** NULL == SampleProvider *****
18:58:15 = begin close Process
18:58:15 = end close Process
18:58:15 = ##### Get event and release process end #####
18:58:15 = hWnd = 0x005801ca; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:58:15 = hWnd = 0x00e5002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

18:58:15 = hWnd = 0x000a0146; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
18:58:15 = hWnd = 0x00670056; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:1:56 = Process Attach
19:1:56 = end process attach
19:1:56 = ***** NULL == SampleProvider *****
19:1:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:1:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
19:1:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:1:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:2:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:2:0 = s1.
19:2:0 = s2.
19:2:5 = Start show animate
19:2:5 = Shell Excutute VerifyHost
19:2:44 = begin close Process
19:2:44 = Terminate Process
19:2:45 = end close Process
19:2:45 = DLL_PROCESS_DETACH
0:10:2 = Process Attach
0:10:2 = end process attach
0:10:2 = ***** NULL == SampleProvider *****
0:10:2 = hWnd = 0x00050654; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:10:2 = hWnd = 0x0019042a; ClassName:
w.
x=0, y=0, width=1, height=1
0:10:2 = hWnd = 0x00130706; ClassName:
x=0, y=0, width=0, height=0
0:10:2 = hWnd = 0x00060658; ClassName:
x=0, y=0, width=0, height=0
0:16:50 = Need to re-create objects.
0:16:51 = s1.
0:16:51 = s2.
0:16:51
0:16:51
0:23:54
0:23:54
0:23:55
0:23:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:43:42 = Process Attach

2:43:42 = end process attach
2:43:42 = ***** NULL == SampleProvider *****
2:43:42 = ##### Begin waiting Mutex to release process #####
2:43:42 = hWnd = 0x004806da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:43:42 = hWnd = 0x00070a78; ClassName:
ow.
x=0, y=0, width=1, height=1
2:43:42 = hWnd = 0x001d0902; ClassName:
x=0, y=0, width=0, height=0
2:43:42 = hWnd = 0x003b0aaa; ClassName:
x=0, y=0, width=0, height=0
2:43:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:43:42 = s1.
2:43:42 = s2.
2:43:44 = Start show animate
2:43:44 = Shell Excutute VerifyHost
2:44:7 = begin close Process
2:44:7 = Terminate Process
2:44:8 = end close Process
2:44:8 = DLL_PROCESS_DETACH
3:54:20 = Process Attach
3:54:20 = end process attach
3:54:20 = ***** NULL == SampleProvider *****
3:54:20 = ##### Begin waiting Mutex to release process #####
3:54:20 = hWnd = 0x003405f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:54:20 = hWnd = 0x000e0a6a; ClassName:
ow.
x=0, y=0, width=1, height=1
3:54:20 = hWnd = 0x0043052e; ClassName:
x=0, y=0, width=0, height=0
3:54:20 = hWnd = 0x00070a8a; ClassName:
x=0, y=0, width=0, height=0
3:54:47 = Process Attach
3:54:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:54:47 = * NULL == SampleProvider *

3:54:47 = begin close Process
3:54:47 = end close Process
3:54:47 = ##### Get event and release process end #####
3:54:47 = hWnd = 0x000c005a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:54:47 = hWnd = 0x00330082; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0, width=1, height=1
3:54:47 = hWnd = 0x0073002c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:54:47 = hWnd = 0x016a01bc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:59:45 = Process Attach
10:59:45 = end process attach
10:59:45 = ***** NULL == SampleProvider *****
10:59:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:59:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:59:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:59:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:59:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:59:50 = s1.
10:59:50 = s2.
10:59:54 = Start show animate
10:59:54 = Shell Excutute VerifyHost
11:0:32 = begin close Process
11:0:32 = Terminate Process
11:0:33 = end close Process
11:0:33 = DLL_PROCESS_DETACH
1:40:49 = Process Attach
1:40:49 = end process attach
1:40:49 = ***** NULL == SampleProvider *****
1:40:49 = ##### Begin waiting Mutex to release process #####
1:40:49 =
ow.
x=0, y=0,
1:40:49 =
x=0, y=0,
1:40:49 =
x=0, y=0,
1:41:13 =
1:41:13 =

hWnd = 0x001804fa; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0025054c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x002c0454; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:41:13 = * NULL == SampleProvider *

1:41:13 = begin close Process
1:41:13 = end close Process
1:41:13 = ##### Get event and release process end #####
1:41:13 = hWnd = 0x00c1002c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:41:13 =
ow.
x=0, y=0,
1:41:13 =
x=0, y=0,
1:41:13 =
x=0, y=0,
9:17:28 =
9:17:28 =

hWnd = 0x013b01b0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x002201de; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00e70124; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:17:28 = * NULL == SampleProvider *

9:17:28 = ##### Begin waiting Mutex to release process #####
9:17:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:17:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:17:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:17:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:17:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:17:33 = s1.
9:17:33 = s2.
9:17:38
9:17:38
9:18:15
9:18:15
9:18:16
9:18:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:7:0 = Process Attach

18:7:0 = end process attach
18:7:0 = ##### Begin waiting Mutex to release process #####
18:7:0 = hWnd = 0x002905dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:7:0 = hWnd = 0x00200408; ClassName:
w.
x=0, y=0, width=1, height=1
18:7:0 = hWnd = 0x001005e0; ClassName:
x=0, y=0, width=0, height=0
18:7:0 = hWnd = 0x001d0768; ClassName:
x=0, y=0, width=0, height=0
18:7:55 = Need to re-create objects.
18:7:55 = s1.
18:7:55 = s2.
18:7:55 = Start show animate
18:7:55 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:32:20
18:32:20
18:32:21
18:32:21

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

0:42:31 = Process Attach

0:42:31 = end process attach
0:42:31 = ##### Begin waiting Mutex to release process #####
0:42:31 = hWnd = 0x002e0636; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:42:31 = hWnd = 0x001906d4; ClassName:
ow.
x=0, y=0, width=1, height=1
0:42:31 = hWnd = 0x0006049a; ClassName:
x=0, y=0, width=0, height=0
0:42:31 = hWnd = 0x000e0640; ClassName:
x=0, y=0, width=0, height=0
0:42:53 = Process Attach
0:42:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:42:53 = ##### Get event and release process #####

0:42:53 = begin close Process
0:42:53 = end close Process
0:42:53 = ##### Get event and release process end #####
0:42:53 = hWnd = 0x033300c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:42:53 = hWnd = 0x013500c0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:42:53 = hWnd = 0x000b01ec; ClassName:
x=0, y=0, width=0, height=0
0:42:53 = hWnd = 0x012701b4; ClassName:
x=0, y=0, width=0, height=0
8:5:1 = Process Attach
8:5:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:1 = * NULL == SampleProvider *

8:5:1 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:5:2 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
8:5:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:5:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:5:5 = Need to re-create objects.
8:5:5 = s1.
8:5:5 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:9 = Start show animate

8:5:9 = Shell Excutute VerifyHost
8:5:47 = begin close Process
8:5:47 = Terminate Process
8:5:48 = end close Process
8:5:48 = DLL_PROCESS_DETACH
2:3:7 = Process Attach
2:3:7 = end process attach
2:3:7 = ***** NULL == SampleProvider *****
2:3:7 = hWnd = 0x00050588; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:3:7 = hWnd = 0x00201730; ClassName:
.
x=0, y=0, width=1, height=1
2:3:7 = hWnd = 0x0013043e; ClassName:
x=0, y=0, width=0, height=0
2:3:7 = hWnd = 0x001a03fc; ClassName:
x=0, y=0, width=0, height=0
2:3:40 = Process Attach
2:3:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:3:40 = * NULL == SampleProvider *

2:3:40 = begin close Process
2:3:40 = end close Process
2:3:40 = ##### Get event and release process end #####
2:3:40 = hWnd = 0x01120036; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:3:40 = hWnd = 0x0075008a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:3:40 = hWnd = 0x01120196; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:24:55 = Process Attach
9:24:55 = end process attach
9:24:55 = ***** NULL == SampleProvider *****
9:24:55 = ##### Begin waiting Mutex to release process #####
9:24:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:24:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:24:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:25:0 = Need to re-create objects.
9:25:0 = s1.
9:25:0 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:4 = Start show animate

9:25:4 = Shell Excutute VerifyHost
9:25:43 = begin close Process
9:25:43 = Terminate Process
9:25:44 = end close Process
9:25:44 = DLL_PROCESS_DETACH
3:50:24 = Process Attach
3:50:24 = end process attach
3:50:24 = ***** NULL == SampleProvider *****
3:50:24 = hWnd = 0x003d084a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:50:24 = hWnd = 0x00200776; ClassName:
ow.
x=0, y=0, width=1, height=1
3:50:24 = hWnd = 0x000c0408; ClassName:
x=0, y=0, width=0, height=0
3:50:24 = hWnd = 0x00180460; ClassName:
x=0, y=0, width=0, height=0
3:51:27 = Process Attach
3:51:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:51:27 = ##### Get event and release process #####

3:51:27 = ***** NULL == SampleProvider *****
3:51:27 = end close Process
3:51:27 = ##### Get event and release process end #####
3:51:27 = hWnd = 0x01d0005a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:51:27 = hWnd = 0x019a01cc; ClassName:
ow.
x=0, y=0, width=1, height=1
3:51:27 = hWnd = 0x001000e6; ClassName:
x=0, y=0, width=0, height=0
3:51:27 = hWnd = 0x00c201ea; ClassName:
x=0, y=0, width=0, height=0
8:47:19 = Process Attach
8:47:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:19 = * NULL == SampleProvider *

8:47:19 = ##### Begin waiting Mutex to release process #####
8:47:20 =
ow.
x=0, y=0,
8:47:20 =
x=0, y=0,
8:47:20 =
x=0, y=0,
8:47:24 =

8:47:24 = s1.

8:47:24 = s2.
8:47:27 = Start show animate
8:47:27 = Shell Excutute VerifyHost
8:48:6 = begin close Process
8:48:6 = Terminate Process
8:48:7 = end close Process
8:48:7 = DLL_PROCESS_DETACH
0:57:4 = Process Attach
0:57:4 = end process attach
0:57:4 = ***** NULL == SampleProvider *****
0:57:4 = hWnd = 0x001e0104; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:4 = hWnd = 0x000711dc; ClassName:
w.
x=0, y=0, width=1, height=1
0:57:4 = hWnd = 0x000b14f2; ClassName:
x=0, y=0, width=0, height=0
0:57:4 = hWnd = 0x000710ac; ClassName:
x=0, y=0, width=0, height=0
0:57:42 = Process Attach
0:57:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:57:42 = ##### Get event and release process #####

0:57:42 = begin close Process
0:57:42 = end close Process
0:57:42 = ##### Get event and release process end #####
0:57:42 = hWnd = 0x002001e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:57:42 = hWnd = 0x0038009c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:42 = hWnd = 0x001f01ec; ClassName:
x=0, y=0, width=0, height=0
0:57:42 = hWnd = 0x003a008c; ClassName:
x=0, y=0, width=0, height=0
8:17:36 = Process Attach
8:17:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:37 = * NULL == SampleProvider *

8:17:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:17:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:17:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:17:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:17:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:43 = s1.
8:17:43 = s2.
8:17:46
8:17:46
8:18:24
8:18:24
8:18:25
8:18:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:57:56 = Process Attach

18:57:57 = end process attach
18:57:57 = ***** NULL == SampleProvider *****
18:57:57 = ##### Begin waiting Mutex to release process #####
18:57:57 = hWnd = 0x00050c4e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:57:57 = hWnd = 0x00060c62; ClassName:
dow.
x=0, y=0, width=1, height=1
18:57:57 = hWnd = 0x00140a06; ClassName:
x=0, y=0, width=0, height=0
18:57:57 = hWnd = 0x00060c66; ClassName:
x=0, y=0, width=0, height=0
18:57:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:57:57 = s1.
18:57:57 = s2.
18:57:57 = Start show animate
18:57:57 = Shell Excutute VerifyHost
19:0:27 = begin close Process
19:0:27 = Terminate Process
19:0:28 = end close Process
19:0:28 = DLL_PROCESS_DETACH
1:35:15 = Process Attach
1:35:15 = end process attach
1:35:15 = ***** NULL == SampleProvider *****
1:35:15 = ##### Begin waiting Mutex to release process #####
1:35:15 = hWnd = 0x00050aba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:35:15 = hWnd = 0x000d0a6a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:15 = hWnd = 0x00060a72; ClassName:
x=0, y=0, width=0, height=0
1:35:15 = hWnd = 0x00060a74; ClassName:
x=0, y=0, width=0, height=0
1:35:36 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:36 = ## ERR ## Setevent

1:35:36 = ***** NULL == SampleProvider *****
1:35:36 = begin close Process
1:35:36 = end close Process
1:35:36 = ##### Get event and release process end #####
1:35:36 = hWnd = 0x00e40060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:35:36 = hWnd = 0x0058005c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:36 = hWnd = 0x0061002a; ClassName:
x=0, y=0, width=0, height=0
1:35:36 = hWnd = 0x01d9002c; ClassName:
x=0, y=0, width=0, height=0
10:4:14 = Process Attach
10:4:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:4:14 = ##### Begin waiting Mutex to release process #####

10:4:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:4:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:4:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:4:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:4:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:4:19 = s1.
10:4:19 = s2.
10:4:22 = Start show animate
10:4:22 = Shell Excutute VerifyHost
10:5:1 = begin close Process
10:5:1 = Terminate Process
10:5:2 = end close Process
10:5:2 = DLL_PROCESS_DETACH
0:25:51 = Process Attach
0:25:51 = end process attach
0:25:51 = ***** NULL == SampleProvider *****
0:25:51 = hWnd = 0x000203de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:25:51 = hWnd = 0x00080326; ClassName:
ow.
x=0, y=0, width=1, height=1
0:25:51 = hWnd = 0x000203da; ClassName:
x=0, y=0, width=0, height=0
0:25:51 = hWnd = 0x000e0c36; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

0:26:36 = Process Attach
0:26:36 = ## ERR ## Setevent
0:26:36 = ##### Get event and release process #####
0:26:36 = ***** NULL == SampleProvider *****
0:26:36 = hWnd = 0x019c004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:26:36 = hWnd = 0x004f01dc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:26:36 = hWnd = 0x000a00a4; ClassName:
x=0, y=0, width=0, height=0
0:26:36 = hWnd = 0x0138002c; ClassName:
x=0, y=0, width=0, height=0
8:22:44 = Process Attach
8:22:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:22:44 = * NULL == SampleProvider *

8:22:44 = ##### Begin waiting Mutex to release process #####
8:22:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:22:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:22:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:22:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:22:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:22:48 = s1.
8:22:48 = s2.
8:22:51
8:22:51
8:23:29
8:23:29
8:23:30
8:23:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:47:25 = Process Attach

23:47:25 = end process attach
23:47:25 = ***** NULL == SampleProvider *****
23:47:25 = hWnd = 0x000b05fc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:47:25 = hWnd = 0x000a0ac0; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:47:25 = hWnd = 0x0008058e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

23:47:25 = hWnd = 0x000c05a2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:48:12 = Process Attach
23:48:12 = ## ERR ## Setevent
23:48:12 = ***** NULL == SampleProvider *****
23:48:12 = begin close Process
23:48:12 = end close Process
23:48:12 = ##### Get event and release process end #####
23:48:12 = hWnd = 0x00e60176; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:48:12 = hWnd = 0x00e900a2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:27:51 = Process Attach
9:27:51 = end process attach
9:27:51 = ***** NULL == SampleProvider *****
9:27:51 = ##### Begin waiting Mutex to release process #####
9:27:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:27:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:27:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:27:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:27:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:27:58 = s1.
9:27:58 = s2.
9:28:1 = Start show animate
9:28:1 = Shell Excutute VerifyHost
9:28:37 = begin close Process
9:28:37 = Terminate Process
9:28:38 = end close Process
9:28:38 = DLL_PROCESS_DETACH
1:58:41 = Process Attach
1:58:41 = end process attach
1:58:41 = ***** NULL == SampleProvider *****
1:58:41 = hWnd = 0x000e083e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:58:41 = hWnd = 0x000b0c3e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:58:41 = hWnd = 0x000d1342; ClassName:
x=0, y=0, width=0, height=0
1:58:41 = hWnd = 0x00100994; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

1:58:41 = ##### Begin waiting Mutex to release process #####
1:59:22 = Process Attach
1:59:22 = ## ERR ## Setevent
1:59:22 = ***** NULL == SampleProvider *****
1:59:22 = begin close Process
1:59:22 = end close Process
1:59:22 = ##### Get event and release process end #####
1:59:22 = hWnd = 0x006501de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:59:22 = hWnd = 0x019701b0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:59:22 = hWnd = 0x014300cc; ClassName:
x=0, y=0, width=0, height=0
1:59:22 = hWnd = 0x01c20052; ClassName:
x=0, y=0, width=0, height=0
17:23:27 = Process Attach
17:23:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:23:27 = * NULL == SampleProvider *

17:23:28 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:23:28 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:23:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:23:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:23:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:23:33 = s1.
17:23:33 = s2.
17:23:39
17:23:39
17:24:16
17:24:16
17:24:17
17:24:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:53:15 = Process Attach

9:53:15 = end process attach
9:53:15 = ***** NULL == SampleProvider *****
9:53:15 = ##### Begin waiting Mutex to release process #####
9:53:15 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

9:53:16 =
ow.
x=0, y=0,
9:53:16 =
x=0, y=0,
9:53:16 =
x=0, y=0,
9:53:21 =

9:53:22 = s1.
9:53:22 = s2.
9:53:26 = Start show animate
9:53:26 = Shell Excutute VerifyHost
9:54:4 = begin close Process
9:54:4 = Terminate Process
9:54:5 = end close Process
9:54:5 = DLL_PROCESS_DETACH
1:13:56 = Process Attach
1:13:56 = end process attach
1:13:56 = ***** NULL == SampleProvider *****
1:13:56 = hWnd = 0x000203f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:13:56 = hWnd = 0x000203cc; ClassName:
ow.
x=0, y=0, width=1, height=1
1:13:56 = hWnd = 0x000203d2; ClassName:
x=0, y=0, width=0, height=0
1:13:56 = hWnd = 0x000203f8; ClassName:
x=0, y=0, width=0, height=0
1:14:27 = Process Attach
1:14:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:14:27 = * NULL == SampleProvider *

1:14:27 = begin close Process
1:14:27 = end close Process
1:14:27 = ##### Get event and release process end #####
1:14:27 = hWnd = 0x00df01de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:14:27 = hWnd = 0x01bb0194; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:27 = hWnd = 0x006b01d8; ClassName:
x=0, y=0, width=0, height=0
1:14:27 = hWnd = 0x0075004a; ClassName:
x=0, y=0, width=0, height=0
9:40:34 = Process Attach
9:40:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:34 = * NULL == SampleProvider *

9:40:34 = ##### Begin waiting Mutex to release process #####

9:40:34 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:40:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:40:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:40:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:40:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:40 = s1.
9:40:40 = s2.
9:40:43
9:40:43
9:41:21
9:41:21
9:41:22
9:41:22

x=0, y=0, width=0, height=0
13:15:30 = hWnd = 0x006d005e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:19:9 = Process Attach
13:19:9 = end process attach
13:19:9 = ***** NULL == SampleProvider *****
13:19:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:19:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:19:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:19:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:19:14 = Need to re-create objects.
13:19:14 = s1.
13:19:14 = s2.
13:19:17
13:19:17
13:19:55
13:19:55
13:19:56
13:19:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:47:7 = Process Attach

13:47:7 = end process attach
13:47:7 = ##### Begin waiting Mutex to release process #####
13:47:7 = hWnd = 0x000f0406; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:47:7 = hWnd = 0x000d03f8; ClassName:
ow.
x=0, y=0, width=1, height=1
13:47:7 = hWnd = 0x000d042c; ClassName:
x=0, y=0, width=0, height=0
13:47:7 = hWnd = 0x001203fc; ClassName:
x=0, y=0, width=0, height=0
13:47:14 = Process Attach
13:47:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:47:14 = * NULL == SampleProvider *

13:47:14 = begin close Process
13:47:14 = end close Process
13:47:14 = ##### Get event and release process end #####
13:47:14 = hWnd = 0x0011002a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:47:14 = hWnd = 0x0003013a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
13:47:14 = hWnd = 0x000c004c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:47:14 = hWnd = 0x000f0086; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:51:3 = Process Attach
13:51:3 = end process attach
13:51:3 = ***** NULL == SampleProvider *****
13:51:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:51:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:51:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:51:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:51:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:51:7 = s1.
13:51:7 = s2.
13:51:9 = Start show animate
13:51:9 = Shell Excutute VerifyHost
13:51:46 = begin close Process
13:51:46 = Terminate Process
13:51:48 = end close Process
13:51:48 = DLL_PROCESS_DETACH
15:52:28 = Process Attach
15:52:28 = end process attach
15:52:28 = ***** NULL == SampleProvider *****
15:52:28 = hWnd = 0x00070658; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:52:28 = hWnd = 0x00090622; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:52:28 = hWnd = 0x00030654; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:52:28 = hWnd = 0x0003061e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:52:28 = ##### Begin waiting Mutex to release process #####
15:53:12 = Process Attach
15:53:12 = ## ERR ## Setevent
15:53:12 = ##### Get event and release process #####
15:53:12 = ***** NULL == SampleProvider *****
15:53:12 = end close Process
15:53:12 = ##### Get event and release process end #####

15:53:12 = hWnd = 0x00120142; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:53:12 = hWnd = 0x002a0036; ClassName:
dow.
x=0, y=0, width=1, height=1
15:53:12 = hWnd = 0x005901f4; ClassName:
x=0, y=0, width=0, height=0
15:53:12 = hWnd = 0x001000a2; ClassName:
x=0, y=0, width=0, height=0
15:57:40 = Process Attach
15:57:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:57:41 = * NULL == SampleProvider *

15:57:41 = ##### Begin waiting Mutex to release process #####
15:57:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:57:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:57:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:57:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:59:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:59:18 = s1.
15:59:18 = s2.
15:59:19
15:59:19
15:59:58
15:59:58
15:59:59
15:59:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:54:50 = Process Attach

16:54:50 = end process attach
16:54:50 = ##### Begin waiting Mutex to release process #####
16:54:50 = ***** NULL == SampleProvider *****
16:54:50 = hWnd = 0x000304ec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:54:50 = hWnd = 0x0005047a; ClassName:
dow.
x=0, y=0, width=1, height=1
16:54:50 = hWnd = 0x0008047e; ClassName:
x=0, y=0, width=0, height=0
16:54:50 = hWnd = 0x0008050e; ClassName:
x=0, y=0, width=0, height=0
16:55:23 = Process Attach
16:55:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:55:23 = * NULL == SampleProvider *

16:55:23 = begin close Process
16:55:23 = end close Process
16:55:23 = ##### Get event and release process end #####
16:55:23 = hWnd = 0x0004006a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:55:23 = hWnd = 0x00030028; ClassName:
dow.
x=0, y=0, width=1, height=1
16:55:23 = hWnd = 0x001c01f4; ClassName:
x=0, y=0, width=0, height=0
16:55:23 = hWnd = 0x0003002c; ClassName:
x=0, y=0, width=0, height=0
16:58:17 = Process Attach
16:58:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:58:17 = * NULL == SampleProvider *

16:58:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:58:18 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:58:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:58:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:58:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:58:21 = s1.
16:58:21 = s2.
16:58:24 = Start show animate
16:58:24 = Shell Excutute VerifyHost
16:59:2 = begin close Process
16:59:2 = Terminate Process
16:59:3 = end close Process
16:59:3 = DLL_PROCESS_DETACH
17:27:3 = Process Attach
17:27:3 = end process attach
17:27:3 = ***** NULL == SampleProvider *****
17:27:3 = ##### Begin waiting Mutex to release process #####
17:27:3 = hWnd = 0x00010474; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:27:3 = hWnd = 0x000703ea; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
17:27:3 = hWnd = 0x0001047a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

17:27:3 =
x=0, y=0,
17:27:8 =
17:27:8 =

hWnd = 0x00010472; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

17:27:8 = ##### Get event and release process #####

17:27:8 = begin close Process
17:27:8 = end close Process
17:27:8 = ##### Get event and release process end #####
17:27:8 = hWnd = 0x00040086; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:27:8 = hWnd = 0x0008004c; ClassName:
ow.
x=0, y=0, width=1, height=1
17:27:8 = hWnd = 0x000501cc; ClassName:
x=0, y=0, width=0, height=0
17:27:8 = hWnd = 0x0002002c; ClassName:
x=0, y=0, width=0, height=0
17:44:17 = Process Attach
17:44:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:44:17 = * NULL == SampleProvider *

17:44:17 = ##### Begin waiting Mutex to release process #####
17:44:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:44:18 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:44:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:44:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:46:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:46:51 = s1.
17:46:51 = s2.
17:46:52
17:46:52
17:47:23
17:47:23
17:47:24
17:47:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:33:38 = Process Attach

0:33:38 = end process attach
0:33:38 = ***** NULL == SampleProvider *****
0:33:38 = hWnd = 0x001c0730; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:33:38 = hWnd = 0x00250848; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
0:33:38 =
x=0, y=0,
0:33:38 =
x=0, y=0,
0:34:36 =
0:34:36 =

width=1, height=1
hWnd = 0x002107f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000d08e2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:34:36 = ##### Get event and release process #####

0:34:36 = begin close Process
0:34:36 = end close Process
0:34:36 = ##### Get event and release process end #####
0:34:36 = hWnd = 0x009c01a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:34:36 = hWnd = 0x00e701ca; ClassName:
ow.
x=0, y=0, width=1, height=1
0:34:36 = hWnd = 0x0004012a; ClassName:
x=0, y=0, width=0, height=0
0:34:36 = hWnd = 0x003c0054; ClassName:
x=0, y=0, width=0, height=0
8:26:19 = Process Attach
8:26:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:26:19 = * NULL == SampleProvider *

8:26:19 = ##### Begin waiting Mutex to release process #####
8:26:20 =
ow.
x=0, y=0,
8:26:20 =
x=0, y=0,
8:26:20 =
x=0, y=0,
8:26:22 =

8:26:22 = s1.
8:26:22 = s2.
8:26:25 = Start show animate
8:26:25 = Shell Excutute VerifyHost
8:27:4 = begin close Process
8:27:4 = Terminate Process
8:27:6 = end close Process
8:27:6 = DLL_PROCESS_DETACH
16:27:51 = Process Attach
16:27:51 = end process attach
16:27:51 = ***** NULL == SampleProvider *****
16:27:51 = hWnd = 0x0008048e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

16:27:51 = hWnd = 0x000404f0; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:27:51 = hWnd = 0x00130668; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:27:51 = hWnd = 0x000b04bc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:28:46 = Process Attach
16:28:46 = ## ERR ## Setevent
16:28:46 = ***** NULL == SampleProvider *****
16:28:46 = begin close Process
16:28:46 = hWnd = 0x0094005e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:28:46 = ##### Get event and release process end #####
16:28:46 = hWnd = 0x00c401ca; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:28:46 = hWnd = 0x00dd01be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:33:56 = Process Attach
16:33:56 = end process attach
16:33:56 = ***** NULL == SampleProvider *****
16:33:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:33:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:33:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:33:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:33:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:33:58 = s1.
16:33:58 = s2.
16:34:1 = Start show animate
16:34:1 = Shell Excutute VerifyHost
16:34:40 = begin close Process
16:34:40 = Terminate Process
16:34:41 = end close Process
16:34:41 = DLL_PROCESS_DETACH
2:3:59 = Process Attach
2:3:59 = end process attach
2:3:59 = ***** NULL == SampleProvider *****
2:3:59 = hWnd = 0x00060778; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:3:59 = hWnd = 0x000707d2; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

2:3:59 = hWnd = 0x00190d8e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:3:59 = hWnd = 0x0006080c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:4:46 = Process Attach
2:4:46 = ## ERR ## Setevent
2:4:46 = ##### Get event and release process #####
2:4:46 = ***** NULL == SampleProvider *****
2:4:46 = ##### Get event and release process end #####
2:4:46 = hWnd = 0x0066005e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:4:46 = hWnd = 0x007e0060; ClassName:
w.
x=0, y=0, width=1, height=1
2:4:46 = hWnd = 0x0086017c; ClassName:
x=0, y=0, width=0, height=0
2:4:46 = hWnd = 0x007f0036; ClassName:
x=0, y=0, width=0, height=0
9:35:28 = Process Attach
9:35:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:28 = * NULL == SampleProvider *

9:35:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:35:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:35:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:35:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:35:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:31 = s1.
9:35:31 = s2.
9:35:34
9:35:34
9:36:12
9:36:12
9:36:13
9:36:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:42:58 = Process Attach

15:42:58 = end process attach
15:42:58 = ***** NULL == SampleProvider *****
15:42:58 = ##### Begin waiting Mutex to release process #####
15:42:58 = hWnd = 0x001705c8; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
15:42:58 = hWnd = 0x000c0790; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:42:58 = hWnd = 0x001106d4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:43:23 = Process Attach
15:43:23 = ## ERR ## Setevent
15:43:23 = ***** NULL == SampleProvider *****
15:43:23 = begin close Process
15:43:23 = end close Process
15:43:23 = ##### Get event and release process end #####
15:43:23 = hWnd = 0x084500a2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:43:23 = hWnd = 0x00be0038; ClassName:
dow.
x=0, y=0, width=1, height=1
15:43:23 = hWnd = 0x00a301ee; ClassName:
x=0, y=0, width=0, height=0
15:43:23 = hWnd = 0x00590088; ClassName:
x=0, y=0, width=0, height=0
19:45:7 = Process Attach
19:45:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:45:8 = * NULL == SampleProvider *

19:45:8 = ##### Begin waiting Mutex to release process #####
19:45:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:45:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
19:45:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:45:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:49:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:49:33 = s1.
19:49:33 = s2.
19:49:34
19:49:34
19:50:11
19:50:11
19:50:12
19:50:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:24:19 = Process Attach

21:24:19 = end process attach
21:24:19 = ***** NULL == SampleProvider *****

21:24:19 = ##### Begin waiting Mutex to release process #####

21:24:19 = hWnd = 0x00030490; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:24:19 = hWnd = 0x000c0594; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:24:19 = hWnd = 0x0007057a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:24:54 = Process Attach
21:24:54 = ## ERR ## Setevent
21:24:54 = ***** NULL == SampleProvider *****
21:24:54 = begin close Process
21:24:54 = end close Process
21:24:54 = ##### Get event and release process end #####
21:24:54 = hWnd = 0x004a0028; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:24:54 = hWnd = 0x005601fe; ClassName:
dow.
x=0, y=0, width=1, height=1
21:24:54 = hWnd = 0x000f003c; ClassName:
x=0, y=0, width=0, height=0
21:24:54 = hWnd = 0x001500d0; ClassName:
x=0, y=0, width=0, height=0
21:29:27 = Process Attach
21:29:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:29:27 = * NULL == SampleProvider *

21:29:27 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:29:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:29:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:29:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:31:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:31:29 = s1.
21:31:29 = s2.
21:31:31 = Start show animate
21:31:31 = Shell Excutute VerifyHost
21:32:0 = begin close Process
21:32:0 = Terminate Process
21:32:1 = end close Process
21:32:1 = DLL_PROCESS_DETACH
0:4:6 = Process Attach
0:4:6 = end process attach
0:4:6 = ***** NULL == SampleProvider *****

0:4:6 = hWnd = 0x00030644; ClassName:

nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:4:6 = hWnd = 0x000c0842; ClassName:
.
x=0, y=0, width=1, height=1
0:4:6 = hWnd = 0x00040710; ClassName:
x=0, y=0, width=0, height=0
0:4:6 = hWnd = 0x0004074a; ClassName:
x=0, y=0, width=0, height=0
0:4:38 = Process Attach
0:4:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:4:38 = ##### Get event and release process #####

0:4:38 = ***** NULL == SampleProvider *****
0:4:38 = end close Process
0:4:38 = ##### Get event and release process end #####
0:4:38 = hWnd = 0x001d002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:4:38 = hWnd = 0x003501d0; ClassName:
w.
x=0, y=0, width=1, height=1
0:4:38 = hWnd = 0x000201d2; ClassName:
x=0, y=0, width=0, height=0
0:4:38 = hWnd = 0x004f01c0; ClassName:
x=0, y=0, width=0, height=0
9:4:8 = Process Attach
9:4:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:4:8 = * NULL == SampleProvider *

9:4:8 = ##### Begin waiting Mutex to release process #####
9:4:8 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:4:12 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:4:12 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:4:12 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:4:15 = Need to re-create objects.
9:4:15 = s1.
9:4:15 = s2.
9:4:19
9:4:19
9:4:58
9:4:58
9:4:59
9:4:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:33:44 = Process Attach

1:33:44 = end process attach
1:33:44 = ***** NULL == SampleProvider *****
1:33:44 = hWnd = 0x00150724; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:44 = hWnd = 0x000e07d6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:44 = hWnd = 0x00120640; ClassName:
x=0, y=0, width=0, height=0
1:33:44 = hWnd = 0x002204fc; ClassName:
x=0, y=0, width=0, height=0
1:34:25 = Process Attach
1:34:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:25 = ##### Get event and release process #####

1:34:25 = begin close Process
1:34:25 = end close Process
1:34:25 = ##### Get event and release process end #####
1:34:25 = hWnd = 0x008c016c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:25 = hWnd = 0x01630198; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:25 = hWnd = 0x00c50190; ClassName:
x=0, y=0, width=0, height=0
1:34:25 = hWnd = 0x00660146; ClassName:
x=0, y=0, width=0, height=0
10:2:26 = Process Attach
10:2:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:2:26 = * NULL == SampleProvider *

10:2:26 = ##### Begin waiting Mutex to release process #####
10:2:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:2:28 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:2:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:2:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:2:31 = Need to re-create objects.
10:2:31 = s1.
10:2:31 = s2.
10:2:36 = Start show animate
10:2:36 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:13
10:3:13
10:3:14
10:3:14

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

23:6:49 = Process Attach

23:6:49 = end process attach
23:6:49 = ***** NULL == SampleProvider *****
23:6:49 = hWnd = 0x00090c26; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:6:49 = hWnd = 0x00340bc4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
23:6:49 = hWnd = 0x0029089a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:6:49 = hWnd = 0x0003014e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:6:57 = ##### Begin waiting Mutex to release process #####
23:13:23 = Need to re-create objects.
23:13:24 = s1.
23:13:24 = s2.
23:13:24
23:13:24
23:15:42
23:15:42
23:15:43
23:15:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:20:27 = Process Attach

2:20:27 = end process attach
2:20:27 = ***** NULL == SampleProvider *****
2:20:27 = ##### Begin waiting Mutex to release process #####
2:20:27 = hWnd = 0x003c0604; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:20:27 = hWnd = 0x001d0b5c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:20:27 = hWnd = 0x001e051a; ClassName:
x=0, y=0, width=0, height=0
2:20:27 = hWnd = 0x00140ad6; ClassName:
x=0, y=0, width=0, height=0
2:20:53 = Process Attach
2:20:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:20:53 = ##### Get event and release process #####

2:20:53 = begin close Process
2:20:53 = end close Process
2:20:53 = ##### Get event and release process end #####

2:20:53 = hWnd = 0x00260176; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:20:53 = hWnd = 0x0234017a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:20:53 = hWnd = 0x00c60162; ClassName:
x=0, y=0, width=0, height=0
2:20:53 = hWnd = 0x01290164; ClassName:
x=0, y=0, width=0, height=0
10:36:33 = Process Attach
10:36:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:36:33 = * NULL == SampleProvider *

10:36:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:36:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:36:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:36:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:36:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:36:37 = s1.
10:36:37 = s2.
10:36:42
10:36:42
10:37:21
10:37:21
10:37:22
10:37:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:58:54 = Process Attach

23:58:54 = end process attach
23:58:54 = ***** NULL == SampleProvider *****
23:58:54 = ##### Begin waiting Mutex to release process #####
23:58:54 = hWnd = 0x001d0516; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:58:54 = hWnd = 0x0016075a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:58:54 = hWnd = 0x001404a6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:59:31 = Process Attach
23:59:31 = ## ERR ## Setevent
23:59:31 = ##### Get event and release process #####
23:59:31 = begin close Process
23:59:31 = end close Process

23:59:31 = ##### Get event and release process end #####

23:59:31 = hWnd = 0x00a50060; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:59:31 = hWnd = 0x010401ea; ClassName:
dow.
x=0, y=0, width=1, height=1
23:59:31 = hWnd = 0x008901ec; ClassName:
x=0, y=0, width=0, height=0
23:59:31 = hWnd = 0x014301e6; ClassName:
x=0, y=0, width=0, height=0
10:5:11 = Process Attach
10:5:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:5:11 = * NULL == SampleProvider *

10:5:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:5:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:5:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:5:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:5:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:5:17 = s1.
10:5:17 = s2.
10:5:21 = Start show animate
10:5:21 = Shell Excutute VerifyHost
10:6:0 = begin close Process
10:6:0 = Terminate Process
10:6:1 = end close Process
10:6:1 = DLL_PROCESS_DETACH
1:5:59 = Process Attach
1:5:59 = end process attach
1:5:59 = ***** NULL == SampleProvider *****
1:5:59 = hWnd = 0x000c011a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:5:59 = hWnd = 0x0005065a; ClassName:
w.
x=0, y=0, width=1, height=1
1:5:59 = hWnd = 0x002005c8; ClassName:
x=0, y=0, width=0, height=0
1:5:59 = hWnd = 0x00060658; ClassName:
x=0, y=0, width=0, height=0
1:6:43 = Process Attach
1:6:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:6:43 = ##### Get event and release process #####

1:6:43 = begin close Process

1:6:43 = end close Process
1:6:43 = ##### Get event and release process end #####
1:6:43 = hWnd = 0x004900d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:6:43 = hWnd = 0x004200da; ClassName:
w.
x=0, y=0, width=1, height=1
1:6:43 = hWnd = 0x010e008c; ClassName:
x=0, y=0, width=0, height=0
1:6:43 = hWnd = 0x010401a4; ClassName:
x=0, y=0, width=0, height=0
8:17:36 = Process Attach
8:17:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:36 = * NULL == SampleProvider *

8:17:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:17:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:17:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:17:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:17:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:41 = s1.
8:17:41 = s2.
8:17:44
8:17:44
8:18:22
8:18:22
8:18:23
8:18:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:28:20 = Process Attach

1:28:20 = end process attach
1:28:20 = ***** NULL == SampleProvider *****
1:28:20 = hWnd = 0x001f0762; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:28:20 = hWnd = 0x002707da; ClassName:
ow.
x=0, y=0, width=1, height=1
1:28:20 = hWnd = 0x00230496; ClassName:
x=0, y=0, width=0, height=0
1:28:20 = hWnd = 0x002d07c0; ClassName:
x=0, y=0, width=0, height=0
1:28:36 = Process Attach
1:28:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:28:36 = ##### Get event and release process #####

1:28:36 = begin close Process
1:28:36 = end close Process
1:28:36 = ##### Get event and release process end #####
1:28:36 = hWnd = 0x012600e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:28:36 = hWnd = 0x00a201aa; ClassName:
ow.
x=0, y=0, width=1, height=1
1:28:36 = hWnd = 0x00a601e2; ClassName:
x=0, y=0, width=0, height=0
1:28:36 = hWnd = 0x00e60048; ClassName:
x=0, y=0, width=0, height=0
8:3:12 = Process Attach
8:3:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:3:12 = * NULL == SampleProvider *

8:3:12 = ##### Begin waiting Mutex to release process #####
8:3:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:3:13 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:3:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:3:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:3:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:3:18 = s1.
8:3:18 = s2.
8:3:21 = Start show animate
8:3:21 = Shell Excutute VerifyHost
8:3:59 = begin close Process
8:3:59 = Terminate Process
8:4:0 = end close Process
8:4:0 = DLL_PROCESS_DETACH
16:51:25 = Process Attach
16:51:25 = end process attach
16:51:25 = ***** NULL == SampleProvider *****
16:51:25 = ##### Begin waiting Mutex to release process #####
16:51:25 = hWnd = 0x00050440; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:51:25 = hWnd = 0x0006032e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:51:25 = hWnd = 0x00050394; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

16:51:25 = hWnd = 0x00050392; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:51:56 = Process Attach
16:51:56 = ## ERR ## Setevent
16:51:56 = ***** NULL == SampleProvider *****
16:51:56 = begin close Process
16:51:56 = end close Process
16:51:56 = ##### Get event and release process end #####
16:51:56 = hWnd = 0x0057003a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:51:56 = hWnd = 0x0068017c; ClassName:
dow.
x=0, y=0, width=1, height=1
16:51:56 = hWnd = 0x001e0086; ClassName:
x=0, y=0, width=0, height=0
16:51:56 = hWnd = 0x00bf016a; ClassName:
x=0, y=0, width=0, height=0
18:42:16 = Process Attach
18:42:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:16 = * NULL == SampleProvider *

18:42:16 = ##### Begin waiting Mutex to release process #####
18:42:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:42:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:42:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:42:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:42:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:19 = s1.
18:42:19 = s2.
18:42:23 = Start show animate
18:42:23 = Shell Excutute VerifyHost
18:43:2 = begin close Process
18:43:2 = Terminate Process
18:43:3 = end close Process
18:43:3 = DLL_PROCESS_DETACH
0:25:47 = Process Attach
0:25:47 = end process attach
0:25:47 = ***** NULL == SampleProvider *****
0:25:47 = ##### Begin waiting Mutex to release process #####
0:25:47 = hWnd = 0x0010133c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
0:25:47 = hWnd = 0x0006136c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:25:47 = hWnd = 0x001712d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:25:47 = hWnd = 0x002012a0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:26:14 = Process Attach
0:26:14 = ## ERR ## Setevent
0:26:14 = ##### Get event and release process #####
0:26:14 = ***** NULL == SampleProvider *****
0:26:14 = ##### Get event and release process end #####
0:26:14 = hWnd = 0x0074004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:26:14 = hWnd = 0x00550204; ClassName:
ow.
x=0, y=0, width=1, height=1
0:26:14 = hWnd = 0x00690066; ClassName:
x=0, y=0, width=0, height=0
0:26:14 = hWnd = 0x007b0060; ClassName:
x=0, y=0, width=0, height=0
9:46:22 = Process Attach
9:46:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:46:22 = * NULL == SampleProvider *

9:46:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:46:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:46:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:46:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:46:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:46:26 = s1.
9:46:26 = s2.
9:46:30 = Start show animate
9:46:30 = Shell Excutute VerifyHost
9:47:8 = begin close Process
9:47:8 = Terminate Process
9:47:9 = end close Process
9:47:9 = DLL_PROCESS_DETACH
13:55:34 = Process Attach
13:55:34 = end process attach
13:55:34 = ***** NULL == SampleProvider *****

13:55:34 = ##### Begin waiting Mutex to release process #####

13:55:34 = hWnd = 0x00070a64; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:55:34 = hWnd = 0x00080b44; ClassName:
dow.
x=0, y=0, width=1, height=1
13:55:34 = hWnd = 0x00070af8; ClassName:
x=0, y=0, width=0, height=0
13:55:34 = hWnd = 0x00070a54; ClassName:
x=0, y=0, width=0, height=0
13:55:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:55:34 = s1.
13:55:34 = s2.
13:55:35 = Start show animate
13:55:35 = Shell Excutute VerifyHost
14:8:20 = begin close Process
14:8:20 = Terminate Process
14:8:21 = end close Process
14:8:21 = DLL_PROCESS_DETACH
14:10:3 = Process Attach
14:10:3 = end process attach
14:10:3 = ##### Begin waiting Mutex to release process #####
14:10:3 = ***** NULL == SampleProvider *****
14:10:3 = hWnd = 0x00110572; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:10:3 = hWnd = 0x00110b24; ClassName:
ow.
x=0, y=0, width=1, height=1
14:10:3 = hWnd = 0x000d0b62; ClassName:
x=0, y=0, width=0, height=0
14:10:3 = hWnd = 0x00760ac0; ClassName:
x=0, y=0, width=0, height=0
14:29:28 = Process Attach
14:29:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:29:29 = * NULL == SampleProvider *

14:29:29 = ##### Begin waiting Mutex to release process #####
14:29:30 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
14:29:30 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:29:30 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:29:34 = Need to re-create objects.
14:29:34 = s1.

14:29:34 = s2.
14:29:38
14:29:38
14:30:16
14:30:16
14:30:17
14:30:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:11:45 = Process Attach

0:11:45 = end process attach
0:11:45 = ***** NULL == SampleProvider *****
0:11:45 = ##### Begin waiting Mutex to release process #####
0:11:45 =
ow.
x=0, y=0,
0:11:45 =
x=0, y=0,
0:11:45 =
x=0, y=0,
0:12:18 =
0:12:18 =

hWnd = 0x004a15cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000812e8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00181220; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:12:18 = * NULL == SampleProvider *

0:12:18 = begin close Process
0:12:18 = end close Process
0:12:18 = ##### Get event and release process end #####
0:12:18 = hWnd = 0x012c0084; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:12:18 = hWnd = 0x008601ba; ClassName:
ow.
x=0, y=0, width=1, height=1
0:12:18 = hWnd = 0x002a01fa; ClassName:
x=0, y=0, width=0, height=0
0:12:18 = hWnd = 0x00a10048; ClassName:
x=0, y=0, width=0, height=0
9:18:21 = Process Attach
9:18:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:18:21 = * NULL == SampleProvider *

9:18:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:18:21 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:18:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:18:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:18:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:18:24 = s1.
9:18:24 = s2.
9:18:28 = Start show animate
9:18:28 = Shell Excutute VerifyHost
9:19:7 = begin close Process
9:19:7 = Terminate Process
9:19:8 = end close Process
9:19:8 = DLL_PROCESS_DETACH
23:56:53 = Process Attach
23:56:53 = end process attach
23:56:53 = ***** NULL == SampleProvider *****
23:56:53 = ##### Begin waiting Mutex to release process #####
23:56:53 = hWnd = 0x001605a8; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:56:53 = hWnd = 0x000b05b6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:56:53 = hWnd = 0x002b05ae; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:57:8 = Process Attach
23:57:8 = ## ERR ## Setevent
23:57:8 = ##### Get event and release process #####
23:57:8 = begin close Process
23:57:8 = end close Process
23:57:8 = ##### Get event and release process end #####
23:57:8 =
ow.
x=0, y=0,
23:57:8 =
x=0, y=0,
23:57:8 =
x=0, y=0,
9:35:36 =
9:35:36 =

hWnd = 0x0162009a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00e00036; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00e5004c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:35:36 = * NULL == SampleProvider *

9:35:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:35:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:35:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:35:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:35:39 = Need to re-create objects.
9:35:39 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:39 = s2.
9:35:42
9:35:42
9:36:21
9:36:21
9:36:22
9:36:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:29:10 = Process Attach

17:29:10 = end process attach
17:29:10 = ***** NULL == SampleProvider *****
17:29:10 = ##### Begin waiting Mutex to release process #####
17:29:10 = hWnd = 0x000703ca; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:29:10 = hWnd = 0x000403e6; ClassName:
dow.
x=0, y=0, width=1, height=1
17:29:10 = hWnd = 0x000403e2; ClassName:
x=0, y=0, width=0, height=0
17:29:10 = hWnd = 0x000603d8; ClassName:
x=0, y=0, width=0, height=0
17:29:19 = Process Attach
17:29:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:29:19 = ##### Get event and release process #####

17:29:19 = ***** NULL == SampleProvider *****
17:29:19 = end close Process
17:29:19 = ##### Get event and release process end #####
17:29:19 = hWnd = 0x00110172; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:29:19 = hWnd = 0x00c601c0; ClassName:
dow.
x=0, y=0, width=1, height=1
17:29:19 = hWnd = 0x000f017e; ClassName:
x=0, y=0, width=0, height=0
17:29:19 = hWnd = 0x00b90052; ClassName:
x=0, y=0, width=0, height=0
20:7:54 = Process Attach
20:7:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:7:55 = * NULL == SampleProvider *

20:7:55 = ##### Begin waiting Mutex to release process #####
20:7:55 =
ow.
x=0, y=0,
20:7:56 =
x=0, y=0,
20:7:56 =
x=0, y=0,

20:7:59 = Need to re-create objects.

20:7:59 = s1.
20:7:59 = s2.
20:8:2 = Start show animate
20:8:2 = Shell Excutute VerifyHost
20:8:39 = begin close Process
20:8:39 = Terminate Process
20:8:40 = end close Process
20:8:40 = DLL_PROCESS_DETACH
1:42:58 = Process Attach
1:42:58 = end process attach
1:42:58 = ***** NULL == SampleProvider *****
1:42:58 = ##### Begin waiting Mutex to release process #####
1:42:58 = hWnd = 0x000e04d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:42:58 = hWnd = 0x000404ce; ClassName:
ow.
x=0, y=0, width=1, height=1
1:42:58 = hWnd = 0x000404be; ClassName:
x=0, y=0, width=0, height=0
1:42:58 = hWnd = 0x000204e0; ClassName:
x=0, y=0, width=0, height=0
1:43:14 = Process Attach
1:43:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:43:14 = * NULL == SampleProvider *

1:43:14 = ##### Get event and release process #####
1:43:14 = begin close Process
1:43:14 = end close Process
1:43:14 = ##### Get event and release process end #####
1:43:14 = hWnd = 0x00850052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:43:14 = hWnd = 0x004000dc; ClassName:
ow.
x=0, y=0, width=1, height=1
1:43:14 = hWnd = 0x0004005e; ClassName:
x=0, y=0, width=0, height=0
1:43:14 = hWnd = 0x004e0182; ClassName:
x=0, y=0, width=0, height=0
9:26:30 = Process Attach
9:26:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:26:30 = * NULL == SampleProvider *

9:26:30 = ##### Begin waiting Mutex to release process #####
9:26:30 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
9:26:31 =
ow.
x=0, y=0,
9:26:31 =
x=0, y=0,
9:26:31 =
x=0, y=0,
9:26:33 =

9:26:33 = s1.
9:26:33 = s2.
9:26:38
9:26:38
9:27:15
9:27:15
9:27:17
9:27:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:33:27 = Process Attach

0:33:27 = end process attach
0:33:27 = ##### Begin waiting Mutex to release process #####
0:33:27 = hWnd = 0x003304d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:33:27 = hWnd = 0x000406a8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:33:27 = hWnd = 0x000f0644; ClassName:
x=0, y=0, width=0, height=0
0:33:27 = hWnd = 0x000804aa; ClassName:
x=0, y=0, width=0, height=0
0:33:51 = Process Attach
0:33:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:33:51 = ##### Get event and release process #####

0:33:51 = ***** NULL == SampleProvider *****
0:33:51 = end close Process
0:33:51 = ##### Get event and release process end #####
0:33:51 = hWnd = 0x00310090; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:33:51 = hWnd = 0x013700e0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:33:51 = hWnd = 0x01060052; ClassName:
x=0, y=0, width=0, height=0
0:33:51 = hWnd = 0x012e002a; ClassName:
x=0, y=0, width=0, height=0
9:5:25 = Process Attach
9:5:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:5:25 = * NULL == SampleProvider *

9:5:25 = ##### Begin waiting Mutex to release process #####

9:5:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:5:25 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:5:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:5:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:5:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:5:28 = s1.
9:5:28 = s2.
9:5:31 = Start show animate
9:5:31 = Shell Excutute VerifyHost
9:6:8 = begin close Process
9:6:8 = Terminate Process
9:6:9 = end close Process
9:6:9 = DLL_PROCESS_DETACH
19:49:8 = Process Attach
19:49:8 = end process attach
19:49:8 = ***** NULL == SampleProvider *****
19:49:8 = hWnd = 0x000b0634; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:49:8 = hWnd = 0x000803c2; ClassName:
ow.
x=0, y=0, width=1, height=1
19:49:8 = hWnd = 0x000a032e; ClassName:
x=0, y=0, width=0, height=0
19:49:8 = hWnd = 0x0012123c; ClassName:
x=0, y=0, width=0, height=0
19:49:45 = Process Attach
19:49:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:49:45 = ##### Get event and release process #####

19:49:45 = begin close Process
19:49:45 = end close Process
19:49:45 = ##### Get event and release process end #####
19:49:45 = hWnd = 0x002301fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:49:45 = hWnd = 0x0087008e; ClassName:
dow.
x=0, y=0, width=1, height=1
19:49:45 = hWnd = 0x00d80086; ClassName:
x=0, y=0, width=0, height=0
19:49:45 = hWnd = 0x01380058; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:54:31 = Process Attach

19:54:31 = end process attach
19:54:31 = ***** NULL == SampleProvider *****
19:54:31 = ##### Begin waiting Mutex to release process #####
19:54:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:54:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:54:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:54:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:54:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:54:35 = s1.
19:54:35 = s2.
19:54:39
19:54:39
19:55:16
19:55:16
19:55:17
19:55:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:9:54 = Process Attach

1:9:54 = end process attach
1:9:54 = ***** NULL == SampleProvider *****
1:9:54 = ##### Begin waiting Mutex to release process #####
1:9:54 = hWnd = 0x00050438; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:9:54 = hWnd = 0x0003041e; ClassName:
w.
x=0, y=0, width=1, height=1
1:9:54 = hWnd = 0x000403f6; ClassName:
x=0, y=0, width=0, height=0
1:9:54 = hWnd = 0x00050476; ClassName:
x=0, y=0, width=0, height=0
1:10:0 = Process Attach
1:10:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:10:0 = * NULL == SampleProvider *

1:10:0 = begin close Process
1:10:0 = end close Process
1:10:0 = ##### Get event and release process end #####
1:10:0 = hWnd = 0x006c00c2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:10:0 = hWnd = 0x004b0058; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
1:10:0 = hWnd = 0x000201ce; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:10:0 = hWnd = 0x006900be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:15:0 = Process Attach
10:15:0 = end process attach
10:15:0 = ***** NULL == SampleProvider *****
10:15:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:15:1 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:15:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:15:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:15:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:15:4 = s1.
10:15:4 = s2.
10:15:8 = Start show animate
10:15:8 = Shell Excutute VerifyHost
10:15:45 = begin close Process
10:15:45 = Terminate Process
10:15:47 = end close Process
10:15:47 = DLL_PROCESS_DETACH
21:37:25 = Process Attach
21:37:25 = end process attach
21:37:25 = ***** NULL == SampleProvider *****
21:37:25 = ##### Begin waiting Mutex to release process #####
21:37:25 = hWnd = 0x00360c9c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:37:25 = hWnd = 0x00050b2c; ClassName:
dow.
x=0, y=0, width=1, height=1
21:37:25 = hWnd = 0x002904c0; ClassName:
x=0, y=0, width=0, height=0
21:37:25 = hWnd = 0x005a0640; ClassName:
x=0, y=0, width=0, height=0
21:37:26 = Need to re-create objects.
21:37:26 = s1.
21:37:26 = s2.
21:37:28 = Start show animate
21:37:28 = Shell Excutute VerifyHost
22:15:57 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:15:57 = Terminate Process

22:15:58 = end close Process
22:15:58 = DLL_PROCESS_DETACH
22:30:15 = Process Attach
22:30:15 = end process attach
22:30:15 = ***** NULL == SampleProvider *****
22:30:15 = ##### Begin waiting Mutex to release process #####
22:30:15 = hWnd = 0x000f07a2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:30:15 = hWnd = 0x0011049c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:30:15 = hWnd = 0x000a0564; ClassName:
x=0, y=0, width=0, height=0
22:30:15 = hWnd = 0x00501812; ClassName:
x=0, y=0, width=0, height=0
22:30:15 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:30:15 = s1.
22:30:15 = s2.
22:30:15 = Start show animate
22:30:15 = Shell Excutute VerifyHost
23:19:2 = begin close Process
23:19:2 = Terminate Process
23:19:3 = end close Process
23:19:3 = DLL_PROCESS_DETACH
0:44:15 = Process Attach
0:44:15 = end process attach
0:44:15 = ***** NULL == SampleProvider *****
0:44:15 = ##### Begin waiting Mutex to release process #####
0:44:15 =
ow.
x=0, y=0,
0:44:15 =
x=0, y=0,
0:44:15 =
x=0, y=0,
0:44:50 =
0:44:50 =

hWnd = 0x00551812; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00220b10; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x006209ae; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:44:50 = * NULL == SampleProvider *

0:44:50 = begin close Process
0:44:50 = end close Process
0:44:50 = ##### Get event and release process end #####
0:44:50 = hWnd = 0x007c004c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

0:44:50 =
ow.
x=0, y=0,
0:44:50 =
x=0, y=0,
0:44:50 =
x=0, y=0,
6:59:50 =
6:59:50 =

hWnd = 0x015901a2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00e8008e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00b701aa; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

6:59:50 = * NULL == SampleProvider *

6:59:50 = ##### Begin waiting Mutex to release process #####
6:59:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:59:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:59:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:59:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:59:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:59:55 = s1.
6:59:55 = s2.
7:0:0 = Start show animate
7:0:0 = Shell Excutute VerifyHost
7:0:38 = begin close Process
7:0:38 = Terminate Process
7:0:39 = end close Process
7:0:39 = DLL_PROCESS_DETACH
16:9:30 = Process Attach
16:9:30 = end process attach
16:9:30 = ***** NULL == SampleProvider *****
16:9:30 = hWnd = 0x00090cc0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:9:30 = hWnd = 0x000d0510; ClassName:
ow.
x=0, y=0, width=1, height=1
16:9:30 = hWnd = 0x00160c3c; ClassName:
x=0, y=0, width=0, height=0
16:9:30 = hWnd = 0x001204d6; ClassName:
x=0, y=0, width=0, height=0
16:10:53 = Process Attach
16:10:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:10:53 = * NULL == SampleProvider *

16:10:53 = ##### Get event and release process #####
16:10:53 = begin close Process

16:10:53 = end close Process

16:10:53 = ##### Get event and release process end #####
16:10:53 = hWnd = 0x001301ae; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:10:53 = hWnd = 0x00e2018c; ClassName:
dow.
x=0, y=0, width=1, height=1
16:10:53 = hWnd = 0x00040090; ClassName:
x=0, y=0, width=0, height=0
16:10:53 = hWnd = 0x006801c0; ClassName:
x=0, y=0, width=0, height=0
16:14:38 = Process Attach
16:14:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:14:38 = * NULL == SampleProvider *

16:14:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:14:39 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:14:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:14:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:14:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:14:45 = s1.
16:14:45 = s2.
16:14:48
16:14:48
16:15:25
16:15:25
16:15:26
16:15:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:13:7 = Process Attach

22:13:7 = end process attach
22:13:7 = ##### Begin waiting Mutex to release process #####
22:13:7 = ***** NULL == SampleProvider *****
22:13:11 = hWnd = 0x00100dac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:13:11 = hWnd = 0x00140d9c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:13:11 = hWnd = 0x000c0ca0; ClassName:
x=0, y=0, width=0, height=0
22:13:11 = hWnd = 0x00160f4a; ClassName:
x=0, y=0, width=0, height=0
22:13:24 = begin close Process
22:13:24 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:13:24 = DLL_PROCESS_DETACH
0:45:43 = Process Attach
0:45:43 = end process attach
0:45:43 = ##### Begin waiting Mutex to release process #####
0:45:43 = hWnd = 0x0002057a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:45:43 = hWnd = 0x0003057e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:43 = hWnd = 0x00020574; ClassName:
x=0, y=0, width=0, height=0
0:45:43 = hWnd = 0x00020578; ClassName:
x=0, y=0, width=0, height=0
0:46:23 = Process Attach
0:46:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:46:23 = * NULL == SampleProvider *

0:46:23 = begin close Process
0:46:23 = end close Process
0:46:23 = ##### Get event and release process end #####
0:46:23 = hWnd = 0x004601f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:46:23 = hWnd = 0x003b01d2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:46:23 = hWnd = 0x009100e0; ClassName:
x=0, y=0, width=0, height=0
0:46:23 = hWnd = 0x003a01e0; ClassName:
x=0, y=0, width=0, height=0
9:21:14 = Process Attach
9:21:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:14 = * NULL == SampleProvider *

9:21:14 = ##### Begin waiting Mutex to release process #####
9:21:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:21:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:21:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:21:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:21:19 = Need to re-create objects.
9:21:19 = s1.
9:21:19 = s2.
9:21:22 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:22 = Shell Excutute VerifyHost

9:22:1 = begin close Process
9:22:1 = Terminate Process
9:22:3 = end close Process
9:22:3 = DLL_PROCESS_DETACH
10:3:44 = Process Attach
10:3:44 = end process attach
10:3:44 = ##### Begin waiting Mutex to release process #####
10:3:44 = ***** NULL == SampleProvider *****
10:3:44 = hWnd = 0x00070490; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:3:44 = hWnd = 0x000304f8; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:44 = hWnd = 0x000304fe; ClassName:
x=0, y=0, width=0, height=0
10:3:44 = hWnd = 0x000404ee; ClassName:
x=0, y=0, width=0, height=0
10:3:48 = Process Attach
10:3:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:48 = ##### Get event and release process #####

10:3:48 = begin close Process
10:3:48 = end close Process
10:3:48 = ##### Get event and release process end #####
10:3:48 = hWnd = 0x000400ec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:3:48 = hWnd = 0x000301ae; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:48 = hWnd = 0x0002002c; ClassName:
x=0, y=0, width=0, height=0
10:3:48 = hWnd = 0x000f008c; ClassName:
x=0, y=0, width=0, height=0
11:33:48 = Process Attach
11:33:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:33:48 = * NULL == SampleProvider *

11:33:48 = ##### Begin waiting Mutex to release process #####
11:33:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:33:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:33:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:33:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:33:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:33:52 = s1.
11:33:52 = s2.
11:33:56
11:33:56
11:34:34
11:34:34
11:34:35
11:34:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:53:4 = Process Attach

13:53:5 = end process attach
13:53:5 = ***** NULL == SampleProvider *****
13:53:5 = ##### Begin waiting Mutex to release process #####
13:53:5 = hWnd = 0x000308cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:53:5 = hWnd = 0x000408f0; ClassName:
ow.
x=0, y=0, width=1, height=1
13:53:5 = hWnd = 0x00151178; ClassName:
x=0, y=0, width=0, height=0
13:53:5 = hWnd = 0x000508ec; ClassName:
x=0, y=0, width=0, height=0
13:53:6 = begin close Process
13:53:6 = end close Process
13:53:6 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:32:19 = Process Attach

14:32:19 = end process attach
14:32:19 = ##### Begin waiting Mutex to release process #####
14:32:19 = ***** NULL == SampleProvider *****
14:32:19 = hWnd = 0x000b0aa2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
14:32:19 = hWnd = 0x000608b8; ClassName:
dow.
x=0, y=0, width=1, height=1
14:32:19 = hWnd = 0x001a035a; ClassName:
x=0, y=0, width=0, height=0
14:32:20 = hWnd = 0x001b0480; ClassName:
x=0, y=0, width=0, height=0
14:32:21 = begin close Process
14:32:21 = end close Process
14:32:21 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:18:19 = Process Attach

23:18:19 = end process attach
23:18:19 = ***** NULL == SampleProvider *****
23:18:19 = ##### Begin waiting Mutex to release process #####

23:18:19 = hWnd = 0x000a06b6; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:18:19 = hWnd = 0x00050a24; ClassName:
dow.
x=0, y=0, width=1, height=1
23:18:19 = hWnd = 0x000309f2; ClassName:
x=0, y=0, width=0, height=0
23:18:19 = hWnd = 0x00050a2c; ClassName:
x=0, y=0, width=0, height=0
23:18:49 = Process Attach
23:18:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:18:49 = ##### Get event and release process #####

23:18:49 = begin close Process
23:18:49 = ***** NULL == SampleProvider *****
23:18:49 = ##### Get event and release process end #####
23:18:49 = hWnd = 0x00cc01f6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:18:49 = hWnd = 0x00dd004c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:18:49 = hWnd = 0x00480054; ClassName:
x=0, y=0, width=0, height=0
23:18:49 = hWnd = 0x00bc0036; ClassName:
x=0, y=0, width=0, height=0
23:22:37 = Process Attach
23:22:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:37 = * NULL == SampleProvider *

23:22:37 = ##### Begin waiting Mutex to release process #####
23:22:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:22:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:22:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:22:42 = Need to re-create objects.
23:22:42 = s1.
23:22:42 = s2.
23:22:46
23:22:46
23:23:22
23:23:22
23:23:23
23:23:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:22:6 = Process Attach

3:22:6 = end process attach
3:22:6 = ***** NULL == SampleProvider *****
3:22:6 = ##### Begin waiting Mutex to release process #####
3:22:6 = hWnd = 0x001f101e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:22:6 = hWnd = 0x0012096c; ClassName:
w.
x=0, y=0, width=1, height=1
3:22:6 = hWnd = 0x000704f4; ClassName:
x=0, y=0, width=0, height=0
3:22:6 = hWnd = 0x000a03ae; ClassName:
x=0, y=0, width=0, height=0
3:22:8 = begin close Process
3:22:8 = end close Process
3:22:8 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:33:24 = Process Attach

3:33:24 = end process attach
3:33:24 = ***** NULL == SampleProvider *****
3:33:24 = hWnd = 0x0056149c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:33:24 = hWnd = 0x00300c10; ClassName:
ow.
x=0, y=0, width=1, height=1
3:33:24 = hWnd = 0x00280802; ClassName:
x=0, y=0, width=0, height=0
3:33:24 = hWnd = 0x000e0ff0; ClassName:
x=0, y=0, width=0, height=0
3:33:25 = begin close Process
3:33:25 = end close Process
3:33:25 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:38:22 = Process Attach

3:38:23 = end process attach
3:38:23 = ##### Begin waiting Mutex to release process #####
3:38:23 = hWnd = 0x000914e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:38:25 = hWnd = 0x000714e6; ClassName:
ow.
x=0, y=0, width=1, height=1
3:38:25 = hWnd = 0x000d068a; ClassName:
x=0, y=0, width=0, height=0
3:38:25 = hWnd = 0x000d1416; ClassName:
x=0, y=0, width=0, height=0
3:38:35 = begin close Process
3:38:35 = end close Process
3:38:35 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:39:35 = Process Attach

3:39:35 = end process attach
3:39:35 = ***** NULL == SampleProvider *****
3:39:35 = hWnd = 0x00201472; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:39:35 = hWnd = 0x00110ff0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:39:36 = hWnd = 0x000a08da; ClassName:
x=0, y=0, width=0, height=0
3:39:36 = hWnd = 0x000602b2; ClassName:
x=0, y=0, width=0, height=0
3:39:38 = begin close Process
3:39:38 = end close Process
3:39:38 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:39:54 = Process Attach

3:39:54 = end process attach
3:39:54 = ***** NULL == SampleProvider *****
3:39:54 = ##### Begin waiting Mutex to release process #####
3:39:54 = hWnd = 0x000509ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:39:54 = hWnd = 0x000e04c8; ClassName:
ow.
x=0, y=0, width=1, height=1
3:39:54 = hWnd = 0x000a08f0; ClassName:
x=0, y=0, width=0, height=0
3:39:54 = hWnd = 0x000e13cc; ClassName:
x=0, y=0, width=0, height=0
3:39:55 = begin close Process
3:39:55 = end close Process
3:39:55 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:40:9 = Process Attach

3:40:9 = end process attach
3:40:9 = ##### Begin waiting Mutex to release process #####
3:40:9 = hWnd = 0x000f13cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
3:40:9 = hWnd = 0x0013069e; ClassName:
w.
x=0, y=0, width=1, height=1
3:40:9 = hWnd = 0x0008141c; ClassName:
x=0, y=0, width=0, height=0
3:40:9 = hWnd = 0x000f04c8; ClassName:
x=0, y=0, width=0, height=0
3:40:11 = begin close Process
3:40:11 = end close Process
3:40:11 = DLL_PROCESS_DETACH
3:55:9 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:55:9 = end process attach

3:55:9 = ##### Begin waiting Mutex to release process #####
3:55:9 = hWnd = 0x0007010c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:55:9 = hWnd = 0x000404c2; ClassName:
w.
x=0, y=0, width=1, height=1
3:55:9 = hWnd = 0x000904c4; ClassName:
x=0, y=0, width=0, height=0
3:55:9 = hWnd = 0x000904bc; ClassName:
x=0, y=0, width=0, height=0
3:56:5 = Process Attach
3:56:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:56:5 = * NULL == SampleProvider *

3:56:5 = begin close Process
3:56:5 = end close Process
3:56:5 = ##### Get event and release process end #####
3:56:5 = hWnd = 0x000d0052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:56:5 = hWnd = 0x005900e0; ClassName:
w.
x=0, y=0, width=1, height=1
3:56:5 = hWnd = 0x000201dc; ClassName:
x=0, y=0, width=0, height=0
3:56:5 = hWnd = 0x006f0056; ClassName:
x=0, y=0, width=0, height=0
10:21:22 = Process Attach
10:21:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:21:22 = * NULL == SampleProvider *

10:21:22 = ##### Begin waiting Mutex to release process #####
10:21:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:21:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:21:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:21:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:21:28 = Need to re-create objects.
10:21:28 = s1.
10:21:28 = s2.
10:21:32
10:21:32
10:22:11
10:22:11

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:22:12 = end close Process

10:22:12 = DLL_PROCESS_DETACH
19:59:19 = Process Attach
19:59:19 = end process attach
19:59:19 = ***** NULL == SampleProvider *****
19:59:19 = hWnd = 0x000303ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:59:19 = hWnd = 0x000503ea; ClassName:
dow.
x=0, y=0, width=1, height=1
19:59:19 = hWnd = 0x000203e6; ClassName:
x=0, y=0, width=0, height=0
19:59:19 = hWnd = 0x000303a2; ClassName:
x=0, y=0, width=0, height=0
19:59:58 = Process Attach
19:59:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:59:58 = ##### Get event and release process #####

19:59:58 = ***** NULL == SampleProvider *****
19:59:58 = end close Process
19:59:58 = ##### Get event and release process end #####
19:59:58 = hWnd = 0x004601dc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:59:58 = hWnd = 0x00ce005a; ClassName:
dow.
x=0, y=0, width=1, height=1
19:59:58 = hWnd = 0x003301e8; ClassName:
x=0, y=0, width=0, height=0
19:59:58 = hWnd = 0x00e40036; ClassName:
x=0, y=0, width=0, height=0
20:3:48 = Process Attach
20:3:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:3:48 = * NULL == SampleProvider *

20:3:49 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:3:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
20:3:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:3:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:3:55 = Need to re-create objects.
20:3:55 = s1.
20:3:55 = s2.
20:3:58 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:3:58
20:4:34
20:4:34
20:4:36
20:4:36

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:57:14 = Process Attach

23:57:14 = end process attach
23:57:14 = ***** NULL == SampleProvider *****
23:57:14 = hWnd = 0x000409bc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
23:57:14 = hWnd = 0x000403c2; ClassName:
dow.
x=0, y=0, width=1, height=1
23:57:15 = hWnd = 0x000309a0; ClassName:
x=0, y=0, width=0, height=0
23:57:15 = hWnd = 0x000309be; ClassName:
x=0, y=0, width=0, height=0
23:57:16 = begin close Process
23:57:16 = end close Process
23:57:16 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:1:23 = Process Attach

0:1:23 = end process attach
0:1:23 = ***** NULL == SampleProvider *****
0:1:23 = ##### Begin waiting Mutex to release process #####
0:1:23 = hWnd = 0x000403bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:1:23 = hWnd = 0x000b0148; ClassName:
w.
x=0, y=0, width=1, height=1
0:1:23 = hWnd = 0x000403b2; ClassName:
x=0, y=0, width=0, height=0
0:1:24 = hWnd = 0x000c010a; ClassName:
x=0, y=0, width=0, height=0
0:1:25 = begin close Process
0:1:25 = end close Process
0:1:25 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:7:6 = Process Attach

0:7:6 = end process attach
0:7:6 = ***** NULL == SampleProvider *****
0:7:6 = ##### Begin waiting Mutex to release process #####
0:7:6 = hWnd = 0x000e0132; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:7:6 = hWnd = 0x000d0134; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
0:7:6 = hWnd = 0x000803bc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

0:7:6 = hWnd = 0x0003067e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:7:7 = begin close Process
0:7:7 = end close Process
0:7:7 = DLL_PROCESS_DETACH
0:12:5 = Process Attach
0:12:5 = end process attach
0:12:5 = ##### Begin waiting Mutex to release process #####
0:12:5 = hWnd = 0x000b059a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:12:5 = hWnd = 0x000b09be; ClassName:
w.
x=0, y=0, width=1, height=1
0:12:5 = hWnd = 0x0003061a; ClassName:
x=0, y=0, width=0, height=0
0:12:5 = hWnd = 0x0011010e; ClassName:
x=0, y=0, width=0, height=0
0:12:7 = begin close Process
0:12:7 = end close Process
0:12:7 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:22:56 = Process Attach

0:22:56 = end process attach
0:22:56 = ***** NULL == SampleProvider *****
0:22:56 = ##### Begin waiting Mutex to release process #####
0:22:56 = hWnd = 0x000e012a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:22:56 = hWnd = 0x00170bac; ClassName:
ow.
x=0, y=0, width=1, height=1
0:22:56 = hWnd = 0x00110baa; ClassName:
x=0, y=0, width=0, height=0
0:22:56 = hWnd = 0x000e09e4; ClassName:
x=0, y=0, width=0, height=0
0:23:0 = begin close Process
0:23:0 = end close Process
0:23:0 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:37:10 = Process Attach

0:37:10 = end process attach
0:37:10 = ***** NULL == SampleProvider *****
0:37:10 = hWnd = 0x00150148; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:37:10 = hWnd = 0x003809f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:37:10 = hWnd = 0x000403d0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

0:37:10 =
x=0, y=0,
0:37:11 =
0:37:11 =
0:37:11 =

hWnd = 0x001804f4; ClassName: IME; Title: Default IME.

width=0, height=0
begin close Process
end close Process
DLL_PROCESS_DETACH

0:51:57 = Process Attach

0:51:57 = end process attach
0:51:57 = ***** NULL == SampleProvider *****
0:51:57 = ##### Begin waiting Mutex to release process #####
0:51:57 = hWnd = 0x001e010a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:51:57 = hWnd = 0x000f09be; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:57 = hWnd = 0x000e0b1e; ClassName:
x=0, y=0, width=0, height=0
0:51:57 = hWnd = 0x000b09d0; ClassName:
x=0, y=0, width=0, height=0
0:51:58 = begin close Process
0:51:58 = end close Process
0:51:58 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:9:39 = Process Attach

2:9:39 = end process attach
2:9:39 = ***** NULL == SampleProvider *****
2:9:39 = ##### Begin waiting Mutex to release process #####
2:9:39 = hWnd = 0x000604a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:9:39 = hWnd = 0x000904d2; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:39 = hWnd = 0x000b0ba4; ClassName:
x=0, y=0, width=0, height=0
2:9:39 = hWnd = 0x000504b2; ClassName:
x=0, y=0, width=0, height=0
2:10:10 = Process Attach
2:10:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:10 = ##### Get event and release process #####

2:10:10 = ***** NULL == SampleProvider *****
2:10:10 = end close Process
2:10:10 = ##### Get event and release process end #####
2:10:10 = hWnd = 0x004c00e0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:10:10 = hWnd = 0x00310054; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

2:10:10 =
x=0, y=0,
2:10:10 =
x=0, y=0,
9:41:54 =
9:41:54 =

hWnd = 0x00140038; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x006001d6; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:41:54 = * NULL == SampleProvider *

9:41:54 = ##### Begin waiting Mutex to release process #####
9:41:54 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:41:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:41:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:41:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:42:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:42:2 = s1.
9:42:2 = s2.
9:42:5 = Start show animate
9:42:5 = Shell Excutute VerifyHost
9:42:41 = begin close Process
9:42:41 = Terminate Process
9:42:42 = end close Process
9:42:42 = DLL_PROCESS_DETACH
11:17:45 = Process Attach
11:17:45 = end process attach
11:17:45 = ***** NULL == SampleProvider *****
11:17:45 = ##### Begin waiting Mutex to release process #####
11:17:45 = hWnd = 0x000b0464; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
11:17:45 = hWnd = 0x0006059c; ClassName:
dow.
x=0, y=0, width=1, height=1
11:17:45 = hWnd = 0x000504b4; ClassName:
x=0, y=0, width=0, height=0
11:17:45 = hWnd = 0x00070306; ClassName:
x=0, y=0, width=0, height=0
11:17:47 = begin close Process
11:17:47 = end close Process
11:17:47 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:33 = Process Attach

11:37:33 = end process attach
11:37:33 = ***** NULL == SampleProvider *****

11:37:33 = ##### Begin waiting Mutex to release process #####

11:37:33 = hWnd = 0x00170478; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
11:37:33 = hWnd = 0x00050540; ClassName:
dow.
x=0, y=0, width=1, height=1
11:37:33 = hWnd = 0x00060386; ClassName:
x=0, y=0, width=0, height=0
11:37:33 = hWnd = 0x0009010a; ClassName:
x=0, y=0, width=0, height=0
11:37:35 = begin close Process
11:37:35 = end close Process
11:37:35 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:50:57 = Process Attach

11:50:57 = end process attach
11:50:57 = ***** NULL == SampleProvider *****
11:50:57 = hWnd = 0x001a0478; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
11:50:57 = hWnd = 0x000a03f6; ClassName:
dow.
x=0, y=0, width=1, height=1
11:50:57 = hWnd = 0x000b0482; ClassName:
x=0, y=0, width=0, height=0
11:50:57 = hWnd = 0x00070506; ClassName:
x=0, y=0, width=0, height=0
11:50:58 = begin close Process
11:50:58 = end close Process
11:50:58 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:22:55 = Process Attach

12:22:55 = end process attach
12:22:55 = ***** NULL == SampleProvider *****
12:22:55 = hWnd = 0x00150544; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
12:22:55 = hWnd = 0x000f05f2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:22:55 = hWnd = 0x0010004e; ClassName:
x=0, y=0, width=0, height=0
12:22:56 = hWnd = 0x0014041a; ClassName:
x=0, y=0, width=0, height=0
12:22:57 = begin close Process
12:22:57 = end close Process
12:22:57 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:23:23 = Process Attach

12:23:23 = end process attach
12:23:23 = ***** NULL == SampleProvider *****
12:23:23 = ##### Begin waiting Mutex to release process #####

12:23:23 = hWnd = 0x000e03f6; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
12:23:23 = hWnd = 0x0009031e; ClassName:
dow.
x=0, y=0, width=1, height=1
12:23:23 = hWnd = 0x000803d8; ClassName:
x=0, y=0, width=0, height=0
12:23:23 = hWnd = 0x000d03d0; ClassName:
x=0, y=0, width=0, height=0
12:23:24 = begin close Process
12:23:24 = end close Process
12:23:24 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:43:8 = Process Attach

13:43:8 = end process attach
13:43:8 = ***** NULL == SampleProvider *****
13:43:8 = hWnd = 0x0013058c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:43:8 = hWnd = 0x000a0538; ClassName:
ow.
x=0, y=0, width=1, height=1
13:43:8 = hWnd = 0x000305a8; ClassName:
x=0, y=0, width=0, height=0
13:43:8 = hWnd = 0x00140562; ClassName:
x=0, y=0, width=0, height=0
13:43:9 = begin close Process
13:43:9 = end close Process
13:43:9 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:44:24 = Process Attach

13:44:24 = end process attach
13:44:24 = ***** NULL == SampleProvider *****
13:44:24 = ##### Begin waiting Mutex to release process #####
13:44:24 = hWnd = 0x000d0386; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:44:24 = hWnd = 0x00230478; ClassName:
dow.
x=0, y=0, width=1, height=1
13:44:24 = hWnd = 0x001003f0; ClassName:
x=0, y=0, width=0, height=0
13:44:24 = hWnd = 0x000e03e4; ClassName:
x=0, y=0, width=0, height=0
13:44:26 = begin close Process
13:44:26 = end close Process
13:44:26 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:31:48 = Process Attach

19:31:48 = end process attach
19:31:48 = ##### Begin waiting Mutex to release process #####

19:31:48 = * NULL == SampleProvider *

19:31:48 = hWnd = 0x00050694; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
19:31:48 = hWnd = 0x001206ac; ClassName:
dow.
x=0, y=0, width=1, height=1
19:31:48 = hWnd = 0x00060692; ClassName:
x=0, y=0, width=0, height=0
19:31:49 = hWnd = 0x00200688; ClassName:
x=0, y=0, width=0, height=0
19:31:51 = begin close Process
19:31:51 = end close Process
19:31:51 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:55:3 = Process Attach

19:55:3 = end process attach
19:55:3 = ##### Begin waiting Mutex to release process #####
19:55:3 = hWnd = 0x001606ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
19:55:3 = hWnd = 0x001e011e; ClassName:
ow.
x=0, y=0, width=1, height=1
19:55:3 = hWnd = 0x002b04aa; ClassName:
x=0, y=0, width=0, height=0
19:55:3 = hWnd = 0x000a0696; ClassName:
x=0, y=0, width=0, height=0
19:55:6 = begin close Process
19:55:6 = end close Process
19:55:6 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:55:15 = Process Attach

19:55:15 = end process attach
19:55:15 = ***** NULL == SampleProvider *****
19:55:15 = ##### Begin waiting Mutex to release process #####
19:55:15 = hWnd = 0x001f011e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
19:55:15 = hWnd = 0x000c0696; ClassName:
dow.
x=0, y=0, width=1, height=1
19:55:16 = hWnd = 0x000406a4; ClassName:
x=0, y=0, width=0, height=0
19:55:16 = hWnd = 0x0021010e; ClassName:
x=0, y=0, width=0, height=0
19:55:18 = begin close Process
19:55:18 = end close Process
19:55:18 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:25:51 = Process Attach

0:25:51 = end process attach
0:25:51 = ***** NULL == SampleProvider *****

0:25:51 = ##### Begin waiting Mutex to release process #####

0:25:51 = hWnd = 0x00040778; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:25:51 = hWnd = 0x002703b6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:25:52 = hWnd = 0x0006073c; ClassName:
x=0, y=0, width=0, height=0
0:25:52 = hWnd = 0x00040738; ClassName:
x=0, y=0, width=0, height=0
0:25:54 = begin close Process
0:25:54 = end close Process
0:25:54 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:33:55 = Process Attach

0:33:55 = end process attach
0:33:55 = ***** NULL == SampleProvider *****
0:33:55 = hWnd = 0x000b0422; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:33:55 = hWnd = 0x000905bc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:33:55 = hWnd = 0x002d0102; ClassName:
x=0, y=0, width=0, height=0
0:33:56 = hWnd = 0x000c034a; ClassName:
x=0, y=0, width=0, height=0
0:33:57 = begin close Process
0:33:57 = end close Process
0:33:57 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:42:2 = Process Attach

0:42:2 = end process attach
0:42:2 = ***** NULL == SampleProvider *****
0:42:2 = ##### Begin waiting Mutex to release process #####
0:42:2 = hWnd = 0x00100422; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:42:2 = hWnd = 0x000a0754; ClassName:
w.
x=0, y=0, width=1, height=1
0:42:2 = hWnd = 0x004003dc; ClassName:
x=0, y=0, width=0, height=0
0:42:3 = hWnd = 0x0011034a; ClassName:
x=0, y=0, width=0, height=0
0:42:4 = begin close Process
0:42:4 = end close Process
0:42:4 = DLL_PROCESS_DETACH
0:52:22 = Process Attach
0:52:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:22 = * NULL == SampleProvider *

0:52:22 = hWnd = 0x001b03ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:52:22 = hWnd = 0x001c0674; ClassName:
ow.
x=0, y=0, width=1, height=1
0:52:22 = hWnd = 0x00300102; ClassName:
x=0, y=0, width=0, height=0
0:52:22 = hWnd = 0x0029061c; ClassName:
x=0, y=0, width=0, height=0
0:52:23 = begin close Process
0:52:23 = end close Process
0:52:23 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:45 = Process Attach

1:33:45 = end process attach
1:33:45 = ***** NULL == SampleProvider *****
1:33:45 = ##### Begin waiting Mutex to release process #####
1:33:45 = hWnd = 0x00420116; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
1:33:45 = hWnd = 0x002706a8; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:45 = hWnd = 0x002a04d0; ClassName:
x=0, y=0, width=0, height=0
1:33:45 = hWnd = 0x001804a6; ClassName:
x=0, y=0, width=0, height=0
1:33:47 = begin close Process
1:33:47 = end close Process
1:33:47 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:21 = Process Attach

1:34:21 = end process attach
1:34:21 = ***** NULL == SampleProvider *****
1:34:21 = ##### Begin waiting Mutex to release process #####
1:34:21 = hWnd = 0x002806a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
1:34:21 = hWnd = 0x001a04a6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:21 = hWnd = 0x001404d2; ClassName:
x=0, y=0, width=0, height=0
1:34:21 = hWnd = 0x001f068e; ClassName:
x=0, y=0, width=0, height=0
1:34:22 = begin close Process
1:34:22 = end close Process
1:34:22 = DLL_PROCESS_DETACH
2:48:51 = Process Attach
2:48:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:48:51 = * NULL == SampleProvider *

2:48:51 = ##### Begin waiting Mutex to release process #####
2:48:51 = hWnd = 0x000c0770; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:48:51 = hWnd = 0x002c03de; ClassName:
ow.
x=0, y=0, width=1, height=1
2:48:51 = hWnd = 0x0003072c; ClassName:
x=0, y=0, width=0, height=0
2:48:51 = hWnd = 0x00030730; ClassName:
x=0, y=0, width=0, height=0
2:49:11 = Process Attach
2:49:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:49:11 = ##### Get event and release process #####

2:49:11 = begin close Process
2:49:11 = end close Process
2:49:11 = ##### Get event and release process end #####
2:49:11 = hWnd = 0x00a3008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:49:11 = hWnd = 0x014601f6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:49:11 = hWnd = 0x00940060; ClassName:
x=0, y=0, width=0, height=0
2:49:11 = hWnd = 0x0160008a; ClassName:
x=0, y=0, width=0, height=0
9:21:37 = Process Attach
9:21:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:37 = * NULL == SampleProvider *

9:21:37 = ##### Begin waiting Mutex to release process #####
9:21:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:21:38 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:21:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:21:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:21:42 = Need to re-create objects.
9:21:42 = s1.
9:21:42 = s2.
9:21:45 = Start show animate
9:21:45 = Shell Excutute VerifyHost
9:22:24 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:22:24 = Terminate Process

9:22:25 = end close Process
9:22:25 = DLL_PROCESS_DETACH
10:57:27 = Process Attach
10:57:27 = end process attach
10:57:27 = ***** NULL == SampleProvider *****
10:57:27 = ##### Begin waiting Mutex to release process #####
10:57:27 = hWnd = 0x000903c4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
10:57:27 = hWnd = 0x0006042e; ClassName:
dow.
x=0, y=0, width=1, height=1
10:57:27 = hWnd = 0x0005047a; ClassName:
x=0, y=0, width=0, height=0
10:57:27 = hWnd = 0x0005031e; ClassName:
x=0, y=0, width=0, height=0
10:57:29 = begin close Process
10:57:29 = end close Process
10:57:29 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:2:3 = Process Attach

19:2:3 = end process attach
19:2:3 = ***** NULL == SampleProvider *****
19:2:3 = ##### Begin waiting Mutex to release process #####
19:2:3 = hWnd = 0x001e05d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
19:2:3 = hWnd = 0x000a061e; ClassName:
w.
x=0, y=0, width=1, height=1
19:2:3 = hWnd = 0x003703b4; ClassName:
x=0, y=0, width=0, height=0
19:2:3 = hWnd = 0x002006dc; ClassName:
x=0, y=0, width=0, height=0
19:2:5 = begin close Process
19:2:5 = end close Process
19:2:5 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:36:50 = Process Attach

19:36:50 = end process attach
19:36:50 = ***** NULL == SampleProvider *****
19:36:50 = ##### Begin waiting Mutex to release process #####
19:36:50 = hWnd = 0x0008044a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
19:36:50 = hWnd = 0x002503fa; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:36:50 = hWnd = 0x002205d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

19:36:51 = hWnd = 0x0033040c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:36:52 = begin close Process
19:36:52 = end close Process
19:36:52 = DLL_PROCESS_DETACH
23:19:45 = Process Attach
23:19:45 = end process attach
23:19:45 = ***** NULL == SampleProvider *****
23:19:45 = ##### Begin waiting Mutex to release process #####
23:19:45 = hWnd = 0x0039044c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
23:19:45 = hWnd = 0x001e0704; ClassName:
dow.
x=0, y=0, width=1, height=1
23:19:45 = hWnd = 0x002406d4; ClassName:
x=0, y=0, width=0, height=0
23:19:46 = hWnd = 0x001006aa; ClassName:
x=0, y=0, width=0, height=0
23:19:47 = begin close Process
23:19:47 = end close Process
23:19:47 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:25:33 = Process Attach

0:25:33 = end process attach
0:25:33 = ***** NULL == SampleProvider *****
0:25:33 = ##### Begin waiting Mutex to release process #####
0:25:33 = hWnd = 0x000f0584; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:25:33 = hWnd = 0x004305c4; ClassName:
ow.
x=0, y=0, width=1, height=1
0:25:33 = hWnd = 0x003403fa; ClassName:
x=0, y=0, width=0, height=0
0:25:33 = hWnd = 0x0028071e; ClassName:
x=0, y=0, width=0, height=0
0:26:11 = Process Attach
0:26:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:26:11 = * NULL == SampleProvider *

0:26:11 = begin close Process
0:26:11 = end close Process
0:26:11 = ##### Get event and release process end #####
0:26:11 = hWnd = 0x00370058; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:26:11 = hWnd = 0x00b90068; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

0:26:11 =
x=0, y=0,
0:26:11 =
x=0, y=0,
9:41:30 =
9:41:30 =

hWnd = 0x01640036; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x01580086; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:41:30 = * NULL == SampleProvider *

9:41:30 = ##### Begin waiting Mutex to release process #####
9:41:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:41:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:41:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:41:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:41:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:36 = s1.
9:41:36 = s2.
9:41:40
9:41:40
9:42:16
9:42:16
9:42:18
9:42:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:20:57 = Process Attach

20:20:57 = end process attach
20:20:57 = ##### Begin waiting Mutex to release process #####
20:20:58 = hWnd = 0x001a0be4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
20:20:58 = hWnd = 0x00040b18; ClassName:
dow.
x=0, y=0, width=1, height=1
20:20:58 = hWnd = 0x00090b5e; ClassName:
x=0, y=0, width=0, height=0
20:20:58 = hWnd = 0x00050a50; ClassName:
x=0, y=0, width=0, height=0
20:20:59 = begin close Process
20:20:59 = end close Process
20:20:59 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:28:2 = Process Attach

20:28:2 = end process attach
20:28:2 = ##### Begin waiting Mutex to release process #####
20:28:2 = ***** NULL == SampleProvider *****

20:28:2 = hWnd = 0x000b0bc6; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
20:28:2 = hWnd = 0x00080b18; ClassName:
ow.
x=0, y=0, width=1, height=1
20:28:2 = hWnd = 0x000709cc; ClassName:
x=0, y=0, width=0, height=0
20:28:2 = hWnd = 0x000f0bdc; ClassName:
x=0, y=0, width=0, height=0
20:28:4 = begin close Process
20:28:4 = end close Process
20:28:4 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:42:12 = Process Attach

20:42:12 = end process attach
20:42:12 = ***** NULL == SampleProvider *****
20:42:12 = ##### Begin waiting Mutex to release process #####
20:42:12 = hWnd = 0x00130106; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
20:42:12 = hWnd = 0x001104c0; ClassName:
dow.
x=0, y=0, width=1, height=1
20:42:12 = hWnd = 0x001c06b2; ClassName:
x=0, y=0, width=0, height=0
20:42:12 = hWnd = 0x001506e4; ClassName:
x=0, y=0, width=0, height=0
20:42:14 = begin close Process
20:42:14 = end close Process
20:42:14 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:41:50 = Process Attach

23:41:50 = end process attach
23:41:50 = ##### Begin waiting Mutex to release process #####
23:41:50 = ***** NULL == SampleProvider *****
23:41:50 = hWnd = 0x00150388; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
23:41:50 = hWnd = 0x0031084a; ClassName:
dow.
x=0, y=0, width=1, height=1
23:41:50 = hWnd = 0x0010041e; ClassName:
x=0, y=0, width=0, height=0
23:41:50 = hWnd = 0x002506ce; ClassName:
x=0, y=0, width=0, height=0
23:41:53 = begin close Process
23:41:53 = end close Process
23:41:53 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:49:49 = Process Attach

23:49:49 = end process attach
23:49:49 = ***** NULL == SampleProvider *****

23:49:49 = hWnd = 0x000b030e; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
23:49:49 = hWnd = 0x001b05b8; ClassName:
dow.
x=0, y=0, width=1, height=1
23:49:50 = hWnd = 0x000708a0; ClassName:
x=0, y=0, width=0, height=0
23:49:50 = hWnd = 0x000603c0; ClassName:
x=0, y=0, width=0, height=0
23:49:51 = begin close Process
23:49:51 = end close Process
23:49:51 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:14:36 = Process Attach

0:14:36 = end process attach
0:14:36 = ***** NULL == SampleProvider *****
0:14:36 = ##### Begin waiting Mutex to release process #####
0:14:36 = hWnd = 0x0019041e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:14:36 = hWnd = 0x00030412; ClassName:
ow.
x=0, y=0, width=1, height=1
0:14:36 = hWnd = 0x0023011a; ClassName:
x=0, y=0, width=0, height=0
0:14:36 = hWnd = 0x003f067c; ClassName:
x=0, y=0, width=0, height=0
0:14:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:14:37 = s1.
0:14:37 = s2.
0:14:37
0:14:37
0:18:17
0:18:17
0:18:18
0:18:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:45:49 = Process Attach

0:45:49 = end process attach
0:45:49 = ***** NULL == SampleProvider *****
0:45:49 = hWnd = 0x002b0116; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:45:49 = hWnd = 0x00230512; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:49 = hWnd = 0x001705da; ClassName:
x=0, y=0, width=0, height=0
0:45:49 = hWnd = 0x001b04fc; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:46:16 = Process Attach

0:46:16 = ## ERR ## Setevent
0:46:16 = ##### Get event and release process #####
0:46:16 = ***** NULL == SampleProvider *****
0:46:16 = end close Process
0:46:16 = ##### Get event and release process end #####
0:46:16 = hWnd = 0x0286004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:46:16 = hWnd = 0x02d9017c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:46:16 = hWnd = 0x004e00f2; ClassName:
x=0, y=0, width=0, height=0
0:46:16 = hWnd = 0x0101005e; ClassName:
x=0, y=0, width=0, height=0
9:19:13 = Process Attach
9:19:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:13 = * NULL == SampleProvider *

9:19:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:19:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:19:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:19:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:19:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:17 = s1.
9:19:17 = s2.
9:19:21 = Start show animate
9:19:21 = Shell Excutute VerifyHost
9:19:59 = begin close Process
9:19:59 = Terminate Process
9:20:0 = end close Process
9:20:0 = DLL_PROCESS_DETACH
15:25:3 = Process Attach
15:25:3 = end process attach
15:25:3 = ***** NULL == SampleProvider *****
15:25:3 = ##### Begin waiting Mutex to release process #####
15:25:3 = hWnd = 0x000c0a4e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
15:25:3 = hWnd = 0x00370798; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
15:25:3 =
x=0, y=0,
15:25:3 =
x=0, y=0,
15:25:5 =
15:25:5 =
15:25:5 =

width=1, height=1
hWnd = 0x00240128; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00210812; ClassName: IME; Title: Default IME.
width=0, height=0
begin close Process
end close Process
DLL_PROCESS_DETACH

23:19:41 = Process Attach

23:19:41 = end process attach
23:19:41 = ***** NULL == SampleProvider *****
23:19:41 = hWnd = 0x0220144e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:19:41 = hWnd = 0x02e31434; ClassName:
dow.
x=0, y=0, width=1, height=1
23:19:41 = hWnd = 0x01790816; ClassName:
x=0, y=0, width=0, height=0
23:19:41 = hWnd = 0x04f0179e; ClassName:
x=0, y=0, width=0, height=0
23:20:29 = Process Attach
23:20:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:20:29 = ##### Get event and release process #####

23:20:29 = begin close Process
23:20:29 = end close Process
23:20:29 = ##### Get event and release process end #####
23:20:29 = hWnd = 0x009001f0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:20:29 = hWnd = 0x011e01ec; ClassName:
dow.
x=0, y=0, width=1, height=1
23:20:29 = hWnd = 0x007301e8; ClassName:
x=0, y=0, width=0, height=0
23:20:29 = hWnd = 0x00da0062; ClassName:
x=0, y=0, width=0, height=0
23:25:16 = Process Attach
23:25:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:25:16 = * NULL == SampleProvider *

23:25:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:25:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:25:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:25:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:25:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:25:21 = s1.
23:25:21 = s2.
23:25:25 = Start show animate
23:25:25 = Shell Excutute VerifyHost
23:26:3 = begin close Process
23:26:3 = Terminate Process
23:26:5 = end close Process
23:26:5 = DLL_PROCESS_DETACH
0:35:14 = Process Attach
0:35:14 = end process attach
0:35:14 = ***** NULL == SampleProvider *****
0:35:14 = ##### Begin waiting Mutex to release process #####
0:35:14 = hWnd = 0x000703b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:35:14 = hWnd = 0x00070424; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:14 = hWnd = 0x004004e0; ClassName:
x=0, y=0, width=0, height=0
0:35:14 = hWnd = 0x000703ca; ClassName:
x=0, y=0, width=0, height=0
0:35:20 = Process Attach
0:35:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:35:20 = ##### Get event and release process #####

0:35:20 = begin close Process
0:35:20 = end close Process
0:35:20 = ##### Get event and release process end #####
0:35:20 = ***** NULL == SampleProvider *****
0:35:20 = hWnd = 0x0025004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:35:20 = hWnd = 0x001b004a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:20 = hWnd = 0x000200f2; ClassName:
x=0, y=0, width=0, height=0
0:35:20 = hWnd = 0x0057002a; ClassName:
x=0, y=0, width=0, height=0
9:11:2 = Process Attach
9:11:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:2 = * NULL == SampleProvider *

9:11:2 = ##### Begin waiting Mutex to release process #####
9:11:2 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:11:3 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
9:11:3 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:11:3 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:11:8 = Need to re-create objects.
9:11:8 = s1.
9:11:8 = s2.
9:11:11
9:11:11
9:11:47
9:11:47
9:11:49
9:11:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:7:1 = Process Attach

1:7:1 = end process attach
1:7:1 = ***** NULL == SampleProvider *****
1:7:1 = ##### Begin waiting Mutex to release process #####
1:7:1 = hWnd = 0x00040644; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
1:7:1 = hWnd = 0x00040780; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:7:1 = hWnd = 0x000f0b44; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:7:52 = Process Attach
1:7:52 = ## ERR ## Setevent
1:7:52 = ##### Get event and release process #####
1:7:52 = begin close Process
1:7:52 = end close Process
1:7:52 = ##### Get event and release process end #####
1:7:52 = hWnd = 0x019600e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:7:52 = hWnd = 0x00f60086; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:52 = hWnd = 0x00140092; ClassName:
x=0, y=0, width=0, height=0
1:7:52 = hWnd = 0x016e00ec; ClassName:
x=0, y=0, width=0, height=0
10:23:27 = Process Attach
10:23:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:23:27 = * NULL == SampleProvider *

10:23:27 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

10:23:28 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:23:28 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:23:28 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:23:33 = Need to re-create objects.
10:23:33 = s1.
10:23:33 = s2.
10:23:37
10:23:37
10:24:14
10:24:14
10:24:15
10:24:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:30:51 = Process Attach

22:30:51 = end process attach
22:30:51 = ***** NULL == SampleProvider *****
22:30:51 = ##### Begin waiting Mutex to release process #####
22:30:51 = hWnd = 0x000d06b4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
22:30:51 = hWnd = 0x001b0586; ClassName:
dow.
x=0, y=0, width=1, height=1
22:30:51 = hWnd = 0x0018055a; ClassName:
x=0, y=0, width=0, height=0
22:30:51 = hWnd = 0x001d0686; ClassName:
x=0, y=0, width=0, height=0
22:30:52 = begin close Process
22:30:52 = end close Process
22:30:52 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:35:42 = Process Attach

22:35:42 = end process attach
22:35:42 = ##### Begin waiting Mutex to release process #####
22:35:42 = hWnd = 0x00110102; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
22:35:42 = hWnd = 0x001f04e4; ClassName:
dow.
x=0, y=0, width=1, height=1
22:35:42 = hWnd = 0x000403ce; ClassName:
x=0, y=0, width=0, height=0
22:35:42 = hWnd = 0x001106b4; ClassName:
x=0, y=0, width=0, height=0
22:35:44 = begin close Process
22:35:44 = end close Process
22:35:44 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:41:19 = Process Attach

22:41:19 = end process attach
22:41:19 = ***** NULL == SampleProvider *****
22:41:19 = hWnd = 0x00140102; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
22:41:19 = hWnd = 0x00180496; ClassName:
dow.
x=0, y=0, width=1, height=1
22:41:19 = hWnd = 0x000c05e8; ClassName:
x=0, y=0, width=0, height=0
22:41:19 = hWnd = 0x000a0050; ClassName:
x=0, y=0, width=0, height=0
22:41:20 = begin close Process
22:41:20 = end close Process
22:41:20 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:52:59 = Process Attach

22:52:59 = end process attach
22:52:59 = ***** NULL == SampleProvider *****
22:52:59 = ##### Begin waiting Mutex to release process #####
22:52:59 = hWnd = 0x000a051a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
22:52:59 = hWnd = 0x000905a8; ClassName:
dow.
x=0, y=0, width=1, height=1
22:52:59 = hWnd = 0x000a05b6; ClassName:
x=0, y=0, width=0, height=0
22:52:59 = hWnd = 0x000e0582; ClassName:
x=0, y=0, width=0, height=0
22:53:0 = begin close Process
22:53:0 = end close Process
22:53:0 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:21:5 = Process Attach

0:21:5 = end process attach
0:21:5 = ##### Begin waiting Mutex to release process #####
0:21:5 = hWnd = 0x00030b26; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
0:21:5 = hWnd = 0x0004183a; ClassName:
w.
x=0, y=0, width=1, height=1
0:21:5 = hWnd = 0x000c050a; ClassName:
x=0, y=0, width=0, height=0
0:21:5 = hWnd = 0x0003183c; ClassName:
x=0, y=0, width=0, height=0
0:21:7 = begin close Process
0:21:7 = end close Process
0:21:7 = DLL_PROCESS_DETACH
1:43:48 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:43:48 = end process attach

1:43:48 = ***** NULL == SampleProvider *****
1:43:48 = hWnd = 0x00030b24; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:43:48 = hWnd = 0x00030b2c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:43:48 = hWnd = 0x00030afa; ClassName:
x=0, y=0, width=0, height=0
1:43:48 = hWnd = 0x00030af8; ClassName:
x=0, y=0, width=0, height=0
1:44:27 = Process Attach
1:44:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:44:27 = ##### Get event and release process #####

1:44:27 = begin close Process
1:44:27 = hWnd = 0x018801f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:44:27 = hWnd = 0x00dc01f4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:44:27 = hWnd = 0x00670056; ClassName:
x=0, y=0, width=0, height=0
1:44:27 = hWnd = 0x005c01bc; ClassName:
x=0, y=0, width=0, height=0
10:19:54 = Process Attach
10:19:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:55 = * NULL == SampleProvider *

10:19:55 = ##### Begin waiting Mutex to release process #####
10:19:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:19:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:19:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:19:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:20:1 = Need to re-create objects.
10:20:1 = s1.
10:20:1 = s2.
10:20:6 = Start show animate
10:20:6 = Shell Excutute VerifyHost
10:20:44 = begin close Process
10:20:44 = Terminate Process
10:20:45 = end close Process
10:20:45 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:59:4 = Process Attach

1:59:4 = end process attach
1:59:4 = ***** NULL == SampleProvider *****
1:59:4 = ##### Begin waiting Mutex to release process #####
1:59:4 = hWnd = 0x00060588; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:59:4 = hWnd = 0x000405bc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:59:4 = hWnd = 0x00080afe; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:59:43 = Process Attach
1:59:43 = ## ERR ## Setevent
1:59:43 = ##### Get event and release process #####
1:59:43 = begin close Process
1:59:43 = end close Process
1:59:43 = ##### Get event and release process end #####
1:59:43 = hWnd = 0x015e01cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:59:43 = hWnd = 0x01760074; ClassName:
ow.
x=0, y=0, width=1, height=1
1:59:43 = hWnd = 0x004e01e4; ClassName:
x=0, y=0, width=0, height=0
1:59:43 = hWnd = 0x001601d2; ClassName:
x=0, y=0, width=0, height=0
9:32:29 = Process Attach
9:32:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:32:30 = * NULL == SampleProvider *

9:32:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:32:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:32:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:32:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:32:35 = Need to re-create objects.
9:32:35 = s1.
9:32:35 = s2.
9:32:40
9:32:40
9:33:16
9:33:16
9:33:17
9:33:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:32:4 = Process Attach

3:32:4 = end process attach
3:32:4 = ***** NULL == SampleProvider *****
3:32:4 = hWnd = 0x000c0594; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:32:4 = hWnd = 0x000a0650; ClassName:
w.
x=0, y=0, width=1, height=1
3:32:4 = hWnd = 0x0019059e; ClassName:
x=0, y=0, width=0, height=0
3:32:4 = hWnd = 0x0047066c; ClassName:
x=0, y=0, width=0, height=0
3:32:46 = Process Attach
3:32:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:32:46 = ##### Get event and release process #####

3:32:46 = begin close Process
3:32:46 = end close Process
3:32:46 = ##### Get event and release process end #####
3:32:46 = hWnd = 0x00bb01da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:32:46 = hWnd = 0x01c00088; ClassName:
ow.
x=0, y=0, width=1, height=1
3:32:46 = hWnd = 0x011f0154; ClassName:
x=0, y=0, width=0, height=0
3:32:46 = hWnd = 0x010501ec; ClassName:
x=0, y=0, width=0, height=0
11:25:8 = Process Attach
11:25:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:25:8 = * NULL == SampleProvider *

11:25:8 = ##### Begin waiting Mutex to release process #####
11:25:8 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:25:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
11:25:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:25:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:25:12 = Need to re-create objects.
11:25:12 = s1.
11:25:12 = s2.
11:25:15 = Start show animate
11:25:15 = Shell Excutute VerifyHost

11:25:54
11:25:54
11:25:55
11:25:55

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

0:46:52 = Process Attach

0:46:52 = end process attach
0:46:52 = ***** NULL == SampleProvider *****
0:46:52 = hWnd = 0x0003055e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:46:52 = hWnd = 0x0003056c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:46:52 = hWnd = 0x000c0424; ClassName:
x=0, y=0, width=0, height=0
0:46:52 = hWnd = 0x00040566; ClassName:
x=0, y=0, width=0, height=0
0:47:43 = Process Attach
0:47:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:47:43 = * NULL == SampleProvider *

0:47:43 = begin close Process
0:47:43 = end close Process
0:47:43 = ##### Get event and release process end #####
0:47:43 = hWnd = 0x0049009a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:47:43 = hWnd = 0x007d0150; ClassName:
ow.
x=0, y=0, width=1, height=1
0:47:43 = hWnd = 0x00a501f4; ClassName:
x=0, y=0, width=0, height=0
0:47:43 = hWnd = 0x003e014c; ClassName:
x=0, y=0, width=0, height=0
11:11:46 = Process Attach
11:11:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:46 = * NULL == SampleProvider *

11:11:46 = ##### Begin waiting Mutex to release process #####
11:11:46 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:11:47 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:11:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:11:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:11:49 = Need to re-create objects.
11:11:49 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:49 = s2.
11:11:53
11:11:53
11:12:31
11:12:31
11:12:32
11:12:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:16:16 = Process Attach

16:16:16 = end process attach
16:16:16 = ##### Begin waiting Mutex to release process #####
16:16:16 = hWnd = 0x00030aec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:16:16 = hWnd = 0x00060af6; ClassName:
dow.
x=0, y=0, width=1, height=1
16:16:16 = hWnd = 0x001906c8; ClassName:
x=0, y=0, width=0, height=0
16:16:16 = hWnd = 0x000c0122; ClassName:
x=0, y=0, width=0, height=0
16:16:19 = begin close Process
16:16:19 = end close Process
16:16:19 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:16:27 = Process Attach

16:16:27 = end process attach
16:16:27 = ***** NULL == SampleProvider *****
16:16:27 = ##### Begin waiting Mutex to release process #####
16:16:27 = hWnd = 0x00110026; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:16:27 = hWnd = 0x000e0122; ClassName:
dow.
x=0, y=0, width=1, height=1
16:16:27 = hWnd = 0x000a06a6; ClassName:
x=0, y=0, width=0, height=0
16:16:27 = hWnd = 0x00080af6; ClassName:
x=0, y=0, width=0, height=0
16:16:28 = begin close Process
16:16:28 = end close Process
16:16:28 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:16:45 = Process Attach

16:16:45 = end process attach
16:16:45 = ***** NULL == SampleProvider *****
16:16:45 = ##### Begin waiting Mutex to release process #####
16:16:45 = hWnd = 0x00020686; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:16:45 = hWnd = 0x00020aae; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
16:16:45 = hWnd = 0x00020680; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:16:45 = hWnd = 0x0002074c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:16:46 = begin close Process
16:16:46 = end close Process
16:16:46 = DLL_PROCESS_DETACH
16:54:43 = Process Attach
16:54:43 = end process attach
16:54:43 = ***** NULL == SampleProvider *****
16:54:43 = ##### Begin waiting Mutex to release process #####
16:54:43 = hWnd = 0x002b0bfe; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:54:43 = hWnd = 0x005e06ca; ClassName:
dow.
x=0, y=0, width=1, height=1
16:54:43 = hWnd = 0x000a0120; ClassName:
x=0, y=0, width=0, height=0
16:54:43 = hWnd = 0x001005e2; ClassName:
x=0, y=0, width=0, height=0
16:54:45 = begin close Process
16:54:45 = end close Process
16:54:45 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:22:3 = Process Attach

17:22:3 = end process attach
17:22:3 = ***** NULL == SampleProvider *****
17:22:3 = ##### Begin waiting Mutex to release process #####
17:22:3 = hWnd = 0x00190776; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:22:3 = hWnd = 0x005e0814; ClassName:
ow.
x=0, y=0, width=1, height=1
17:22:4 = hWnd = 0x003004b0; ClassName:
x=0, y=0, width=0, height=0
17:22:4 = hWnd = 0x00290b54; ClassName:
x=0, y=0, width=0, height=0
17:22:5 = begin close Process
17:22:5 = end close Process
17:22:5 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:24:32 = Process Attach

17:24:32 = end process attach
17:24:32 = ***** NULL == SampleProvider *****
17:24:32 = ##### Begin waiting Mutex to release process #####
17:24:32 = hWnd = 0x00530832; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
17:24:32 = hWnd = 0x00310aa6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
17:24:32 = hWnd = 0x00220b98; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:24:32 = hWnd = 0x002c0c3c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:24:34 = begin close Process
17:24:34 = end close Process
17:24:34 = DLL_PROCESS_DETACH
17:59:22 = Process Attach
17:59:22 = end process attach
17:59:22 = ***** NULL == SampleProvider *****
17:59:22 = ##### Begin waiting Mutex to release process #####
17:59:22 = hWnd = 0x00060538; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:59:22 = hWnd = 0x00040578; ClassName:
dow.
x=0, y=0, width=1, height=1
17:59:22 = hWnd = 0x00350790; ClassName:
x=0, y=0, width=0, height=0
17:59:22 = hWnd = 0x0003057a; ClassName:
x=0, y=0, width=0, height=0
17:59:38 = Process Attach
17:59:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:59:38 = ##### Get event and release process #####

17:59:38 = ***** NULL == SampleProvider *****
17:59:38 = end close Process
17:59:38 = ##### Get event and release process end #####
17:59:38 = hWnd = 0x005901fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:59:38 = hWnd = 0x01dd002e; ClassName:
dow.
x=0, y=0, width=1, height=1
17:59:38 = hWnd = 0x0033003a; ClassName:
x=0, y=0, width=0, height=0
17:59:38 = hWnd = 0x017a00a6; ClassName:
x=0, y=0, width=0, height=0
18:3:18 = Process Attach
18:3:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:3:18 = * NULL == SampleProvider *

18:3:18 = ##### Begin waiting Mutex to release process #####
18:3:19 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

18:3:19 =
ow.
x=0, y=0,
18:3:19 =
x=0, y=0,
18:3:19 =
x=0, y=0,
18:3:23 =

18:3:23 = s1.
18:3:23 = s2.
18:3:27 = Start show animate
18:3:27 = Shell Excutute VerifyHost
18:4:7 = begin close Process
18:4:7 = Terminate Process
18:4:8 = end close Process
18:4:8 = DLL_PROCESS_DETACH
18:8:2 = Process Attach
18:8:2 = end process attach
18:8:2 = ***** NULL == SampleProvider *****
18:8:2 = ##### Begin waiting Mutex to release process #####
18:8:2 = hWnd = 0x00030528; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:8:2 = hWnd = 0x00020520; ClassName:
w.
x=0, y=0, width=1, height=1
18:8:2 = hWnd = 0x00030526; ClassName:
x=0, y=0, width=0, height=0
18:8:2 = hWnd = 0x0002052a; ClassName:
x=0, y=0, width=0, height=0
18:8:4 = begin close Process
18:8:4 = end close Process
18:8:4 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:10:7 = Process Attach

18:10:7 = end process attach
18:10:7 = ##### Begin waiting Mutex to release process #####
18:10:7 = ***** NULL == SampleProvider *****
18:10:7 = hWnd = 0x000404f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:10:7 = hWnd = 0x000404f6; ClassName:
ow.
x=0, y=0, width=1, height=1
18:10:7 = hWnd = 0x00040500; ClassName:
x=0, y=0, width=0, height=0
18:10:7 = hWnd = 0x000504ac; ClassName:
x=0, y=0, width=0, height=0
18:10:9 = begin close Process
18:10:9 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:10:9 = DLL_PROCESS_DETACH
18:53:51 = Process Attach
18:53:51 = end process attach
18:53:51 = ***** NULL == SampleProvider *****
18:53:51 = ##### Begin waiting Mutex to release process #####
18:53:51 = hWnd = 0x000d034e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:53:51 = hWnd = 0x001204b2; ClassName:
dow.
x=0, y=0, width=1, height=1
18:53:51 = hWnd = 0x0014048c; ClassName:
x=0, y=0, width=0, height=0
18:53:51 = hWnd = 0x000504be; ClassName:
x=0, y=0, width=0, height=0
18:54:7 = Process Attach
18:54:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:7 = ##### Get event and release process #####

18:54:7 = begin close Process
18:54:7 = end close Process
18:54:7 = ***** NULL == SampleProvider *****
18:54:7 = hWnd = 0x00080056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:54:7 = hWnd = 0x002e00f0; ClassName:
ow.
x=0, y=0, width=1, height=1
18:54:7 = hWnd = 0x00040198; ClassName:
x=0, y=0, width=0, height=0
18:54:7 = hWnd = 0x002f01f4; ClassName:
x=0, y=0, width=0, height=0
18:55:51 = Process Attach
18:55:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:55:51 = * NULL == SampleProvider *

18:55:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:55:52 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:55:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:55:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:55:56 = Need to re-create objects.
18:55:56 = s1.
18:55:56 = s2.
18:56:1 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:56:1 = Shell Excutute VerifyHost

18:56:38 = begin close Process
18:56:38 = Terminate Process
18:56:39 = end close Process
18:56:39 = DLL_PROCESS_DETACH
20:16:41 = Process Attach
20:16:41 = end process attach
20:16:41 = ***** NULL == SampleProvider *****
20:16:41 = hWnd = 0x000404d2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:16:41 = hWnd = 0x000504dc; ClassName:
dow.
x=0, y=0, width=1, height=1
20:16:41 = hWnd = 0x000304fe; ClassName:
x=0, y=0, width=0, height=0
20:16:41 = hWnd = 0x000504d0; ClassName:
x=0, y=0, width=0, height=0
20:16:49 = Process Attach
20:16:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:16:49 = * NULL == SampleProvider *

20:16:49 = ##### Get event and release process #####
20:16:49 = begin close Process
20:16:49 = end close Process
20:16:49 = ##### Get event and release process end #####
20:16:49 = hWnd = 0x000f0150; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:16:49 = hWnd = 0x004601ba; ClassName:
dow.
x=0, y=0, width=1, height=1
20:16:49 = hWnd = 0x000300a6; ClassName:
x=0, y=0, width=0, height=0
20:16:49 = hWnd = 0x00780054; ClassName:
x=0, y=0, width=0, height=0
20:20:18 = Process Attach
20:20:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:20:18 = * NULL == SampleProvider *

20:20:18 = ##### Begin waiting Mutex to release process #####
20:20:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:20:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:20:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:20:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:20:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:20:22 = s1.
20:20:22 = s2.
20:20:26 = Start show animate
20:20:26 = Shell Excutute VerifyHost
20:21:6 = begin close Process
20:21:6 = Terminate Process
20:21:7 = end close Process
20:21:7 = DLL_PROCESS_DETACH
23:52:23 = Process Attach
23:52:23 = end process attach
23:52:23 = ##### Begin waiting Mutex to release process #####
23:52:23 = hWnd = 0x00070558; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
23:52:23 = hWnd = 0x00080580; ClassName:
dow.
x=0, y=0, width=1, height=1
23:52:23 = hWnd = 0x0007058e; ClassName:
x=0, y=0, width=0, height=0
23:52:23 = hWnd = 0x0007058a; ClassName:
x=0, y=0, width=0, height=0
23:52:24 = begin close Process
23:52:24 = end close Process
23:52:24 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:38:22 = Process Attach

1:38:22 = end process attach
1:38:22 = ***** NULL == SampleProvider *****
1:38:22 = ##### Begin waiting Mutex to release process #####
1:38:22 = hWnd = 0x000402fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:38:22 = hWnd = 0x000b0086; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:22 = hWnd = 0x003700d6; ClassName:
x=0, y=0, width=0, height=0
1:38:23 = hWnd = 0x00060152; ClassName:
x=0, y=0, width=0, height=0
1:38:23 = Need to re-create objects.
1:38:23 = s1.
1:38:23 = s2.
1:38:23
1:38:23
1:42:35
1:42:35
1:42:36
1:42:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:15 = Process Attach

2:10:15 = end process attach
2:10:15 = ***** NULL == SampleProvider *****
2:10:15 = ##### Begin waiting Mutex to release process #####
2:10:15 = hWnd = 0x00280654; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:10:15 = hWnd = 0x0045067a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:15 = hWnd = 0x000a0412; ClassName:
x=0, y=0, width=0, height=0
2:10:15 = hWnd = 0x0007030e; ClassName:
x=0, y=0, width=0, height=0
2:10:25 = Process Attach
2:10:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:10:25 = ##### Get event and release process #####

2:10:25 = ***** NULL == SampleProvider *****
2:10:25 = end close Process
2:10:25 = ##### Get event and release process end #####
2:10:25 = hWnd = 0x010301b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:10:25 = hWnd = 0x006f004e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:25 = hWnd = 0x00030088; ClassName:
x=0, y=0, width=0, height=0
2:10:25 = hWnd = 0x00820096; ClassName:
x=0, y=0, width=0, height=0
8:30:38 = Process Attach
8:30:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:30:38 = * NULL == SampleProvider *

8:30:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:30:39 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:30:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:30:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:30:42 = Need to re-create objects.
8:30:42 = s1.
8:30:42 = s2.
8:30:46 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:30:46
8:31:23
8:31:23
8:31:24
8:31:24

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:23:26 = Process Attach

21:23:26 = end process attach
21:23:26 = ***** NULL == SampleProvider *****
21:23:26 = ##### Begin waiting Mutex to release process #####
21:23:26 = hWnd = 0x00120422; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:23:26 = hWnd = 0x00610498; ClassName:
dow.
x=0, y=0, width=1, height=1
21:23:26 = hWnd = 0x00040406; ClassName:
x=0, y=0, width=0, height=0
21:23:26 = hWnd = 0x002003f6; ClassName:
x=0, y=0, width=0, height=0
21:23:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:23:27 = s1.
21:23:27 = s2.
21:23:27
21:23:27
21:46:58
21:46:58
21:46:59
21:46:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:7:5 = Process Attach

3:7:5 = end process attach
3:7:5 = ***** NULL == SampleProvider *****
3:7:5 = hWnd = 0x00050576; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:7:5 = hWnd = 0x00340352; ClassName:
.
x=0, y=0, width=1, height=1
3:7:5 = hWnd = 0x000306d2; ClassName:
x=0, y=0, width=0, height=0
3:7:5 = hWnd = 0x0007059e; ClassName:
x=0, y=0, width=0, height=0
3:7:26 = Process Attach
3:7:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:7:26 = * NULL == SampleProvider *

3:7:26 = begin close Process
3:7:26 = end close Process
3:7:26 = ##### Get event and release process end #####

3:7:26 = hWnd = 0x012b00d0; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:7:26 = hWnd = 0x00a10036; ClassName:
w.
x=0, y=0, width=1, height=1
3:7:26 = hWnd = 0x005b01fe; ClassName:
x=0, y=0, width=0, height=0
3:7:26 = hWnd = 0x00db0206; ClassName:
x=0, y=0, width=0, height=0
8:33:0 = Process Attach
8:33:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:33:0 = * NULL == SampleProvider *

8:33:0 = ##### Begin waiting Mutex to release process #####
8:33:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:33:0 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:33:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:33:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:33:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:33:4 = s1.
8:33:4 = s2.
8:33:7 = Start show animate
8:33:7 = Shell Excutute VerifyHost
8:33:45 = begin close Process
8:33:45 = Terminate Process
8:33:46 = end close Process
8:33:46 = DLL_PROCESS_DETACH
12:27:5 = Process Attach
12:27:5 = end process attach
12:27:5 = ***** NULL == SampleProvider *****
12:27:5 = ##### Begin waiting Mutex to release process #####
12:27:5 = hWnd = 0x00080938; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
12:27:5 = hWnd = 0x00080868; ClassName:
ow.
x=0, y=0, width=1, height=1
12:27:5 = hWnd = 0x00020932; ClassName:
x=0, y=0, width=0, height=0
12:27:5 = hWnd = 0x00030944; ClassName:
x=0, y=0, width=0, height=0
12:27:7 = begin close Process
12:27:7 = end close Process
12:27:7 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:37:12 = Process Attach

12:37:12 = end process attach
12:37:12 = ***** NULL == SampleProvider *****
12:37:12 = hWnd = 0x0012063c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
12:37:12 = hWnd = 0x0003070c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:37:12 = hWnd = 0x001c0108; ClassName:
x=0, y=0, width=0, height=0
12:37:12 = hWnd = 0x000e05e0; ClassName:
x=0, y=0, width=0, height=0
12:37:14 = begin close Process
12:37:14 = end close Process
12:37:14 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:25:38 = Process Attach

13:25:38 = end process attach
13:25:38 = ##### Begin waiting Mutex to release process #####
13:25:38 = hWnd = 0x001c0608; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
13:25:38 = hWnd = 0x000e08b2; ClassName:
dow.
x=0, y=0, width=1, height=1
13:25:38 = hWnd = 0x002200ee; ClassName:
x=0, y=0, width=0, height=0
13:25:38 = hWnd = 0x001b05f0; ClassName:
x=0, y=0, width=0, height=0
13:25:40 = begin close Process
13:25:40 = end close Process
13:25:40 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:56:53 = Process Attach

15:56:53 = end process attach
15:56:53 = ***** NULL == SampleProvider *****
15:56:53 = ##### Begin waiting Mutex to release process #####
15:56:53 = hWnd = 0x00070318; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:56:53 = hWnd = 0x000803aa; ClassName:
dow.
x=0, y=0, width=1, height=1
15:56:53 = hWnd = 0x000804b6; ClassName:
x=0, y=0, width=0, height=0
15:56:53 = hWnd = 0x000703f2; ClassName:
x=0, y=0, width=0, height=0
15:57:26 = Process Attach
15:57:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:57:26 = * NULL == SampleProvider *

15:57:26 = begin close Process

15:57:26 = end close Process
15:57:26 = ##### Get event and release process end #####
15:57:26 = hWnd = 0x00640162; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:57:26 = hWnd = 0x0038002a; ClassName:
dow.
x=0, y=0, width=1, height=1
15:57:26 = hWnd = 0x00d70156; ClassName:
x=0, y=0, width=0, height=0
15:57:26 = hWnd = 0x015f019a; ClassName:
x=0, y=0, width=0, height=0
17:19:30 = Process Attach
17:19:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:19:30 = * NULL == SampleProvider *

17:19:30 = ##### Begin waiting Mutex to release process #####
17:19:30 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
17:19:31 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:19:31 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:19:33 = Need to re-create objects.
17:19:33 = s1.
17:19:33 = s2.
17:19:35
17:19:35
17:20:13
17:20:13
17:20:14
17:20:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:32:55 = Process Attach

0:32:55 = end process attach
0:32:55 = ##### Begin waiting Mutex to release process #####
0:32:55 = hWnd = 0x001704ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:32:55 = hWnd = 0x001003e4; ClassName:
ow.
x=0, y=0, width=1, height=1
0:32:55 = hWnd = 0x003c06fa; ClassName:
x=0, y=0, width=0, height=0
0:32:55 = hWnd = 0x00060688; ClassName:
x=0, y=0, width=0, height=0
0:32:55 = Need to re-create objects.
0:32:55 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:32:55 = s2.
0:32:56
0:32:56
0:33:10
0:33:10
0:33:11
0:33:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:2:37 = Process Attach

1:2:37 = end process attach
1:2:37 = ***** NULL == SampleProvider *****
1:2:37 = ##### Begin waiting Mutex to release process #####
1:2:37 = hWnd = 0x000904b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:2:37 = hWnd = 0x001b04b2; ClassName:
w.
x=0, y=0, width=1, height=1
1:2:37 = hWnd = 0x000f041c; ClassName:
x=0, y=0, width=0, height=0
1:2:37 = hWnd = 0x001f030a; ClassName:
x=0, y=0, width=0, height=0
1:2:55 = Process Attach
1:2:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:2:55 = ##### Get event and release process #####

1:2:55 = begin close Process
1:2:55 = ***** NULL == SampleProvider *****
1:2:55 = ##### Get event and release process end #####
1:2:55 = hWnd = 0x015901e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:2:55 = hWnd = 0x004900a0; ClassName:
w.
x=0, y=0, width=1, height=1
1:2:55 = hWnd = 0x00040052; ClassName:
x=0, y=0, width=0, height=0
1:2:55 = hWnd = 0x00b801e0; ClassName:
x=0, y=0, width=0, height=0
10:22:12 = Process Attach
10:22:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:22:12 = * NULL == SampleProvider *

10:22:12 = ##### Begin waiting Mutex to release process #####
10:22:12 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:22:13 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

10:22:14 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
10:22:14 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:22:18 = Need to re-create objects.
10:22:18 = s1.
10:22:18 = s2.
10:22:21 = Start show animate
10:22:21 = Shell Excutute VerifyHost
10:22:59 = begin close Process
10:22:59 = Terminate Process
10:23:0 = end close Process
10:23:0 = DLL_PROCESS_DETACH
18:48:19 = Process Attach
18:48:19 = end process attach
18:48:19 = ***** NULL == SampleProvider *****
18:48:19 = hWnd = 0x001904b2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:48:19 = hWnd = 0x0008056a; ClassName:
dow.
x=0, y=0, width=1, height=1
18:48:19 = hWnd = 0x001003d6; ClassName:
x=0, y=0, width=0, height=0
18:48:19 = hWnd = 0x00070558; ClassName:
x=0, y=0, width=0, height=0
18:48:35 = Process Attach
18:48:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:48:35 = * NULL == SampleProvider *

18:48:35 = begin close Process
18:48:35 = end close Process
18:48:35 = ##### Get event and release process end #####
18:48:35 = hWnd = 0x005701e0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:48:35 = hWnd = 0x001e01e2; ClassName:
dow.
x=0, y=0, width=1, height=1
18:48:35 = hWnd = 0x00180088; ClassName:
x=0, y=0, width=0, height=0
18:48:35 = hWnd = 0x00640038; ClassName:
x=0, y=0, width=0, height=0
18:52:8 = Process Attach
18:52:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:52:9 = * NULL == SampleProvider *

18:52:9 = ##### Begin waiting Mutex to release process #####
18:52:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

18:52:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:52:9 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:52:9 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:52:12 = Need to re-create objects.
18:52:12 = s1.
18:52:12 = s2.
18:52:15
18:52:15
18:52:53
18:52:53
18:52:54
18:52:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:26:22 = Process Attach

1:26:22 = end process attach
1:26:22 = ***** NULL == SampleProvider *****
1:26:22 = hWnd = 0x000e03f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:26:22 = hWnd = 0x001c04ce; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:22 = hWnd = 0x000703e6; ClassName:
x=0, y=0, width=0, height=0
1:26:22 = hWnd = 0x00280536; ClassName:
x=0, y=0, width=0, height=0
1:26:41 = Process Attach
1:26:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:26:41 = * NULL == SampleProvider *

1:26:41 = end close Process
1:26:41 = ##### Get event and release process end #####
1:26:41 = hWnd = 0x00830088; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:26:41 = hWnd = 0x00a40060; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:41 = hWnd = 0x000301a8; ClassName:
x=0, y=0, width=0, height=0
1:26:41 = hWnd = 0x007900c4; ClassName:
x=0, y=0, width=0, height=0
11:6:53 = Process Attach
11:6:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:53 = * NULL == SampleProvider *

11:6:53 = ##### Begin waiting Mutex to release process #####

11:6:53 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:6:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:6:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:6:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:6:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:59 = s1.
11:6:59 = s2.
11:7:2 = Start show animate
11:7:2 = Shell Excutute VerifyHost
11:7:39 = begin close Process
11:7:39 = Terminate Process
11:7:40 = end close Process
11:7:40 = DLL_PROCESS_DETACH
1:27:26 = Process Attach
1:27:26 = end process attach
1:27:26 = ***** NULL == SampleProvider *****
1:27:26 = hWnd = 0x000306e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:27:26 = hWnd = 0x002b0b28; ClassName:
ow.
x=0, y=0, width=1, height=1
1:27:26 = hWnd = 0x00120488; ClassName:
x=0, y=0, width=0, height=0
1:27:26 = hWnd = 0x00030c02; ClassName:
x=0, y=0, width=0, height=0
1:27:59 = Process Attach
1:27:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:27:59 = ##### Get event and release process #####

1:27:59 = begin close Process
1:27:59 = end close Process
1:27:59 = ##### Get event and release process end #####
1:27:59 = hWnd = 0x0117012a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:27:59 = hWnd = 0x01250088; ClassName:
ow.
x=0, y=0, width=1, height=1
1:27:59 = hWnd = 0x00a601ba; ClassName:
x=0, y=0, width=0, height=0
1:27:59 = hWnd = 0x007501b8; ClassName:
x=0, y=0, width=0, height=0
9:58:1 = Process Attach
9:58:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:58:1 = * NULL == SampleProvider *

9:58:1 = ##### Begin waiting Mutex to release process #####
9:58:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:58:2 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:58:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:58:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:58:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:58:5 = s1.
9:58:5 = s2.
9:58:10
9:58:10
9:58:47
9:58:47
9:58:48
9:58:48

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:47:56 = Process Attach

18:47:56 = end process attach
18:47:56 = ***** NULL == SampleProvider *****
18:47:56 = ##### Begin waiting Mutex to release process #####
18:47:56 = hWnd = 0x000903da; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
18:47:56 = hWnd = 0x000b05fc; ClassName:
dow.
x=0, y=0, width=1, height=1
18:47:56 = hWnd = 0x000d05d6; ClassName:
x=0, y=0, width=0, height=0
18:47:56 = hWnd = 0x000403d0; ClassName:
x=0, y=0, width=0, height=0
18:47:57 = Need to re-create objects.
18:47:57 = s1.
18:47:57 = s2.
18:47:58
18:47:58
18:53:13
18:53:13
18:53:14
18:53:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:54:47 = Process Attach

18:54:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:47 = ##### Begin waiting Mutex to release process #####

18:54:47 = hWnd = 0x001205f8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
18:54:47 = hWnd = 0x001d0614; ClassName:
dow.
x=0, y=0, width=1, height=1
18:54:47 = hWnd = 0x000e05fa; ClassName:
x=0, y=0, width=0, height=0
18:54:47 = hWnd = 0x0039073a; ClassName:
x=0, y=0, width=0, height=0
18:54:49 = begin close Process
18:54:49 = end close Process
18:54:49 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:55:22 = Process Attach

18:55:22 = end process attach
18:55:22 = ***** NULL == SampleProvider *****
18:55:22 = ##### Begin waiting Mutex to release process #####
18:55:22 = hWnd = 0x003b073a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1280, height=720
18:55:22 = hWnd = 0x00210614; ClassName:
dow.
x=0, y=0, width=1, height=1
18:55:23 = hWnd = 0x000406aa; ClassName:
x=0, y=0, width=0, height=0
18:55:23 = hWnd = 0x001105fa; ClassName:
x=0, y=0, width=0, height=0
18:55:24 = begin close Process
18:55:24 = end close Process
18:55:24 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:5:0 = Process Attach

1:5:0 = end process attach
1:5:0 = ##### Begin waiting Mutex to release process #####
1:5:0 = ***** NULL == SampleProvider *****
1:5:0 = hWnd = 0x000404b6; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:5:0 = hWnd = 0x009e0328; ClassName:
.
x=0, y=0, width=1, height=1
1:5:0 = hWnd = 0x0009047a; ClassName:
x=0, y=0, width=0, height=0
1:5:0 = hWnd = 0x000904d0; ClassName:
x=0, y=0, width=0, height=0
1:5:0 = Need to re-create objects.
1:5:0 = s1.
1:5:0 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:5:0 =
1:5:0 =
1:10:32
1:10:32
1:10:33
1:10:33

Start show animate

Shell Excutute VerifyHost
= begin close Process
= Terminate Process
= end close Process
= DLL_PROCESS_DETACH

3:5:46 = Process Attach

3:5:46 = end process attach
3:5:46 = ***** NULL == SampleProvider *****
3:5:46 = hWnd = 0x000804ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:5:46 = hWnd = 0x007d0602; ClassName:
w.
x=0, y=0, width=1, height=1
3:5:46 = hWnd = 0x000604ca; ClassName:
x=0, y=0, width=0, height=0
3:5:46 = hWnd = 0x00070948; ClassName:
x=0, y=0, width=0, height=0
3:6:5 = Process Attach
3:6:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:6:5 = * NULL == SampleProvider *

3:6:5 = begin close Process
3:6:5 = end close Process
3:6:5 = ##### Get event and release process end #####
3:6:5 = hWnd = 0x00b801ea; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:6:5 = hWnd = 0x0040007a; ClassName:
.
x=0, y=0, width=1, height=1
3:6:5 = hWnd = 0x02040060; ClassName:
x=0, y=0, width=0, height=0
3:6:5 = hWnd = 0x00120074; ClassName:
x=0, y=0, width=0, height=0
12:33:44 = Process Attach
12:33:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:33:44 = * NULL == SampleProvider *

12:33:44 = ##### Begin waiting Mutex to release process #####
12:33:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:33:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:33:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:33:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:33:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:33:48 = s1.
12:33:48 = s2.
12:33:51
12:33:51
12:34:32
12:34:32
12:34:33
12:34:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:33:37 = Process Attach

1:33:37 = end process attach
1:33:38 = ##### Begin waiting Mutex to release process #####
1:33:38 = hWnd = 0x00090648; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:38 = hWnd = 0x000a0644; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:38 = hWnd = 0x000f05e2; ClassName:
x=0, y=0, width=0, height=0
1:33:38 = hWnd = 0x000705ee; ClassName:
x=0, y=0, width=0, height=0
1:34:8 = Process Attach
1:34:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:8 = * NULL == SampleProvider *

1:34:8 = begin close Process
1:34:8 = end close Process
1:34:8 = ##### Get event and release process end #####
1:34:8 = hWnd = 0x00a0002e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:34:8 = hWnd = 0x00950190; ClassName:
w.
x=0, y=0, width=1, height=1
1:34:8 = hWnd = 0x001401d0; ClassName:
x=0, y=0, width=0, height=0
1:34:8 = hWnd = 0x005001e2; ClassName:
x=0, y=0, width=0, height=0
11:59:34 = Process Attach
11:59:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:59:34 = * NULL == SampleProvider *

11:59:34 = ##### Begin waiting Mutex to release process #####
11:59:34 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:59:35 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:59:36 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

11:59:36 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:59:38 = Need to re-create objects.
11:59:38 = s1.
11:59:38 = s2.
11:59:41 = Start show animate
11:59:41 = Shell Excutute VerifyHost
12:0:20 = begin close Process
12:0:20 = Terminate Process
12:0:21 = end close Process
12:0:21 = DLL_PROCESS_DETACH
0:42:9 = Process Attach
0:42:9 = end process attach
0:42:9 = ***** NULL == SampleProvider *****
0:42:9 = hWnd = 0x000704ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:42:9 = hWnd = 0x000704c4; ClassName:
w.
x=0, y=0, width=1, height=1
0:42:9 = hWnd = 0x000704be; ClassName:
x=0, y=0, width=0, height=0
0:42:9 = hWnd = 0x00070464; ClassName:
x=0, y=0, width=0, height=0
0:42:31 = Process Attach
0:42:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:42:31 = ##### Get event and release process #####

0:42:31 = begin close Process
0:42:31 = end close Process
0:42:31 = ##### Get event and release process end #####
0:42:31 = hWnd = 0x00910088; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:42:31 = hWnd = 0x00ef019a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:42:31 = hWnd = 0x0006002a; ClassName:
x=0, y=0, width=0, height=0
0:42:31 = hWnd = 0x011d0058; ClassName:
x=0, y=0, width=0, height=0
11:5:16 = Process Attach
11:5:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:16 = * NULL == SampleProvider *

11:5:16 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:5:17 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
11:5:17 =
x=0, y=0,
11:5:17 =
x=0, y=0,
11:5:21 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

11:5:22 = s1.
11:5:22 = s2.
11:5:25 = Start show animate
11:5:25 = Shell Excutute VerifyHost
11:6:4 = begin close Process
11:6:4 = Terminate Process
11:6:5 = end close Process
11:6:5 = DLL_PROCESS_DETACH
12:5:27 = Process Attach
12:5:28 = end process attach
12:5:28 = ***** NULL == SampleProvider *****
12:5:28 = ##### Begin waiting Mutex to release process #####
12:5:28 = hWnd = 0x000404e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:5:28 = hWnd = 0x000804c0; ClassName:
ow.
x=0, y=0, width=1, height=1
12:5:28 = hWnd = 0x000404ce; ClassName:
x=0, y=0, width=0, height=0
12:5:28 = hWnd = 0x000a04c8; ClassName:
x=0, y=0, width=0, height=0
12:5:46 = Process Attach
12:5:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:46 = ##### Get event and release process #####

12:5:46 = ***** NULL == SampleProvider *****
12:5:46 = end close Process
12:5:46 = ##### Get event and release process end #####
12:5:46 = hWnd = 0x001b00f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:5:46 = hWnd = 0x002301e6; ClassName:
ow.
x=0, y=0, width=1, height=1
12:5:46 = hWnd = 0x00090144; ClassName:
x=0, y=0, width=0, height=0
12:5:46 = hWnd = 0x000b01d0; ClassName:
x=0, y=0, width=0, height=0
12:7:32 = Process Attach
12:7:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:7:32 = * NULL == SampleProvider *

12:7:33 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:7:34 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:7:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:7:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:7:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:7:36 = s1.
12:7:36 = s2.
12:7:39
12:7:39
12:8:16
12:8:16
12:8:17
12:8:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:21:15 = Process Attach

12:21:15 = end process attach
12:21:15 = ***** NULL == SampleProvider *****
12:21:15 = hWnd = 0x000305c8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:21:15 = hWnd = 0x000605ac; ClassName:
dow.
x=0, y=0, width=1, height=1
12:21:15 = hWnd = 0x000805ae; ClassName:
x=0, y=0, width=0, height=0
12:21:15 = hWnd = 0x000605cc; ClassName:
x=0, y=0, width=0, height=0
12:21:31 = Process Attach
12:21:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:21:31 = ##### Get event and release process #####

12:21:31 = hWnd = 0x00040098; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:21:31 = end close Process
12:21:31 = ##### Get event and release process end #####
12:21:31 = hWnd = 0x0003002c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:24:57 = Process Attach
12:24:57 = end process attach
12:24:57 = ***** NULL == SampleProvider *****
12:24:57 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:24:57 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
12:24:58 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:24:58 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:25:1 = Need to re-create objects.
12:25:1 = s1.
12:25:1 = s2.
12:25:5 = Start show animate
12:25:5 = Shell Excutute VerifyHost
12:25:43 = begin close Process
12:25:43 = Terminate Process
12:25:44 = end close Process
12:25:44 = DLL_PROCESS_DETACH
12:32:43 = Process Attach
12:32:43 = end process attach
12:32:43 = ***** NULL == SampleProvider *****
12:32:43 = ##### Begin waiting Mutex to release process #####
12:32:43 = hWnd = 0x00060526; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:32:43 = hWnd = 0x0008052a; ClassName:
dow.
x=0, y=0, width=1, height=1
12:32:43 = hWnd = 0x00060576; ClassName:
x=0, y=0, width=0, height=0
12:32:43 = hWnd = 0x00060570; ClassName:
x=0, y=0, width=0, height=0
12:33:6 = Process Attach
12:33:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:33:6 = * NULL == SampleProvider *

12:33:6 = begin close Process
12:33:6 = end close Process
12:33:6 = ##### Get event and release process end #####
12:33:6 = hWnd = 0x00060060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:33:6 = hWnd = 0x000f00d0; ClassName:
ow.
x=0, y=0, width=1, height=1
12:33:6 = hWnd = 0x000201d2; ClassName:
x=0, y=0, width=0, height=0
12:33:6 = hWnd = 0x000a0062; ClassName:
x=0, y=0, width=0, height=0
12:42:18 = Process Attach
12:42:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:42:19 = * NULL == SampleProvider *

12:42:19 = ##### Begin waiting Mutex to release process #####

12:42:19 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:42:19 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:42:19 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:42:21 = Need to re-create objects.
12:42:22 = s1.
12:42:22 = s2.
12:42:24 = Start show animate
12:42:24 = Shell Excutute VerifyHost
12:43:2 = begin close Process
12:43:2 = Terminate Process
12:43:3 = end close Process
12:43:3 = DLL_PROCESS_DETACH
12:56:47 = Process Attach
12:56:47 = end process attach
12:56:47 = ***** NULL == SampleProvider *****
12:56:47 = hWnd = 0x000402be; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:56:47 = hWnd = 0x00050456; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:56:47 = hWnd = 0x00020300; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:56:47 = hWnd = 0x000303e8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:56:47 = ##### Begin waiting Mutex to release process #####
12:56:52 = Process Attach
12:56:52 = ## ERR ## Setevent
12:56:52 = ***** NULL == SampleProvider *****
12:56:52 = begin close Process
12:56:52 = end close Process
12:56:52 = ##### Get event and release process end #####
12:56:52 = hWnd = 0x00060086; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:56:52 = hWnd = 0x000301f0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:58:13 = Process Attach
12:58:13 = end process attach
12:58:13 = ***** NULL == SampleProvider *****
12:58:13 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

12:58:14 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:58:14 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:58:14 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:58:17 = Need to re-create objects.
12:58:17 = s1.
12:58:17 = s2.
12:58:20
12:58:20
12:58:57
12:58:57
12:58:58
12:58:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:18:18 = Process Attach

13:18:18 = end process attach
13:18:18 = ***** NULL == SampleProvider *****
13:18:18 = ##### Begin waiting Mutex to release process #####
13:18:18 = hWnd = 0x001104d0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:18:18 = hWnd = 0x0004030a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:18:18 = hWnd = 0x00030374; ClassName:
x=0, y=0, width=0, height=0
13:18:18 = hWnd = 0x000402fc; ClassName:
x=0, y=0, width=0, height=0
13:18:22 = Process Attach
13:18:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:18:22 = ##### Get event and release process #####

13:18:22 = begin close Process
13:18:22 = end close Process
13:18:22 = hWnd = 0x000a01d8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:18:22 = hWnd = 0x0005004a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:18:22 = hWnd = 0x000a01ae; ClassName:
x=0, y=0, width=0, height=0
13:18:22 = hWnd = 0x00040070; ClassName:
x=0, y=0, width=0, height=0
13:30:0 = Process Attach
13:30:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:30:1 = * NULL == SampleProvider *

13:30:1 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
13:30:2 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
13:30:2 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:30:2 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:30:5 = Need to re-create objects.
13:30:5 = s1.
13:30:5 = s2.
13:30:8 = Start show animate
13:30:8 = Shell Excutute VerifyHost
13:30:45 = begin close Process
13:30:45 = Terminate Process
13:30:46 = end close Process
13:30:46 = DLL_PROCESS_DETACH
15:50:35 = Process Attach
15:50:35 = end process attach
15:50:35 = ***** NULL == SampleProvider *****
15:50:35 = ##### Begin waiting Mutex to release process #####
15:50:35 = hWnd = 0x000b04f6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:50:35 = hWnd = 0x003204f2; ClassName:
dow.
x=0, y=0, width=1, height=1
15:50:35 = hWnd = 0x000604c0; ClassName:
x=0, y=0, width=0, height=0
15:50:35 = hWnd = 0x00330498; ClassName:
x=0, y=0, width=0, height=0
15:50:40 = Process Attach
15:50:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:50:40 = ##### Get event and release process #####

15:50:40 = begin close Process
15:50:40 = end close Process
15:50:40 = hWnd = 0x001101c0; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:50:40 = hWnd = 0x005c0052; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:50:40 = hWnd = 0x000201c2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:54:22 = Process Attach
15:54:22 = end process attach
15:54:22 = ***** NULL == SampleProvider *****
15:54:22 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

15:54:23 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:54:23 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:54:23 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:54:27 = Need to re-create objects.
15:54:27 = s1.
15:54:27 = s2.
15:54:31 = Start show animate
15:54:31 = Shell Excutute VerifyHost
15:55:9 = begin close Process
15:55:9 = Terminate Process
15:55:10 = end close Process
15:55:10 = DLL_PROCESS_DETACH
16:17:40 = Process Attach
16:17:40 = end process attach
16:17:40 = ***** NULL == SampleProvider *****
16:17:40 = hWnd = 0x0013052a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:17:40 = hWnd = 0x000305ca; ClassName:
dow.
x=0, y=0, width=1, height=1
16:17:40 = hWnd = 0x00080592; ClassName:
x=0, y=0, width=0, height=0
16:17:40 = hWnd = 0x000905c8; ClassName:
x=0, y=0, width=0, height=0
16:18:1 = Process Attach
16:18:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:18:1 = ##### Get event and release process #####

16:18:1 = begin close Process
16:18:1 = end close Process
16:18:1 = ##### Get event and release process end #####
16:18:1 = hWnd = 0x000201e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:18:1 = hWnd = 0x001401e8; ClassName:
ow.
x=0, y=0, width=1, height=1
16:18:1 = hWnd = 0x000201bc; ClassName:
x=0, y=0, width=0, height=0
16:18:1 = hWnd = 0x000201e2; ClassName:
x=0, y=0, width=0, height=0
16:21:45 = Process Attach
16:21:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:21:45 = * NULL == SampleProvider *

16:21:45 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:21:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:21:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:21:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:21:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:21:50 = s1.
16:21:50 = s2.
16:21:53
16:21:53
16:22:31
16:22:31
16:22:32
16:22:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:1:2 = Process Attach

1:1:2 = end process attach
1:1:2 = ***** NULL == SampleProvider *****
1:1:2 = hWnd = 0x00090554; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:2 = hWnd = 0x00130470; ClassName:
.
x=0, y=0, width=1, height=1
1:1:2 = hWnd = 0x0013004e; ClassName:
x=0, y=0, width=0, height=0
1:1:2 = hWnd = 0x00110582; ClassName:
x=0, y=0, width=0, height=0
1:1:24 = Process Attach
1:1:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:24 = * NULL == SampleProvider *

1:1:24 = begin close Process
1:1:24 = end close Process
1:1:24 = ##### Get event and release process end #####
1:1:24 = hWnd = 0x002601a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:24 = hWnd = 0x00170082; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:24 = hWnd = 0x004201cc; ClassName:
x=0, y=0, width=0, height=0
1:1:24 = hWnd = 0x000b01e2; ClassName:
x=0, y=0, width=0, height=0
1:48:21 = Process Attach
1:48:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:48:21 = * NULL == SampleProvider *

1:48:21 = ##### Begin waiting Mutex to release process #####
1:48:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:48:21 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:48:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:48:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:48:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:48:25 = s1.
1:48:25 = s2.
1:48:29 = Start show animate
1:48:29 = Shell Excutute VerifyHost
1:49:5 = begin close Process
1:49:5 = Terminate Process
1:49:6 = end close Process
1:49:6 = DLL_PROCESS_DETACH
2:42:52 = Process Attach
2:42:52 = end process attach
2:42:52 = ***** NULL == SampleProvider *****
2:42:52 = ##### Begin waiting Mutex to release process #####
2:42:52 = hWnd = 0x00020464; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:42:52 = hWnd = 0x0002045e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:42:52 = hWnd = 0x000803e8; ClassName:
x=0, y=0, width=0, height=0
2:42:52 = hWnd = 0x00020484; ClassName:
x=0, y=0, width=0, height=0
2:42:59 = Process Attach
2:42:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:42:59 = * NULL == SampleProvider *

2:42:59 = begin close Process
2:42:59 = end close Process
2:42:59 = ##### Get event and release process end #####
2:42:59 = hWnd = 0x00050064; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:42:59 = hWnd = 0x00090050; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:42:59 = hWnd = 0x000401d4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
2:42:59 =
x=0, y=0,
10:16:5 =
10:16:5 =

width=0, height=0
hWnd = 0x00030186; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

10:16:5 = * NULL == SampleProvider *

10:16:5 = ##### Begin waiting Mutex to release process #####
10:16:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:16:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:16:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:16:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:16:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:16:9 = s1.
10:16:9 = s2.
10:16:13
10:16:13
10:16:49
10:16:49
10:16:50
10:16:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:41:33 = Process Attach

0:41:33 = end process attach
0:41:33 = ***** NULL == SampleProvider *****
0:41:33 = hWnd = 0x000303ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:41:33 = hWnd = 0x00180c7e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:41:33 = hWnd = 0x00180ed0; ClassName:
x=0, y=0, width=0, height=0
0:41:33 = hWnd = 0x00200ccc; ClassName:
x=0, y=0, width=0, height=0
0:42:14 = Process Attach
0:42:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:42:14 = ##### Get event and release process #####

0:42:14 = begin close Process
0:42:14 = end close Process
0:42:14 = ##### Get event and release process end #####
0:42:14 = hWnd = 0x01e50166; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

0:42:14 = hWnd = 0x00b80058; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:42:14 = hWnd = 0x008c00f4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:42:14 = hWnd = 0x00f90160; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:9:14 = Process Attach
2:9:14 = end process attach
2:9:14 = ***** NULL == SampleProvider *****
2:9:14 = ##### Begin waiting Mutex to release process #####
2:9:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:9:15 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:9:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
2:9:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:9:18 = s1.
2:9:18 = s2.
2:9:22
2:9:22
2:10:1
2:10:1
2:10:2
2:10:2

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:15:30 = Process Attach

3:15:30 = end process attach
3:15:30 = ***** NULL == SampleProvider *****
3:15:30 = ##### Begin waiting Mutex to release process #####
3:15:30 = hWnd = 0x00020462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:15:30 = hWnd = 0x00020498; ClassName:
ow.
x=0, y=0, width=1, height=1
3:15:30 = hWnd = 0x00030352; ClassName:
x=0, y=0, width=0, height=0
3:15:30 = hWnd = 0x000204a6; ClassName:
x=0, y=0, width=0, height=0
3:15:40 = Process Attach
3:15:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:15:40 = ##### Get event and release process #####

3:15:40 = begin close Process

3:15:40 = end close Process

3:15:40 = ##### Get event and release process end #####
3:15:40 = hWnd = 0x000a0054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:15:40 = hWnd = 0x000f002a; ClassName:
ow.
x=0, y=0, width=1, height=1
3:15:40 = hWnd = 0x00040106; ClassName:
x=0, y=0, width=0, height=0
3:15:40 = hWnd = 0x000901de; ClassName:
x=0, y=0, width=0, height=0
10:28:57 = Process Attach
10:28:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:28:58 = * NULL == SampleProvider *

10:28:58 = ##### Begin waiting Mutex to release process #####
10:28:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:28:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:28:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:28:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:29:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:2 = s1.
10:29:2 = s2.
10:29:5 = Start show animate
10:29:5 = Shell Excutute VerifyHost
10:29:42 = begin close Process
10:29:42 = Terminate Process
10:29:43 = end close Process
10:29:43 = DLL_PROCESS_DETACH
10:47:43 = Process Attach
10:47:43 = end process attach
10:47:43 = ***** NULL == SampleProvider *****
10:47:43 = ##### Begin waiting Mutex to release process #####
10:47:43 = hWnd = 0x00060484; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:47:43 = hWnd = 0x0002051e; ClassName:
dow.
x=0, y=0, width=1, height=1
10:47:43 = hWnd = 0x0002031a; ClassName:
x=0, y=0, width=0, height=0
10:47:43 = hWnd = 0x000e0512; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:48:10 = Process Attach

10:48:10 = ## ERR ## Setevent
10:48:10 = ##### Get event and release process #####
10:48:10 = begin close Process
10:48:10 = end close Process
10:48:10 = ##### Get event and release process end #####
10:48:10 = hWnd = 0x000801f8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:48:10 = hWnd = 0x001501f6; ClassName:
dow.
x=0, y=0, width=1, height=1
10:48:10 = hWnd = 0x00030058; ClassName:
x=0, y=0, width=0, height=0
10:48:10 = hWnd = 0x001101fc; ClassName:
x=0, y=0, width=0, height=0
10:51:59 = Process Attach
10:51:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:59 = * NULL == SampleProvider *

10:51:59 = ##### Begin waiting Mutex to release process #####
10:51:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:52:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:52:1 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:52:1 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:52:3 = Need to re-create objects.
10:52:4 = s1.
10:52:4 = s2.
10:52:8 = Start show animate
10:52:8 = Shell Excutute VerifyHost
10:52:46 = begin close Process
10:52:46 = Terminate Process
10:52:47 = end close Process
10:52:47 = DLL_PROCESS_DETACH
10:58:49 = Process Attach
10:58:49 = end process attach
10:58:49 = ***** NULL == SampleProvider *****
10:58:49 = ##### Begin waiting Mutex to release process #####
10:58:49 = hWnd = 0x00020552; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:58:49 = hWnd = 0x0004050a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
10:58:49 = hWnd = 0x00020554; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:58:49 = hWnd = 0x0003050c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:58:56 = Process Attach
10:58:56 = ## ERR ## Setevent
10:58:56 = ##### Get event and release process #####
10:58:56 = begin close Process
10:58:56 = end close Process
10:58:56 = ##### Get event and release process end #####
10:58:56 = hWnd = 0x000901f0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:58:56 = hWnd = 0x000a01f8; ClassName:
dow.
x=0, y=0, width=1, height=1
10:58:56 = hWnd = 0x000601f2; ClassName:
x=0, y=0, width=0, height=0
10:58:56 = hWnd = 0x000401f6; ClassName:
x=0, y=0, width=0, height=0
11:0:32 = Process Attach
11:0:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:0:32 = * NULL == SampleProvider *

11:0:32 = ##### Begin waiting Mutex to release process #####
11:0:32 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:0:33 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:0:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:0:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:0:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:0:37 = s1.
11:0:37 = s2.
11:0:40
11:0:40
11:1:14
11:1:14
11:1:15
11:1:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:7:44 = Process Attach

11:7:44 = end process attach
11:7:44 = ***** NULL == SampleProvider *****

11:7:44 = ##### Begin waiting Mutex to release process #####

11:7:44 = hWnd = 0x00050580; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:7:44 = hWnd = 0x00070584; ClassName:
ow.
x=0, y=0, width=1, height=1
11:7:44 = hWnd = 0x00050502; ClassName:
x=0, y=0, width=0, height=0
11:7:44 = hWnd = 0x000a0552; ClassName:
x=0, y=0, width=0, height=0
11:7:57 = Process Attach
11:7:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:7:57 = ##### Get event and release process #####

11:7:57 = ***** NULL == SampleProvider *****
11:7:57 = end close Process
11:7:57 = ##### Get event and release process end #####
11:7:57 = hWnd = 0x0003019c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:7:57 = hWnd = 0x000a0194; ClassName:
ow.
x=0, y=0, width=1, height=1
11:7:57 = hWnd = 0x000101fa; ClassName:
x=0, y=0, width=0, height=0
11:7:57 = hWnd = 0x000601ee; ClassName:
x=0, y=0, width=0, height=0
11:11:28 = Process Attach
11:11:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:28 = * NULL == SampleProvider *

11:11:28 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:11:29 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:11:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:11:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:11:33 = Need to re-create objects.
11:11:33 = s1.
11:11:33 = s2.
11:11:36
11:11:36
11:12:13
11:12:13
11:12:14
11:12:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:22:4 = Process Attach

11:22:4 = end process attach
11:22:4 = ##### Begin waiting Mutex to release process #####
11:22:4 = ***** NULL == SampleProvider *****
11:22:4 = hWnd = 0x000b04ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:22:4 = hWnd = 0x00050500; ClassName:
ow.
x=0, y=0, width=1, height=1
11:22:4 = hWnd = 0x000c04f2; ClassName:
x=0, y=0, width=0, height=0
11:22:4 = hWnd = 0x00100528; ClassName:
x=0, y=0, width=0, height=0
11:22:8 = Process Attach
11:22:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:22:8 = ##### Get event and release process #####

11:22:8 = begin close Process
11:22:8 = end close Process
11:22:8 = ##### Get event and release process end #####
11:22:8 = hWnd = 0x0006008a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:22:8 = hWnd = 0x001400c4; ClassName:
ow.
x=0, y=0, width=1, height=1
11:22:8 = hWnd = 0x000c01e6; ClassName:
x=0, y=0, width=0, height=0
11:22:8 = hWnd = 0x000e0062; ClassName:
x=0, y=0, width=0, height=0
11:23:30 = Process Attach
11:23:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:23:30 = * NULL == SampleProvider *

11:23:30 = ##### Begin waiting Mutex to release process #####
11:23:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:23:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:23:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:23:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:23:33 = Need to re-create objects.
11:23:33 = s1.
11:23:33 = s2.
11:23:36 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:23:36
11:24:12
11:24:12
11:24:13
11:24:13

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:33:11 = Process Attach

11:33:11 = end process attach
11:33:11 = ***** NULL == SampleProvider *****
11:33:11 = hWnd = 0x000a0482; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:33:11 = hWnd = 0x0007048e; ClassName:
dow.
x=0, y=0, width=1, height=1
11:33:11 = hWnd = 0x000502f8; ClassName:
x=0, y=0, width=0, height=0
11:33:11 = hWnd = 0x00020498; ClassName:
x=0, y=0, width=0, height=0
11:33:26 = Process Attach
11:33:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:33:26 = * NULL == SampleProvider *

11:33:26 = begin close Process
11:33:26 = end close Process
11:33:26 = ##### Get event and release process end #####
11:33:26 = hWnd = 0x00030048; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:33:26 = hWnd = 0x000901f8; ClassName:
dow.
x=0, y=0, width=1, height=1
11:33:26 = hWnd = 0x000d01d2; ClassName:
x=0, y=0, width=0, height=0
11:33:26 = hWnd = 0x000f0028; ClassName:
x=0, y=0, width=0, height=0
11:37:11 = Process Attach
11:37:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:11 = * NULL == SampleProvider *

11:37:11 = ##### Begin waiting Mutex to release process #####
11:37:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:37:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:37:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:37:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:37:15 = Need to re-create objects.
11:37:15 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:15 = s2.
11:37:18
11:37:18
11:37:56
11:37:56
11:37:57
11:37:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:4:7 = Process Attach

12:4:7 = end process attach
12:4:7 = ***** NULL == SampleProvider *****
12:4:7 = hWnd = 0x000204b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:4:7 = hWnd = 0x000302fc; ClassName:
w.
x=0, y=0, width=1, height=1
12:4:7 = hWnd = 0x000204b2; ClassName:
x=0, y=0, width=0, height=0
12:4:7 = hWnd = 0x000302fe; ClassName:
x=0, y=0, width=0, height=0
12:4:13 = Process Attach
12:4:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:4:13 = ##### Get event and release process #####

12:4:13 = ***** NULL == SampleProvider *****
12:4:13 = end close Process
12:4:13 = ##### Get event and release process end #####
12:4:13 = hWnd = 0x000e003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:4:13 = hWnd = 0x000c0054; ClassName:
ow.
x=0, y=0, width=1, height=1
12:4:13 = hWnd = 0x00030094; ClassName:
x=0, y=0, width=0, height=0
12:4:13 = hWnd = 0x002701fa; ClassName:
x=0, y=0, width=0, height=0
12:5:49 = Process Attach
12:5:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:49 = * NULL == SampleProvider *

12:5:49 = ##### Begin waiting Mutex to release process #####
12:5:49 =
ow.
x=0, y=0,
12:5:50 =
x=0, y=0,
12:5:50 =
x=0, y=0,
12:5:54 =

12:5:54 = s1.
12:5:54 = s2.
12:5:58
12:5:58
12:6:35
12:6:35
12:6:36
12:6:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:38:5 = Process Attach

0:38:6 = end process attach
0:38:6 = ***** NULL == SampleProvider *****
0:38:6 = ##### Begin waiting Mutex to release process #####
0:38:6 = hWnd = 0x00170526; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:38:6 = hWnd = 0x0027055a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:38:6 = hWnd = 0x0005051a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:38:42 = Process Attach
0:38:42 = ## ERR ## Setevent
0:38:42 = ##### Get event and release process #####
0:38:42 = begin close Process
0:38:42 = end close Process
0:38:42 = ##### Get event and release process end #####
0:38:42 = hWnd = 0x00a4003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:38:42 = hWnd = 0x014f0154; ClassName:
ow.
x=0, y=0, width=1, height=1
0:38:42 = hWnd = 0x000301fc; ClassName:
x=0, y=0, width=0, height=0
0:38:42 = hWnd = 0x018c01ee; ClassName:
x=0, y=0, width=0, height=0
11:21:44 = Process Attach
11:21:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:21:44 = * NULL == SampleProvider *

11:21:44 = ##### Begin waiting Mutex to release process #####
11:21:44 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:21:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:21:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

11:21:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
11:21:47 = Need to re-create objects.
11:21:48 = s1.
11:21:48 = s2.
11:21:51
11:21:51
11:22:26
11:22:26
11:22:27
11:22:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:39:37 = Process Attach

0:39:38 = end process attach
0:39:38 = ***** NULL == SampleProvider *****
0:39:38 = ##### Begin waiting Mutex to release process #####
0:39:38 = hWnd = 0x0006058a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:39:38 = hWnd = 0x0034058c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:39:38 = hWnd = 0x0004058e; ClassName:
x=0, y=0, width=0, height=0
0:39:38 = hWnd = 0x00470136; ClassName:
x=0, y=0, width=0, height=0
0:39:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:39:38 = s1.
0:39:38 = s2.
0:39:38
0:39:38
0:43:52
0:43:52
0:43:53
0:43:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:53:17 = Process Attach

0:53:17 = end process attach
0:53:17 = ***** NULL == SampleProvider *****
0:53:17 = ##### Begin waiting Mutex to release process #####
0:53:17 = hWnd = 0x0005057e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:53:17 = hWnd = 0x0007058e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:53:17 = hWnd = 0x00090386; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

0:53:17 =
x=0, y=0,
0:53:36 =
0:53:36 =

hWnd = 0x00050584; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

0:53:36 = * NULL == SampleProvider *

0:53:36 = begin close Process
0:53:36 = end close Process
0:53:36 = hWnd = 0x008f00bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:53:36 = hWnd = 0x0193004c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:53:36 = hWnd = 0x0102002a; ClassName:
x=0, y=0, width=0, height=0
0:53:36 = hWnd = 0x00930058; ClassName:
x=0, y=0, width=0, height=0
14:23:12 = Process Attach
14:23:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:23:12 = * NULL == SampleProvider *

14:23:12 = ##### Begin waiting Mutex to release process #####
14:23:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:23:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:23:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:23:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:23:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:23:17 = s1.
14:23:17 = s2.
14:23:20
14:23:20
14:23:57
14:23:57
14:23:58
14:23:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:21:31 = Process Attach

21:21:31 = end process attach
21:21:31 = ***** NULL == SampleProvider *****
21:21:31 = ##### Begin waiting Mutex to release process #####
21:21:31 = hWnd = 0x00050656; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:21:31 = hWnd = 0x001004e6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

21:21:31 = hWnd = 0x0004067a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:21:54 = Process Attach
21:21:54 = ## ERR ## Setevent
21:21:54 = ##### Get event and release process #####
21:21:54 = begin close Process
21:21:54 = end close Process
21:21:54 = ##### Get event and release process end #####
21:21:54 = hWnd = 0x003b01ea; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:21:54 = hWnd = 0x0026004c; ClassName:
dow.
x=0, y=0, width=1, height=1
21:21:54 = hWnd = 0x005701a2; ClassName:
x=0, y=0, width=0, height=0
21:21:54 = hWnd = 0x002d01cc; ClassName:
x=0, y=0, width=0, height=0
21:25:56 = Process Attach
21:25:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:25:56 = * NULL == SampleProvider *

21:25:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:25:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:25:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:25:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:26:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:26:0 = s1.
21:26:0 = s2.
21:26:3 = Start show animate
21:26:3 = Shell Excutute VerifyHost
21:26:41 = begin close Process
21:26:41 = Terminate Process
21:26:42 = end close Process
21:26:42 = DLL_PROCESS_DETACH
4:23:58 = Process Attach
4:23:58 = end process attach
4:23:58 = ***** NULL == SampleProvider *****
4:23:58 = ##### Begin waiting Mutex to release process #####
4:23:58 = hWnd = 0x0049040a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

4:23:58 =
x=0, y=0,
4:23:58 =
x=0, y=0,
4:24:18 =
4:24:18 =

hWnd = 0x001504e6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x001b0474; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

4:24:18 = * NULL == SampleProvider *

4:24:18 = begin close Process
4:24:18 = end close Process
4:24:18 = ##### Get event and release process end #####
4:24:18 = hWnd = 0x00f80068; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:24:18 = hWnd = 0x003301ec; ClassName:
ow.
x=0, y=0, width=1, height=1
4:24:18 = hWnd = 0x000501e6; ClassName:
x=0, y=0, width=0, height=0
4:24:18 = hWnd = 0x00b501c6; ClassName:
x=0, y=0, width=0, height=0
9:39:26 = Process Attach
9:39:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:39:26 = * NULL == SampleProvider *

9:39:26 = ##### Begin waiting Mutex to release process #####
9:39:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:39:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:39:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:39:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:39:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:39:30 = s1.
9:39:30 = s2.
9:39:34
9:39:34
9:40:13
9:40:13
9:40:14
9:40:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:53:14 = Process Attach

9:53:14 = end process attach
9:53:14 = ***** NULL == SampleProvider *****
9:53:14 = ##### Begin waiting Mutex to release process #####

9:53:14 = hWnd = 0x000403b4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:53:14 = hWnd = 0x0008040c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:53:14 = hWnd = 0x00040488; ClassName:
x=0, y=0, width=0, height=0
9:53:14 = hWnd = 0x00030458; ClassName:
x=0, y=0, width=0, height=0
9:53:18 = Process Attach
9:53:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:18 = ##### Get event and release process #####

9:53:18 = begin close Process
9:53:18 = end close Process
9:53:18 = hWnd = 0x000301ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:53:18 = hWnd = 0x0006008c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:53:18 = hWnd = 0x000a019e; ClassName:
x=0, y=0, width=0, height=0
9:53:18 = hWnd = 0x000b0050; ClassName:
x=0, y=0, width=0, height=0
11:9:48 = Process Attach
11:9:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:9:48 = * NULL == SampleProvider *

11:9:48 = ##### Begin waiting Mutex to release process #####
11:9:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:9:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:9:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:9:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:9:51 = Need to re-create objects.
11:9:51 = s1.
11:9:51 = s2.
11:9:55 = Start show animate
11:9:55 = Shell Excutute VerifyHost
11:10:33 = begin close Process
11:10:33 = Terminate Process
11:10:34 = end close Process
11:10:34 = DLL_PROCESS_DETACH
0:54:4 = Process Attach
0:54:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:54:4 = * NULL == SampleProvider *

0:54:4 = ##### Begin waiting Mutex to release process #####
0:54:4 = hWnd = 0x00080c2e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:54:4 = hWnd = 0x00080a98; ClassName:
w.
x=0, y=0, width=1, height=1
0:54:4 = hWnd = 0x001906e8; ClassName:
x=0, y=0, width=0, height=0
0:54:4 = hWnd = 0x00080dee; ClassName:
x=0, y=0, width=0, height=0
0:54:52 = Process Attach
0:54:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:54:52 = * NULL == SampleProvider *

0:54:52 = begin close Process
0:54:52 = end close Process
0:54:52 = ##### Get event and release process end #####
0:54:52 = hWnd = 0x020601f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:54:52 = hWnd = 0x023401ca; ClassName:
ow.
x=0, y=0, width=1, height=1
0:54:52 = hWnd = 0x01e4005a; ClassName:
x=0, y=0, width=0, height=0
0:54:52 = hWnd = 0x02cb01ec; ClassName:
x=0, y=0, width=0, height=0
11:23:23 = Process Attach
11:23:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:23:24 = * NULL == SampleProvider *

11:23:24 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:23:25 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:23:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:23:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:23:30 = Need to re-create objects.
11:23:30 = s1.
11:23:30 = s2.
11:23:34
11:23:34
11:24:11
11:24:11
11:24:12
11:24:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:7:39 = Process Attach

1:7:39 = end process attach
1:7:39 = ***** NULL == SampleProvider *****
1:7:39 = hWnd = 0x006510a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:7:39 = hWnd = 0x00130b14; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:39 = hWnd = 0x00550682; ClassName:
x=0, y=0, width=0, height=0
1:7:39 = hWnd = 0x004905aa; ClassName:
x=0, y=0, width=0, height=0
1:8:12 = Process Attach
1:8:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:8:12 = * NULL == SampleProvider *

1:8:12 = begin close Process
1:8:12 = end close Process
1:8:12 = ##### Get event and release process end #####
1:8:12 = hWnd = 0x011d0044; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:8:12 = hWnd = 0x001400cc; ClassName:
w.
x=0, y=0, width=1, height=1
1:8:12 = hWnd = 0x0042004e; ClassName:
x=0, y=0, width=0, height=0
1:8:12 = hWnd = 0x006a00d4; ClassName:
x=0, y=0, width=0, height=0
9:28:8 = Process Attach
9:28:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:8 = * NULL == SampleProvider *

9:28:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:28:9 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:28:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:28:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:28:10 = Need to re-create objects.
9:28:10 = s1.
9:28:10 = s2.
9:28:14
9:28:14
9:28:52
9:28:52

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:54 = end close Process

9:28:54 = DLL_PROCESS_DETACH
12:37:26 = Process Attach
12:37:26 = end process attach
12:37:26 = ***** NULL == SampleProvider *****
12:37:26 = hWnd = 0x000d04d2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:37:26 = hWnd = 0x000604a2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:37:26 = hWnd = 0x000b04f0; ClassName:
x=0, y=0, width=0, height=0
12:37:26 = hWnd = 0x00050a5a; ClassName:
x=0, y=0, width=0, height=0
12:37:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:37:26 = s1.
12:37:26 = s2.
12:37:26
12:37:26
12:38:32
12:38:32
12:38:33
12:38:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:10:3 = Process Attach

1:10:3 = end process attach
1:10:3 = ***** NULL == SampleProvider *****
1:10:3 = ##### Begin waiting Mutex to release process #####
1:10:3 = hWnd = 0x001205da; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:10:3 = hWnd = 0x00150734; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:10:3 = hWnd = 0x00100ae0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:10:26 = Process Attach
1:10:26 = ## ERR ## Setevent
1:10:26 = ##### Get event and release process #####
1:10:26 = begin close Process
1:10:26 = end close Process
1:10:26 = ##### Get event and release process end #####
1:10:26 = hWnd = 0x0054018c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:10:26 = hWnd = 0x00fb01b8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:10:26 =
x=0, y=0,
1:10:26 =
x=0, y=0,
11:2:26 =
11:2:26 =

hWnd = 0x009100c4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x026e004e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

11:2:26 = * NULL == SampleProvider *

11:2:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:2:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:2:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:2:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:2:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:2:35 = s1.
11:2:35 = s2.
11:2:38
11:2:38
11:3:15
11:3:15
11:3:16
11:3:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:31:35 = Process Attach

0:31:35 = end process attach
0:31:35 = ***** NULL == SampleProvider *****
0:31:35 = hWnd = 0x00060666; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:31:35 = hWnd = 0x000b0506; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:31:35 = ##### Begin waiting Mutex to release process #####
0:32:8 = Process Attach
0:32:8 = ## ERR ## Setevent
0:32:8 = ##### Get event and release process #####
0:32:8 = ***** NULL == SampleProvider *****
0:32:8 = end close Process
0:32:8 = ##### Get event and release process end #####
0:32:8 = hWnd = 0x008201d2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:32:8 = hWnd = 0x00eb004e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

0:32:8 = hWnd = 0x00c8005a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:32:8 = hWnd = 0x00420050; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:34:9 = Process Attach
10:34:9 = end process attach
10:34:9 = ***** NULL == SampleProvider *****
10:34:9 = ##### Begin waiting Mutex to release process #####
10:34:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:34:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:34:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:34:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:34:13 = Need to re-create objects.
10:34:13 = s1.
10:34:13 = s2.
10:34:16
10:34:16
10:34:53
10:34:53
10:34:54
10:34:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:21:33 = Process Attach

0:21:33 = end process attach
0:21:33 = ##### Begin waiting Mutex to release process #####
0:21:33 = ***** NULL == SampleProvider *****
0:21:33 = hWnd = 0x001a03fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:21:33 = hWnd = 0x00450516; ClassName:
ow.
x=0, y=0, width=1, height=1
0:21:33 = hWnd = 0x000609f6; ClassName:
x=0, y=0, width=0, height=0
0:21:33 = hWnd = 0x000b0a26; ClassName:
x=0, y=0, width=0, height=0
0:21:33 = Need to re-create objects.
0:21:33 = s1.
0:21:33 = s2.
0:21:33 = Start show animate
0:21:33 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:30:3
0:30:3
0:30:4
0:30:4

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

1:1:19 = Process Attach

1:1:19 = end process attach
1:1:19 = ***** NULL == SampleProvider *****
1:1:19 = hWnd = 0x00050bd6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:19 = hWnd = 0x00050c32; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:19 = hWnd = 0x00060bde; ClassName:
x=0, y=0, width=0, height=0
1:1:19 = hWnd = 0x00050c36; ClassName:
x=0, y=0, width=0, height=0
1:1:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:19 = s1.
1:1:19 = s2.
1:1:19
1:1:19
1:1:34
1:1:34
1:1:35
1:1:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:10:48 = Process Attach

1:10:48 = end process attach
1:10:48 = ***** NULL == SampleProvider *****
1:10:48 = hWnd = 0x00080c0e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:10:48 = hWnd = 0x001704fc; ClassName:
ow.
x=0, y=0, width=1, height=1
1:10:48 = hWnd = 0x00340b0e; ClassName:
x=0, y=0, width=0, height=0
1:10:48 = hWnd = 0x002504ce; ClassName:
x=0, y=0, width=0, height=0
1:11:12 = Process Attach
1:11:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:11:12 = * NULL == SampleProvider *

1:11:12 = end close Process
1:11:12 = ##### Get event and release process end #####
1:11:12 = hWnd = 0x013d00b2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:11:12 = hWnd = 0x017101de; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0, width=1, height=1
1:11:12 = hWnd = 0x01b90070; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:11:12 = hWnd = 0x00bc0088; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:17:32 = Process Attach
11:17:32 = end process attach
11:17:32 = ***** NULL == SampleProvider *****
11:17:32 = ##### Begin waiting Mutex to release process #####
11:17:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:17:33 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:17:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:17:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:17:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:17:36 = s1.
11:17:36 = s2.
11:17:40
11:17:40
11:18:17
11:18:17
11:18:18
11:18:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:10:45 = Process Attach

0:10:45 = end process attach
0:10:45 = ##### Begin waiting Mutex to release process #####
0:10:45 = ***** NULL == SampleProvider *****
0:10:45 = hWnd = 0x00030b12; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:10:45 = hWnd = 0x000303f8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:10:45 = hWnd = 0x00030b10; ClassName:
x=0, y=0, width=0, height=0
0:10:45 = hWnd = 0x00060754; ClassName:
x=0, y=0, width=0, height=0
0:10:45 = Need to re-create objects.
0:10:45 = s1.
0:10:45 = s2.
0:10:45 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:10:45
0:14:19
0:14:19
0:14:20
0:14:20

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:40:49 = Process Attach

0:40:49 = end process attach
0:40:49 = ***** NULL == SampleProvider *****
0:40:49 = hWnd = 0x00060772; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:40:49 = hWnd = 0x00060adc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:40:49 = hWnd = 0x00050b3c; ClassName:
x=0, y=0, width=0, height=0
0:40:49 = hWnd = 0x009e05ca; ClassName:
x=0, y=0, width=0, height=0
0:41:9 = Process Attach
0:41:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:41:9 = ##### Get event and release process #####

0:41:9 = begin close Process
0:41:9 = end close Process
0:41:9 = ##### Get event and release process end #####
0:41:9 = hWnd = 0x014e008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:41:9 = hWnd = 0x016501c8; ClassName:
w.
x=0, y=0, width=1, height=1
0:41:9 = hWnd = 0x000500ec; ClassName:
x=0, y=0, width=0, height=0
0:41:9 = hWnd = 0x00880054; ClassName:
x=0, y=0, width=0, height=0
13:1:11 = Process Attach
13:1:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:1:11 = * NULL == SampleProvider *

13:1:11 = ##### Begin waiting Mutex to release process #####
13:1:12 =
ow.
x=0, y=0,
13:1:12 =
x=0, y=0,
13:1:12 =
x=0, y=0,
13:1:15 =

13:1:15 = s1.
13:1:15 = s2.

13:1:18
13:1:18
13:1:56
13:1:56
13:1:57
13:1:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:4:53 = Process Attach

1:4:53 = end process attach
1:4:53 = ***** NULL == SampleProvider *****
1:4:54 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:4:55 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
1:4:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:4:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:4:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:4:59 = s1.
1:4:59 = s2.
1:5:2 = Start show animate
1:5:2 = Shell Excutute VerifyHost
1:5:40 = begin close Process
1:5:40 = Terminate Process
1:5:41 = end close Process
1:5:41 = DLL_PROCESS_DETACH
1:39:37 = Process Attach
1:39:37 = end process attach
1:39:37 = ***** NULL == SampleProvider *****
1:39:37 = ##### Begin waiting Mutex to release process #####
1:39:37 = hWnd = 0x000503d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:39:37 = hWnd = 0x00020426; ClassName:
ow.
x=0, y=0, width=1, height=1
1:39:37 = hWnd = 0x00040470; ClassName:
x=0, y=0, width=0, height=0
1:39:37 = hWnd = 0x000303de; ClassName:
x=0, y=0, width=0, height=0
1:39:42 = Process Attach
1:39:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:39:42 = ##### Get event and release process #####

1:39:42 = ***** NULL == SampleProvider *****
1:39:42 = end close Process

1:39:42 = ##### Get event and release process end #####

1:39:42 = hWnd = 0x000401fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:39:42 = hWnd = 0x0002003a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:39:42 = hWnd = 0x0005017e; ClassName:
x=0, y=0, width=0, height=0
1:39:42 = hWnd = 0x000301d6; ClassName:
x=0, y=0, width=0, height=0
9:49:46 = Process Attach
9:49:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:49:46 = * NULL == SampleProvider *

9:49:46 = ##### Begin waiting Mutex to release process #####
9:49:46 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:49:47 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:49:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:49:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:49:49 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:49:49 = s1.
9:49:49 = s2.
9:49:53
9:49:53
9:50:31
9:50:31
9:50:32
9:50:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:51:12 = Process Attach

10:51:12 = end process attach
10:51:12 = ***** NULL == SampleProvider *****
10:51:12 = ##### Begin waiting Mutex to release process #####
10:51:12 = hWnd = 0x00040306; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:51:12 = hWnd = 0x000404b4; ClassName:
dow.
x=0, y=0, width=1, height=1
10:51:12 = hWnd = 0x00040302; ClassName:
x=0, y=0, width=0, height=0
10:51:12 = hWnd = 0x000d0430; ClassName:
x=0, y=0, width=0, height=0
10:51:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:12 = s1.
10:51:12 = s2.
10:51:13
10:51:13
10:51:30
10:51:30
10:51:31
10:51:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:31:44 = Process Attach

21:31:44 = end process attach
21:31:44 = ***** NULL == SampleProvider *****
21:31:44 = ##### Begin waiting Mutex to release process #####
21:31:44 = hWnd = 0x0005064e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:31:44 = hWnd = 0x000c0642; ClassName:
dow.
x=0, y=0, width=1, height=1
21:31:44 = hWnd = 0x00050640; ClassName:
x=0, y=0, width=0, height=0
21:31:44 = hWnd = 0x00050656; ClassName:
x=0, y=0, width=0, height=0
21:31:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:31:44 = s1.
21:31:44 = s2.
21:31:44 = Start show animate
21:31:44 = Shell Excutute VerifyHost
21:32:3 = begin close Process
21:32:3 = Terminate Process
21:32:4 = end close Process
21:32:4 = DLL_PROCESS_DETACH
1:39:45 = Process Attach
1:39:45 = end process attach
1:39:45 = ***** NULL == SampleProvider *****
1:39:45 = ##### Begin waiting Mutex to release process #####
1:39:45 = hWnd = 0x0003045c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:39:45 = hWnd = 0x000b0448; ClassName:
ow.
x=0, y=0, width=1, height=1
1:39:45 = hWnd = 0x00030442; ClassName:
x=0, y=0, width=0, height=0
1:39:45 = hWnd = 0x0013051c; ClassName:
x=0, y=0, width=0, height=0
1:40:14 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:40:14 = ## ERR ## Setevent

1:40:14 = ##### Get event and release process #####
1:40:14 = begin close Process
1:40:14 = end close Process
1:40:14 = ##### Get event and release process end #####
1:40:14 = hWnd = 0x00be01d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:40:14 = hWnd = 0x00fd01e4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:40:14 = hWnd = 0x00630038; ClassName:
x=0, y=0, width=0, height=0
1:40:14 = hWnd = 0x00880058; ClassName:
x=0, y=0, width=0, height=0
8:44:53 = Process Attach
8:44:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:44:53 = * NULL == SampleProvider *

8:44:53 = ##### Begin waiting Mutex to release process #####
8:44:53 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:44:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:44:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:44:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:44:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:44:56 = s1.
8:44:56 = s2.
8:45:0 = Start show animate
8:45:0 = Shell Excutute VerifyHost
8:45:37 = begin close Process
8:45:37 = Terminate Process
8:45:38 = end close Process
8:45:38 = DLL_PROCESS_DETACH
12:56:52 = Process Attach
12:56:52 = end process attach
12:56:52 = ***** NULL == SampleProvider *****
12:56:52 = ##### Begin waiting Mutex to release process #####
12:56:52 = hWnd = 0x00090452; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:56:52 = hWnd = 0x00080468; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:57:16 = Process Attach

12:57:16 = ## ERR ## Setevent

12:57:16 = ##### Get event and release process #####
12:57:16 = begin close Process
12:57:16 = end close Process
12:57:16 = ##### Get event and release process end #####
12:57:16 = hWnd = 0x004d01ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:57:16 = hWnd = 0x008001f2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:57:16 = hWnd = 0x000501b8; ClassName:
x=0, y=0, width=0, height=0
12:57:16 = hWnd = 0x004401a8; ClassName:
x=0, y=0, width=0, height=0
13:2:59 = Process Attach
13:2:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:2:59 = * NULL == SampleProvider *

13:2:59 = ##### Begin waiting Mutex to release process #####
13:2:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:3:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
13:3:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:3:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:3:2 = Need to re-create objects.
13:3:2 = s1.
13:3:2 = s2.
13:3:6 = Start show animate
13:3:6 = Shell Excutute VerifyHost
13:3:45 = begin close Process
13:3:45 = Terminate Process
13:3:46 = end close Process
13:3:46 = DLL_PROCESS_DETACH
1:24:34 = Process Attach
1:24:34 = end process attach
1:24:34 = ***** NULL == SampleProvider *****
1:24:34 = ##### Begin waiting Mutex to release process #####
1:24:34 =
ow.
x=0, y=0,
1:24:34 =
x=0, y=0,

hWnd = 0x00100430; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000a03bc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0

1:24:34 =
x=0, y=0,
1:24:57 =
1:24:57 =

hWnd = 0x00060434; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

1:24:57 = ##### Get event and release process #####

1:24:57 = begin close Process
1:24:57 = end close Process
1:24:57 = ##### Get event and release process end #####
1:24:57 = hWnd = 0x002b0196; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:24:57 = hWnd = 0x008d01d2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:24:57 = hWnd = 0x009801d6; ClassName:
x=0, y=0, width=0, height=0
1:24:57 = hWnd = 0x0097002a; ClassName:
x=0, y=0, width=0, height=0
9:32:56 = Process Attach
9:32:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:32:56 = * NULL == SampleProvider *

9:32:56 = ##### Begin waiting Mutex to release process #####
9:32:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:32:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:32:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:32:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:33:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:33:1 = s1.
9:33:1 = s2.
9:33:6 = Start show animate
9:33:6 = Shell Excutute VerifyHost
9:33:43 = begin close Process
9:33:43 = Terminate Process
9:33:44 = end close Process
9:33:44 = DLL_PROCESS_DETACH
1:29:32 = Process Attach
1:29:32 = end process attach
1:29:32 = ***** NULL == SampleProvider *****
1:29:32 = hWnd = 0x00c814b4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:29:32 = hWnd = 0x001e09c0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:29:32 =
x=0, y=0,
1:29:32 =
x=0, y=0,
1:30:27 =
1:30:27 =

width=1, height=1
hWnd = 0x00091438; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x010914c4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:30:27 = ##### Get event and release process #####

1:30:27 = begin close Process
1:30:27 = end close Process
1:30:27 = ##### Get event and release process end #####
1:30:27 = hWnd = 0x01a20074; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:27 = hWnd = 0x014c020a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:27 = hWnd = 0x00c50090; ClassName:
x=0, y=0, width=0, height=0
1:30:27 = hWnd = 0x00a00206; ClassName:
x=0, y=0, width=0, height=0
8:43:30 = Process Attach
8:43:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:30 = * NULL == SampleProvider *

8:43:30 = ##### Begin waiting Mutex to release process #####
8:43:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:43:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:43:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:43:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:43:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:34 = s1.
8:43:34 = s2.
8:43:37
8:43:37
8:44:15
8:44:15
8:44:16
8:44:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:14:30 = Process Attach

1:14:30 = end process attach
1:14:30 = ##### Begin waiting Mutex to release process #####

1:14:30 = hWnd = 0x0032100e; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:14:30 = hWnd = 0x00f10b06; ClassName:
ow.
x=0, y=0, width=1, height=1
1:14:30 = hWnd = 0x000a0d8e; ClassName:
x=0, y=0, width=0, height=0
1:14:30 = hWnd = 0x003907c2; ClassName:
x=0, y=0, width=0, height=0
1:14:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:14:31 = s1.
1:14:31 = s2.
1:14:31
1:14:31
1:15:30
1:15:30
1:15:31
1:15:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:52:44 = Process Attach

1:52:44 = end process attach
1:52:44 = ***** NULL == SampleProvider *****
1:52:44 = hWnd = 0x000e092c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:52:45 = hWnd = 0x000e0c50; ClassName:
ow.
x=0, y=0, width=1, height=1
1:52:45 = hWnd = 0x004007b2; ClassName:
x=0, y=0, width=0, height=0
1:52:45 = hWnd = 0x003a1168; ClassName:
x=0, y=0, width=0, height=0
1:53:18 = Process Attach
1:53:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:53:18 = ##### Get event and release process #####

1:53:18 =
1:53:18 =
ow.
x=0, y=0,
1:53:18 =
x=0, y=0,
1:53:18 =
x=0, y=0,
9:27:22 =
9:27:22 =

begin close Process

hWnd = 0x005301cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x007601ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0072005a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:27:22 = * NULL == SampleProvider *

9:27:22 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:27:23 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
9:27:23 =
x=0, y=0,
9:27:23 =
x=0, y=0,
9:27:26 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

9:27:27 = s1.
9:27:27 = s2.
9:27:30 = Start show animate
9:27:30 = Shell Excutute VerifyHost
9:28:7 = begin close Process
9:28:7 = Terminate Process
9:28:8 = end close Process
9:28:8 = DLL_PROCESS_DETACH
2:4:12 = Process Attach
2:4:12 = end process attach
2:4:12 = ***** NULL == SampleProvider *****
2:4:12 = ##### Begin waiting Mutex to release process #####
2:4:12 = hWnd = 0x000507a6; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:4:12 = hWnd = 0x002f0632; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:4:12 = hWnd = 0x000607a0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:4:50 = Process Attach
2:4:50 = ## ERR ## Setevent
2:4:50 = ##### Get event and release process #####
2:4:50 = begin close Process
2:4:50 = end close Process
2:4:50 = ##### Get event and release process end #####
2:4:50 = hWnd = 0x0117002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:4:50 = hWnd = 0x010101f4; ClassName:
w.
x=0, y=0, width=1, height=1
2:4:50 = hWnd = 0x0088009a; ClassName:
x=0, y=0, width=0, height=0
2:4:50 = hWnd = 0x01520070; ClassName:
x=0, y=0, width=0, height=0
11:6:6 = Process Attach
11:6:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:6 = * NULL == SampleProvider *

11:6:6 = ##### Begin waiting Mutex to release process #####
11:6:6 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
11:6:6 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
11:6:7 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:6:7 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:6:10 = Need to re-create objects.
11:6:10 = s1.
11:6:10 = s2.
11:6:14
11:6:14
11:6:52
11:6:52
11:6:53
11:6:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:5:28 = Process Attach

2:5:28 = end process attach
2:5:28 = ***** NULL == SampleProvider *****
2:5:28 = ##### Begin waiting Mutex to release process #####
2:5:28 = hWnd = 0x004707b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:5:28 = hWnd = 0x00190842; ClassName:
w.
x=0, y=0, width=1, height=1
2:5:28 = hWnd = 0x004e05e6; ClassName:
x=0, y=0, width=0, height=0
2:5:28 = hWnd = 0x000b02f8; ClassName:
x=0, y=0, width=0, height=0
2:6:6 = Process Attach
2:6:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:6:6 = ##### Get event and release process #####

2:6:6 = begin close Process
2:6:6 = end close Process
2:6:6 = ##### Get event and release process end #####
2:6:6 = hWnd = 0x011b01a6; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:6:6 = hWnd = 0x005001f0; ClassName:
.
x=0, y=0, width=1, height=1
2:6:6 = hWnd = 0x016900a6; ClassName:
x=0, y=0, width=0, height=0
2:6:6 = hWnd = 0x0153005c; ClassName:
x=0, y=0, width=0, height=0
8:34:7 = Process Attach
8:34:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:34:7 = * NULL == SampleProvider *

8:34:7 = ##### Begin waiting Mutex to release process #####
8:34:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:34:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:34:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:34:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:34:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:34:13 = s1.
8:34:13 = s2.
8:34:16
8:34:16
8:34:54
8:34:54
8:34:55
8:34:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:2:34 = Process Attach

13:2:34 = end process attach
13:2:34 = ***** NULL == SampleProvider *****
13:2:34 = ##### Begin waiting Mutex to release process #####
13:2:58 = hWnd = 0x00280612; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:2:58 = hWnd = 0x002404c8; ClassName:
ow.
x=0, y=0, width=1, height=1
13:2:58 = hWnd = 0x000e04da; ClassName:
x=0, y=0, width=0, height=0
13:2:58 = hWnd = 0x00370420; ClassName:
x=0, y=0, width=0, height=0
13:3:36 = begin close Process
13:3:36 = end close Process
13:3:36 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:6:0 = Process Attach

3:6:0 = end process attach
3:6:0 = ***** NULL == SampleProvider *****
3:6:0 = hWnd = 0x005a057e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:6:0 = hWnd = 0x000206fc; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1

3:6:0 = hWnd = 0x001f0444; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
3:6:0 = hWnd = 0x001e0514; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:7:9 = Process Attach
3:7:9 = ## ERR ## Setevent
3:7:9 = ***** NULL == SampleProvider *****
3:7:9 = begin close Process
3:7:9 = end close Process
3:7:9 = ##### Get event and release process end #####
3:7:9 = hWnd = 0x0077004c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:7:9 = hWnd = 0x015a00de; ClassName:
.
x=0, y=0, width=1, height=1
3:7:9 = hWnd = 0x009001dc; ClassName:
x=0, y=0, width=0, height=0
3:7:9 = hWnd = 0x00fd004a; ClassName:
x=0, y=0, width=0, height=0
8:38:55 = Process Attach
8:38:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:38:55 = * NULL == SampleProvider *

8:38:55 = ##### Begin waiting Mutex to release process #####
8:38:55 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:38:56 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:38:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:38:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:38:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:38:58 = s1.
8:38:58 = s2.
8:39:2 = Start show animate
8:39:2 = Shell Excutute VerifyHost
8:39:39 = begin close Process
8:39:39 = Terminate Process
8:39:40 = end close Process
8:39:40 = DLL_PROCESS_DETACH
2:23:8 = Process Attach
2:23:8 = end process attach
2:23:8 = ***** NULL == SampleProvider *****
2:23:8 = ##### Begin waiting Mutex to release process #####

2:23:8 = hWnd = 0x000203ac; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:23:8 = hWnd = 0x00020406; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:23:8 = hWnd = 0x000203ae; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:23:51 = Process Attach
2:23:51 = ## ERR ## Setevent
2:23:51 = ***** NULL == SampleProvider *****
2:23:51 = begin close Process
2:23:51 = end close Process
2:23:51 = ##### Get event and release process end #####
2:23:51 = hWnd = 0x009b00f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:23:51 = hWnd = 0x00d1002c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:23:51 = hWnd = 0x008c01d6; ClassName:
x=0, y=0, width=0, height=0
2:23:51 = hWnd = 0x019d010a; ClassName:
x=0, y=0, width=0, height=0
9:36:12 = Process Attach
9:36:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:36:13 = * NULL == SampleProvider *

9:36:13 = ##### Begin waiting Mutex to release process #####
9:36:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:36:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:36:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:36:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:36:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:36:18 = s1.
9:36:18 = s2.
9:36:21
9:36:21
9:36:58
9:36:58
9:36:59
9:36:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:51:56 = Process Attach

15:51:56 = end process attach
15:51:56 = ***** NULL == SampleProvider *****

15:51:56 = ##### Begin waiting Mutex to release process #####

15:51:56 = hWnd = 0x00110538; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:51:56 = hWnd = 0x000a05d2; ClassName:
dow.
x=0, y=0, width=1, height=1
15:51:56 = hWnd = 0x00070516; ClassName:
x=0, y=0, width=0, height=0
15:51:56 = hWnd = 0x000c05d0; ClassName:
x=0, y=0, width=0, height=0
15:51:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:51:57 = s1.
15:51:57 = s2.
15:51:58
15:51:58
15:59:53
15:59:53
15:59:54
15:59:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:32:5 = Process Attach

16:32:5 = end process attach
16:32:5 = ***** NULL == SampleProvider *****
16:32:5 = hWnd = 0x00150554; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:32:5 = hWnd = 0x004003e0; ClassName:
ow.
x=0, y=0, width=1, height=1
16:32:5 = hWnd = 0x00080628; ClassName:
x=0, y=0, width=0, height=0
16:32:5 = hWnd = 0x001705f0; ClassName:
x=0, y=0, width=0, height=0
16:32:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:32:5 = s1.
16:32:5 = s2.
16:32:5 = ##### Begin waiting Mutex to release process #####
16:32:5 = Start show animate
16:32:5 = Shell Excutute VerifyHost
16:34:35 = begin close Process
16:34:35 = Terminate Process
16:34:36 = end close Process
16:34:36 = DLL_PROCESS_DETACH
1:16:29 = Process Attach
1:16:29 = end process attach
1:16:29 = ***** NULL == SampleProvider *****

1:16:29 = hWnd = 0x0030073c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:16:29 = hWnd = 0x003e07e2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:16:29 = hWnd = 0x0005048c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:16:29 = ##### Begin waiting Mutex to release process #####
1:16:29 = hWnd = 0x003d05e0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:16:31 = Need to re-create objects.
1:16:31 = s1.
1:16:31 = s2.
1:16:32
1:16:32
1:19:33
1:19:33
1:19:34
1:19:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:37:57 = Process Attach

1:37:57 = end process attach
1:37:57 = ***** NULL == SampleProvider *****
1:37:57 = hWnd = 0x005806b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:37:57 = hWnd = 0x003304f4; ClassName:
ow.
x=0, y=0, width=1, height=1
1:37:57 = hWnd = 0x001c0418; ClassName:
x=0, y=0, width=0, height=0
1:37:57 = hWnd = 0x002e0576; ClassName:
x=0, y=0, width=0, height=0
1:39:4 = Process Attach
1:39:4 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:39:4 = * NULL == SampleProvider *

1:39:4 = begin close Process
1:39:4 = end close Process
1:39:4 = ##### Get event and release process end #####
8:57:47 = Process Attach
8:57:47 = end process attach
8:57:47 = ***** NULL == SampleProvider *****
8:57:47 = ##### Begin waiting Mutex to release process #####
8:57:48 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

8:57:49 =
ow.
x=0, y=0,
8:57:49 =
x=0, y=0,
8:57:49 =
x=0, y=0,
8:57:51 =

8:57:51 = s1.
8:57:51 = s2.
8:57:55
8:57:55
8:58:35
8:58:35
8:58:36
8:58:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:34:4 = Process Attach

2:34:4 = end process attach
2:34:4 = ***** NULL == SampleProvider *****
2:34:4 = hWnd = 0x000404aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:34:4 = hWnd = 0x000403ee; ClassName:
w.
x=0, y=0, width=1, height=1
2:34:4 = hWnd = 0x00330762; ClassName:
x=0, y=0, width=0, height=0
2:34:4 = hWnd = 0x000503f2; ClassName:
x=0, y=0, width=0, height=0
2:34:25 = Process Attach
2:34:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:34:25 = ##### Get event and release process #####

2:34:25 = begin close Process
2:34:25 = end close Process
2:34:25 = ##### Get event and release process end #####
2:34:25 = hWnd = 0x00870122; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:34:25 = hWnd = 0x011501ee; ClassName:
ow.
x=0, y=0, width=1, height=1
2:34:25 = hWnd = 0x01cc0088; ClassName:
x=0, y=0, width=0, height=0
2:34:25 = hWnd = 0x014201f6; ClassName:
x=0, y=0, width=0, height=0
9:16:22 = Process Attach
9:16:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:16:22 = * NULL == SampleProvider *

9:16:22 = ##### Begin waiting Mutex to release process #####

9:16:22 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:16:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:16:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:16:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:16:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:16:26 = s1.
9:16:26 = s2.
9:16:29 = Start show animate
9:16:29 = Shell Excutute VerifyHost
9:17:7 = begin close Process
9:17:7 = Terminate Process
9:17:8 = end close Process
9:17:8 = DLL_PROCESS_DETACH
2:45:58 = Process Attach
2:45:58 = end process attach
2:45:58 = ***** NULL == SampleProvider *****
2:45:58 = hWnd = 0x000204ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:45:58 = hWnd = 0x0004040e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:45:58 = hWnd = 0x002a0454; ClassName:
x=0, y=0, width=0, height=0
2:45:58 = hWnd = 0x000603fc; ClassName:
x=0, y=0, width=0, height=0
2:46:33 = Process Attach
2:46:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:46:33 = * NULL == SampleProvider *

2:46:33 = begin close Process
2:46:33 = end close Process
2:46:33 = ##### Get event and release process end #####
2:46:33 = hWnd = 0x013e00ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:46:33 = hWnd = 0x00ea00e0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:46:33 = hWnd = 0x0089003a; ClassName:
x=0, y=0, width=0, height=0
2:46:33 = hWnd = 0x00a801fe; ClassName:
x=0, y=0, width=0, height=0
3:0:5 = Process Attach
3:0:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:0:5 = * NULL == SampleProvider *

3:0:5 = ##### Begin waiting Mutex to release process #####
3:0:6 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:0:6 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
3:0:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
3:0:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
3:0:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:0:10 = s1.
3:0:10 = s2.
3:0:13
3:0:13
3:0:51
3:0:51
3:0:52
3:0:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:18:48 = Process Attach

3:18:48 = end process attach
3:18:48 = ##### Begin waiting Mutex to release process #####
3:18:48 = ***** NULL == SampleProvider *****
3:18:48 = hWnd = 0x000403fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:18:48 = hWnd = 0x0011042e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:18:48 = hWnd = 0x000903da; ClassName:
x=0, y=0, width=0, height=0
3:18:48 = hWnd = 0x000603e2; ClassName:
x=0, y=0, width=0, height=0
3:18:48 = Need to re-create objects.
3:18:48 = s1.
3:18:48 = s2.
3:18:48 = Start show animate
3:18:48 = Shell Excutute VerifyHost
3:21:5 = begin close Process
3:21:5 = Terminate Process
3:21:6 = end close Process
3:21:6 = DLL_PROCESS_DETACH
3:49:55 = Process Attach
3:49:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:49:55 = * NULL == SampleProvider *

3:49:55 = ##### Begin waiting Mutex to release process #####
3:49:55 = hWnd = 0x000d047a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:49:55 = hWnd = 0x000803e2; ClassName:
ow.
x=0, y=0, width=1, height=1
3:49:55 = hWnd = 0x00060414; ClassName:
x=0, y=0, width=0, height=0
3:49:55 = hWnd = 0x000603f2; ClassName:
x=0, y=0, width=0, height=0
3:49:58 = Process Attach
3:49:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:49:58 = ##### Get event and release process #####

3:49:58 = ***** NULL == SampleProvider *****
3:49:58 = end close Process
3:49:58 = ##### Get event and release process end #####
3:49:58 = hWnd = 0x000f00da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:49:58 = hWnd = 0x000700fc; ClassName:
ow.
x=0, y=0, width=1, height=1
3:49:58 = hWnd = 0x000701d8; ClassName:
x=0, y=0, width=0, height=0
3:49:58 = hWnd = 0x0002012c; ClassName:
x=0, y=0, width=0, height=0
9:7:16 = Process Attach
9:7:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:7:16 = * NULL == SampleProvider *

9:7:16 = ##### Begin waiting Mutex to release process #####
9:7:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:7:17 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:7:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:7:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:7:19 = Need to re-create objects.
9:7:19 = s1.
9:7:19 = s2.
9:7:23 = Start show animate
9:7:23 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:8:0
9:8:0
9:8:1
9:8:1

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

10:3:53 = Process Attach

10:3:53 = end process attach
10:3:53 = ***** NULL == SampleProvider *****
10:3:53 = hWnd = 0x00020458; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:3:53 = hWnd = 0x00070428; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:53 = hWnd = 0x00020454; ClassName:
x=0, y=0, width=0, height=0
10:3:53 = hWnd = 0x00040412; ClassName:
x=0, y=0, width=0, height=0
10:3:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:53 = s1.
10:3:53 = s2.
10:3:53 = Start show animate
10:3:53 = Shell Excutute VerifyHost
10:36:42 = begin close Process
10:36:42 = Terminate Process
10:36:43 = end close Process
10:36:43 = DLL_PROCESS_DETACH
11:29:22 = Process Attach
11:29:22 = end process attach
11:29:22 = ***** NULL == SampleProvider *****
11:29:22 = ##### Begin waiting Mutex to release process #####
11:29:37 = hWnd = 0x0004077e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:29:37 = hWnd = 0x001e03e4; ClassName:
dow.
x=0, y=0, width=1, height=1
11:29:37 = hWnd = 0x000d07de; ClassName:
x=0, y=0, width=0, height=0
11:29:37 = hWnd = 0x00030852; ClassName:
x=0, y=0, width=0, height=0
11:30:11 = begin close Process
11:30:11 = end close Process
11:30:11 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:33:40 = Process Attach

11:33:40 = end process attach
11:33:40 = ***** NULL == SampleProvider *****
11:33:40 = ##### Begin waiting Mutex to release process #####

11:33:40 = hWnd = 0x000607da; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:33:40 = hWnd = 0x000607d8; ClassName:
dow.
x=0, y=0, width=1, height=1
11:33:40 = hWnd = 0x000407d6; ClassName:
x=0, y=0, width=0, height=0
11:33:40 = hWnd = 0x000c07d4; ClassName:
x=0, y=0, width=0, height=0
11:33:56 = begin close Process
11:33:56 = end close Process
11:33:56 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:35:41 = Process Attach

11:35:41 = end process attach
11:35:41 = ***** NULL == SampleProvider *****
11:35:41 = ##### Begin waiting Mutex to release process #####
11:35:41 = hWnd = 0x001507e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:35:41 = hWnd = 0x00040442; ClassName:
dow.
x=0, y=0, width=1, height=1
11:35:41 = hWnd = 0x001e041c; ClassName:
x=0, y=0, width=0, height=0
11:35:41 = hWnd = 0x00170420; ClassName:
x=0, y=0, width=0, height=0
11:35:42 = begin close Process
11:35:42 = end close Process
11:35:42 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:36:2 = Process Attach

11:36:2 = end process attach
11:36:2 = ***** NULL == SampleProvider *****
11:36:2 = hWnd = 0x000907b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:36:2 = hWnd = 0x000204a6; ClassName:
ow.
x=0, y=0, width=1, height=1
11:36:2 = hWnd = 0x000204b6; ClassName:
x=0, y=0, width=0, height=0
11:36:2 = hWnd = 0x0009047c; ClassName:
x=0, y=0, width=0, height=0
11:37:43 = Process Attach
11:37:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:43 = ##### Get event and release process #####

11:37:43 = hWnd = 0x00410116; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:37:43 = ##### Get event and release process end #####

11:37:43 = hWnd = 0x00040038; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
11:37:43 = hWnd = 0x002e0122; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:42:4 = Process Attach
11:42:4 = end process attach
11:42:4 = ***** NULL == SampleProvider *****
11:42:4 = ##### Begin waiting Mutex to release process #####
11:42:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:42:5 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:42:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:42:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:42:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:42:8 = s1.
11:42:8 = s2.
11:42:12
11:42:12
11:42:50
11:42:50
11:42:51
11:42:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:45:48 = Process Attach

11:45:48 = end process attach
11:45:48 = ***** NULL == SampleProvider *****
11:45:48 = ##### Begin waiting Mutex to release process #####
11:45:48 = hWnd = 0x00010400; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:45:48 = hWnd = 0x0003037a; ClassName:
dow.
x=0, y=0, width=1, height=1
11:45:48 = hWnd = 0x00010406; ClassName:
x=0, y=0, width=0, height=0
11:45:48 = hWnd = 0x000303ba; ClassName:
x=0, y=0, width=0, height=0
11:45:48 = Need to re-create objects.
11:45:48 = s1.
11:45:48 = s2.
11:45:48 = Start show animate
11:45:48 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:39:43 = begin close Process

13:39:43 = end close Process
13:39:43 = DLL_PROCESS_DETACH
13:48:56 = Process Attach
13:48:56 = end process attach
13:48:56 = ***** NULL == SampleProvider *****
13:48:56 = ##### Begin waiting Mutex to release process #####
13:48:56 = hWnd = 0x0004040e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:48:56 = hWnd = 0x00040050; ClassName:
dow.
x=0, y=0, width=1, height=1
13:48:56 = hWnd = 0x00020428; ClassName:
x=0, y=0, width=0, height=0
13:48:56 = hWnd = 0x00050412; ClassName:
x=0, y=0, width=0, height=0
13:48:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:48:56 = s1.
13:48:56 = s2.
13:48:56
13:48:56
13:49:12
13:49:12
13:49:12

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
end close Process
DLL_PROCESS_DETACH

1:34:16 = Process Attach

1:34:16 = end process attach
1:34:16 = ##### Begin waiting Mutex to release process #####
1:34:16 = hWnd = 0x00050458; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:34:16 = hWnd = 0x00110466; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:16 = hWnd = 0x0004046c; ClassName:
x=0, y=0, width=0, height=0
1:34:16 = hWnd = 0x000f0456; ClassName:
x=0, y=0, width=0, height=0
1:34:52 = Process Attach
1:34:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:34:52 = ##### Get event and release process #####

1:34:52 = begin close Process
1:34:52 = end close Process
1:34:52 = ##### Get event and release process end #####
1:34:52 = hWnd = 0x00b30124; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:34:52 = hWnd = 0x016f01d6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:34:52 = hWnd = 0x000601e6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:34:52 = hWnd = 0x00a2011e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:37:8 = Process Attach
9:37:8 = end process attach
9:37:8 = ***** NULL == SampleProvider *****
9:37:8 = ##### Begin waiting Mutex to release process #####
9:37:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:37:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:37:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:37:13 = Need to re-create objects.
9:37:14 = s1.
9:37:14 = s2.
9:37:18
9:37:18
9:37:57
9:37:57
9:37:58
9:37:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:47:13 = Process Attach

15:47:13 = end process attach
15:47:13 = ***** NULL == SampleProvider *****
15:47:13 = hWnd = 0x000a050a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:47:13 = hWnd = 0x000404c6; ClassName:
dow.
x=0, y=0, width=1, height=1
15:47:13 = hWnd = 0x004204de; ClassName:
x=0, y=0, width=0, height=0
15:47:13 = hWnd = 0x001c1538; ClassName:
x=0, y=0, width=0, height=0
15:49:14 = Process Attach
15:49:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:49:14 = * NULL == SampleProvider *

15:49:14 = ##### Get event and release process #####
15:49:14
15:49:14
15:49:14
: Inicio

= begin close Process

= end close Process
= hWnd = 0x002000e0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
de sesin en Windows.

x=0, y=0, width=1024, height=768

15:49:14 = hWnd = 0x00c00054; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:49:14 = hWnd = 0x006e01f2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:49:14 = hWnd = 0x00b300e4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:49:14 = ##### Get event and release process end #####
17:50:27 = Process Attach
17:50:27 = end process attach
17:50:27 = ##### Begin waiting Mutex to release process #####
17:50:27 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:50:28 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:50:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:50:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:50:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:50:31 = s1.
17:50:31 = s2.
17:50:34
17:50:34
17:51:12
17:51:12
17:51:13
17:51:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:33:26 = Process Attach

20:33:26 = end process attach
20:33:27 = ##### Begin waiting Mutex to release process #####
20:33:27 = ***** NULL == SampleProvider *****
20:34:5 = hWnd = 0x001703ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:34:5 = hWnd = 0x00030048; ClassName:
ow.
x=0, y=0, width=1, height=1
20:34:5 = hWnd = 0x000f0586; ClassName:
x=0, y=0, width=0, height=0
20:34:5 = hWnd = 0x0010052c; ClassName:
x=0, y=0, width=0, height=0
20:34:58 = begin close Process
20:34:58 = end close Process
20:34:58 = DLL_PROCESS_DETACH
1:3:36 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:3:36 = end process attach

1:3:36 = ***** NULL == SampleProvider *****
1:3:36 = hWnd = 0x000d053c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:3:36 = hWnd = 0x001c04b2; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:36 = hWnd = 0x001b0476; ClassName:
x=0, y=0, width=0, height=0
1:3:36 = hWnd = 0x002304a8; ClassName:
x=0, y=0, width=0, height=0
1:4:23 = Process Attach
1:4:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:4:23 = * NULL == SampleProvider *

1:4:23 = begin close Process
1:4:23 = end close Process
1:4:23 = ##### Get event and release process end #####
1:4:23 = hWnd = 0x008a01f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:4:23 = hWnd = 0x002800b6; ClassName:
w.
x=0, y=0, width=1, height=1
1:4:23 = hWnd = 0x002500b2; ClassName:
x=0, y=0, width=0, height=0
1:4:23 = hWnd = 0x006300b4; ClassName:
x=0, y=0, width=0, height=0
8:7:5 = Process Attach
8:7:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:7:5 = * NULL == SampleProvider *

8:7:5 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:7:6 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
8:7:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:7:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:7:10 = Need to re-create objects.
8:7:10 = s1.
8:7:10 = s2.
8:7:14
8:7:14
8:7:52
8:7:52
8:7:53
8:7:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:40:11 = Process Attach

2:40:11 = end process attach
2:40:11 = ***** NULL == SampleProvider *****
2:40:11 = hWnd = 0x001204c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:40:11 = hWnd = 0x000a0648; ClassName:
ow.
x=0, y=0, width=1, height=1
2:40:11 = hWnd = 0x0006037e; ClassName:
x=0, y=0, width=0, height=0
2:40:11 = hWnd = 0x0020052c; ClassName:
x=0, y=0, width=0, height=0
2:40:43 = Process Attach
2:40:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:40:43 = ##### Get event and release process #####

2:40:43 = begin close Process
2:40:43 = end close Process
2:40:43 = ##### Get event and release process end #####
2:40:43 = hWnd = 0x01490096; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:40:43 = hWnd = 0x00e6004a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:40:43 = hWnd = 0x019400a8; ClassName:
x=0, y=0, width=0, height=0
2:40:43 = hWnd = 0x014b0058; ClassName:
x=0, y=0, width=0, height=0
10:11:13 = Process Attach
10:11:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:11:14 = * NULL == SampleProvider *

10:11:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:11:14 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:11:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:11:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:11:17 = Need to re-create objects.
10:11:18 = s1.
10:11:18 = s2.
10:11:20
10:11:20
10:11:57
10:11:57

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:11:58 = end close Process

10:11:58 = DLL_PROCESS_DETACH
20:18:41 = Process Attach
20:18:42 = end process attach
20:18:42 = ***** NULL == SampleProvider *****
20:18:42 = ##### Begin waiting Mutex to release process #####
20:19:25 = hWnd = 0x00aa0c7c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:19:25 = hWnd = 0x00711170; ClassName:
dow.
x=0, y=0, width=1, height=1
20:19:25 = hWnd = 0x00160c54; ClassName:
x=0, y=0, width=0, height=0
20:19:25 = hWnd = 0x008f0c88; ClassName:
x=0, y=0, width=0, height=0
20:19:46 = begin close Process
20:19:46 = end close Process
20:19:46 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:26:50 = Process Attach

1:26:50 = end process attach
1:26:50 = ***** NULL == SampleProvider *****
1:26:50 = hWnd = 0x000f026c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:26:50 = hWnd = 0x00a10b46; ClassName:
ow.
x=0, y=0, width=1, height=1
1:26:50 = hWnd = 0x00760bee; ClassName:
x=0, y=0, width=0, height=0
1:26:50 = hWnd = 0x006b0c2c; ClassName:
x=0, y=0, width=0, height=0
1:27:34 = Process Attach
1:27:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:27:34 = ##### Get event and release process #####

1:27:34 = ***** NULL == SampleProvider *****
1:27:34 = ##### Get event and release process end #####
1:27:34 = hWnd = 0x007d01d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:27:34 = hWnd = 0x009900ec; ClassName:
ow.
x=0, y=0, width=1, height=1
1:27:34 = hWnd = 0x004701e8; ClassName:
x=0, y=0, width=0, height=0
1:27:34 = hWnd = 0x00d601e2; ClassName:
x=0, y=0, width=0, height=0
9:11:18 = Process Attach
9:11:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:18 = * NULL == SampleProvider *

9:11:18 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:11:18 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:11:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:11:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:11:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:22 = s1.
9:11:22 = s2.
9:11:25 = Start show animate
9:11:25 = Shell Excutute VerifyHost
9:12:3 = begin close Process
9:12:3 = Terminate Process
9:12:4 = end close Process
9:12:4 = DLL_PROCESS_DETACH
1:1:12 = Process Attach
1:1:12 = end process attach
1:1:12 = ##### Begin waiting Mutex to release process #####
1:1:12 = hWnd = 0x006b03e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:12 = hWnd = 0x00040416; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:12 = hWnd = 0x0012068a; ClassName:
x=0, y=0, width=0, height=0
1:1:12 = hWnd = 0x00350596; ClassName:
x=0, y=0, width=0, height=0
1:1:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:12 = s1.
1:1:12 = s2.
1:1:18 = Start show animate
1:1:18 = Shell Excutute VerifyHost
1:18:48 = begin close Process
1:18:48 = Terminate Process
1:18:49 = end close Process
1:18:49 = DLL_PROCESS_DETACH
1:47:58 = Process Attach
1:47:58 = end process attach
1:47:58 = ***** NULL == SampleProvider *****
1:47:58 = hWnd = 0x00060430; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
1:47:58 = hWnd = 0x007403e4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:47:58 = hWnd = 0x00170562; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:47:58 = hWnd = 0x002b0658; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:48:34 = Process Attach
1:48:34 = ## ERR ## Setevent
1:48:34 = ***** NULL == SampleProvider *****
1:48:34 =
1:48:34 =
1:48:34 =
ow.
x=0, y=0,
1:48:34 =
x=0, y=0,
1:48:34 =
x=0, y=0,
18:46:6 =
18:46:6 =

begin close Process

end close Process
hWnd = 0x01ba00ec; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00b10058; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x004101ac; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

18:46:6 = * NULL == SampleProvider *

18:46:6 = ##### Begin waiting Mutex to release process #####
18:46:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:46:7 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
18:46:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:46:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:46:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:46:11 = s1.
18:46:11 = s2.
18:46:14
18:46:14
18:46:52
18:46:52
18:46:53
18:46:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:54:58 = Process Attach

18:54:58 = end process attach
18:54:58 = ***** NULL == SampleProvider *****
18:54:58 = ##### Begin waiting Mutex to release process #####

18:54:58 = hWnd = 0x00090514; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:54:58 = hWnd = 0x001404e0; ClassName:
dow.
x=0, y=0, width=1, height=1
18:54:58 = hWnd = 0x0003059a; ClassName:
x=0, y=0, width=0, height=0
18:54:58 = hWnd = 0x00030594; ClassName:
x=0, y=0, width=0, height=0
18:54:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:58 = s1.
18:54:58 = s2.
18:54:58
18:54:58
22:12:41
22:12:41
22:12:42
22:12:42

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:54:16 = Process Attach

2:54:16 = end process attach
2:54:16 = ***** NULL == SampleProvider *****
2:54:16 = ##### Begin waiting Mutex to release process #####
2:54:16 =
ow.
x=0, y=0,
2:54:16 =
x=0, y=0,
2:54:16 =
x=0, y=0,
2:54:47 =
2:54:47 =

hWnd = 0x00020430; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00020434; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00020436; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:54:47 = ##### Get event and release process #####

2:54:47 = begin close Process
2:54:47 = end close Process
2:54:47 = ##### Get event and release process end #####
2:54:47 = hWnd = 0x004800ec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:54:47 = hWnd = 0x003e01a0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:54:47 = hWnd = 0x006000ea; ClassName:
x=0, y=0, width=0, height=0
2:54:47 = hWnd = 0x007e01be; ClassName:
x=0, y=0, width=0, height=0
18:1:53 = Process Attach
18:1:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:1:54 = * NULL == SampleProvider *

18:1:55 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:1:55 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
18:1:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:1:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:1:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:1:58 = s1.
18:1:58 = s2.
18:2:1 = Start show animate
18:2:1 = Shell Excutute VerifyHost
18:2:40 = begin close Process
18:2:40 = Terminate Process
18:2:41 = end close Process
18:2:41 = DLL_PROCESS_DETACH
2:31:58 = Process Attach
2:31:58 = end process attach
2:31:58 = ***** NULL == SampleProvider *****
2:31:58 = hWnd = 0x00040462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:31:58 = hWnd = 0x00100474; ClassName:
ow.
x=0, y=0, width=1, height=1
2:31:58 = hWnd = 0x000500fa; ClassName:
x=0, y=0, width=0, height=0
2:31:58 = hWnd = 0x000404d0; ClassName:
x=0, y=0, width=0, height=0
2:32:21 = Process Attach
2:32:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:32:21 = * NULL == SampleProvider *

2:32:21 = begin close Process
2:32:21 = end close Process
2:32:21 = ##### Get event and release process end #####
2:32:21 = hWnd = 0x000501be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:32:21 = hWnd = 0x000d01a2; ClassName:
ow.
x=0, y=0, width=1, height=1
2:32:21 = hWnd = 0x000201bc; ClassName:
x=0, y=0, width=0, height=0
2:32:21 = hWnd = 0x001001a4; ClassName:
x=0, y=0, width=0, height=0
18:23:14 = Process Attach
18:23:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:23:14 = * NULL == SampleProvider *

18:23:14 = ##### Begin waiting Mutex to release process #####
18:23:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:23:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:23:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:23:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:23:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:23:18 = s1.
18:23:18 = s2.
18:23:21
18:23:21
18:23:58
18:23:58
18:23:59
18:23:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:13:32 = Process Attach

2:13:32 = end process attach
2:13:32 = ***** NULL == SampleProvider *****
2:13:32 = ##### Begin waiting Mutex to release process #####
2:13:32 = hWnd = 0x0007013c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:13:32 = hWnd = 0x00310894; ClassName:
ow.
x=0, y=0, width=1, height=1
2:13:32 = hWnd = 0x001a0714; ClassName:
x=0, y=0, width=0, height=0
2:13:32 = hWnd = 0x000603b4; ClassName:
x=0, y=0, width=0, height=0
2:13:33 = Need to re-create objects.
2:13:33 = s1.
2:13:33 = s2.
2:13:34
2:13:34
2:18:34
2:18:34
2:18:35
2:18:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:38:14 = Process Attach

2:38:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:38:14 = * NULL == SampleProvider *

2:38:14 = ##### Begin waiting Mutex to release process #####
2:38:14 = hWnd = 0x001a077a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:38:14 = hWnd = 0x00130526; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:14 = hWnd = 0x000c0602; ClassName:
x=0, y=0, width=0, height=0
2:38:14 = hWnd = 0x0019069e; ClassName:
x=0, y=0, width=0, height=0
2:38:38 = Process Attach
2:38:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:38:38 = ##### Get event and release process #####

2:38:38 = ***** NULL == SampleProvider *****
2:38:38 = ##### Get event and release process end #####
2:38:39 = hWnd = 0x005901ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:38:39 = hWnd = 0x006c014a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:39 = hWnd = 0x00a0004e; ClassName:
x=0, y=0, width=0, height=0
2:38:39 = hWnd = 0x0091005a; ClassName:
x=0, y=0, width=0, height=0
19:2:0 = Process Attach
19:2:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:2:0 = * NULL == SampleProvider *

19:2:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:2:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
19:2:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:2:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:2:3 = Need to re-create objects.
19:2:3 = s1.
19:2:3 = s2.
19:2:7 = Start show animate
19:2:7 = Shell Excutute VerifyHost
19:2:45 = begin close Process
19:2:45 = Terminate Process
19:2:47 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:2:47 = DLL_PROCESS_DETACH
3:8:45 = Process Attach
3:8:45 = end process attach
3:8:45 = ***** NULL == SampleProvider *****
3:8:45 = hWnd = 0x00110854; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:8:45 = hWnd = 0x00050828; ClassName:
w.
x=0, y=0, width=1, height=1
3:8:45 = hWnd = 0x000407f8; ClassName:
x=0, y=0, width=0, height=0
3:8:45 = hWnd = 0x0040067a; ClassName:
x=0, y=0, width=0, height=0
3:9:28 = Process Attach
3:9:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:9:28 = ##### Get event and release process #####

3:9:28 = ***** NULL == SampleProvider *****
3:9:28 = ##### Get event and release process end #####
3:9:28 = hWnd = 0x0041019e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:9:28 = hWnd = 0x011401e4; ClassName:
w.
x=0, y=0, width=1, height=1
3:9:28 = hWnd = 0x0166016c; ClassName:
x=0, y=0, width=0, height=0
3:9:28 = hWnd = 0x00a201e6; ClassName:
x=0, y=0, width=0, height=0
18:34:25 = Process Attach
18:34:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:34:25 = * NULL == SampleProvider *

18:34:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:34:25 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:34:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:34:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:34:29 = Need to re-create objects.
18:34:29 = s1.
18:34:29 = s2.
18:34:31 = Start show animate
18:34:31 = Shell Excutute VerifyHost
18:35:9 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:35:9 = Terminate Process

18:35:10 = end close Process
18:35:10 = DLL_PROCESS_DETACH
3:45:49 = Process Attach
3:45:49 = end process attach
3:45:49 = ***** NULL == SampleProvider *****
3:45:49 = hWnd = 0x00020462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:45:49 = hWnd = 0x00070430; ClassName:
ow.
x=0, y=0, width=1, height=1
3:45:49 = hWnd = 0x00020460; ClassName:
x=0, y=0, width=0, height=0
3:45:49 = hWnd = 0x00030458; ClassName:
x=0, y=0, width=0, height=0
3:46:21 = Process Attach
3:46:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:46:21 = * NULL == SampleProvider *

3:46:21 = begin close Process
3:46:21 = end close Process
3:46:21 = ##### Get event and release process end #####
3:46:21 = hWnd = 0x0095002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:46:21 = hWnd = 0x008e004c; ClassName:
ow.
x=0, y=0, width=1, height=1
3:46:21 = hWnd = 0x00f501f8; ClassName:
x=0, y=0, width=0, height=0
3:46:21 = hWnd = 0x008e0088; ClassName:
x=0, y=0, width=0, height=0
10:56:57 = Process Attach
10:56:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:56:57 = * NULL == SampleProvider *

10:56:57 = ##### Begin waiting Mutex to release process #####
10:56:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:56:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:56:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:56:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:57:1 = Need to re-create objects.
10:57:1 = s1.
10:57:1 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:57:5 = Start show animate

10:57:5 = Shell Excutute VerifyHost
10:57:44 = begin close Process
10:57:44 = Terminate Process
10:57:45 = end close Process
10:57:45 = DLL_PROCESS_DETACH
0:19:12 = Process Attach
0:19:13 = end process attach
0:19:13 = ##### Begin waiting Mutex to release process #####
0:19:13 = ***** NULL == SampleProvider *****
0:19:13 = hWnd = 0x0011054e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:19:13 = hWnd = 0x00180636; ClassName:
ow.
x=0, y=0, width=1, height=1
0:19:13 = hWnd = 0x00050442; ClassName:
x=0, y=0, width=0, height=0
0:19:13 = hWnd = 0x0006044e; ClassName:
x=0, y=0, width=0, height=0
0:19:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:19:16 = s1.
0:19:16 = s2.
0:19:17
0:19:17
0:23:29
0:23:29
0:23:30
0:23:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:40:59 = Process Attach

0:40:59 = end process attach
0:40:59 = ***** NULL == SampleProvider *****
0:40:59 = ##### Begin waiting Mutex to release process #####
0:40:59 = hWnd = 0x00130616; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:40:59 = hWnd = 0x0009042c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:40:59 = hWnd = 0x00050750; ClassName:
x=0, y=0, width=0, height=0
0:40:59 = hWnd = 0x0020059a; ClassName:
x=0, y=0, width=0, height=0
0:40:59 = Need to re-create objects.
0:40:59 = s1.
0:40:59 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:40:59
0:40:59
0:43:19
0:43:19
0:43:20
0:43:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:1:24 = Process Attach

1:1:24 = end process attach
1:1:24 = ***** NULL == SampleProvider *****
1:1:24 = ##### Begin waiting Mutex to release process #####
1:1:24 = hWnd = 0x0007094c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:24 = hWnd = 0x00160798; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:24 = hWnd = 0x004403e2; ClassName:
x=0, y=0, width=0, height=0
1:1:24 = hWnd = 0x00360828; ClassName:
x=0, y=0, width=0, height=0
1:1:52 = Process Attach
1:1:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:52 = * NULL == SampleProvider *

1:1:52 = begin close Process
1:1:52 = end close Process
1:1:52 = ##### Get event and release process end #####
1:1:52 = hWnd = 0x0200011c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:52 = hWnd = 0x01260112; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:52 = hWnd = 0x00390070; ClassName:
x=0, y=0, width=0, height=0
1:1:52 = hWnd = 0x006a018c; ClassName:
x=0, y=0, width=0, height=0
11:46:46 = Process Attach
11:46:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:46:46 = * NULL == SampleProvider *

11:46:46 = ##### Begin waiting Mutex to release process #####
11:46:46 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:46:47 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:46:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:46:47 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

11:46:52 = Need to re-create objects.
11:46:52 = s1.
11:46:52 = s2.
11:46:56
11:46:56
11:47:34
11:47:34
11:47:35
11:47:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:51:38 = Process Attach

0:51:38 = end process attach
0:51:38 = ***** NULL == SampleProvider *****
0:51:38 = hWnd = 0x000b04b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:51:38 = hWnd = 0x0010050e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:38 = hWnd = 0x0006054a; ClassName:
x=0, y=0, width=0, height=0
0:51:38 = hWnd = 0x000f04c6; ClassName:
x=0, y=0, width=0, height=0
0:52:17 = Process Attach
0:52:17 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:17 = * NULL == SampleProvider *

0:52:17 = begin close Process
0:52:17 = end close Process
0:52:17 = ##### Get event and release process end #####
0:52:17 = hWnd = 0x018e01ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:52:17 = hWnd = 0x01c3014c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:52:17 = hWnd = 0x02030058; ClassName:
x=0, y=0, width=0, height=0
0:52:17 = hWnd = 0x01380080; ClassName:
x=0, y=0, width=0, height=0
10:5:27 = Process Attach
10:5:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:5:27 = * NULL == SampleProvider *

10:5:27 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:5:28 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:5:28 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
10:5:28 =
x=0, y=0,
10:5:34 =

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

10:5:34 = s1.
10:5:34 = s2.
10:5:36
10:5:36
10:6:14
10:6:14
10:6:15
10:6:15

0:4:59 = hWnd = 0x001404a6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:4:59 = hWnd = 0x001408aa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:5:34 = Process Attach
0:5:34 = ## ERR ## Setevent
0:5:34 = ##### Get event and release process #####
0:5:34 = ***** NULL == SampleProvider *****
0:5:34 = ##### Get event and release process end #####
0:5:34 = hWnd = 0x002901fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:5:34 = hWnd = 0x00e30056; ClassName:
w.
x=0, y=0, width=1, height=1
0:5:34 = hWnd = 0x005d00c2; ClassName:
x=0, y=0, width=0, height=0
0:5:34 = hWnd = 0x00f6002c; ClassName:
x=0, y=0, width=0, height=0
10:0:25 = Process Attach
10:0:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:0:25 = * NULL == SampleProvider *

10:0:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:0:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:0:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:0:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:0:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:0:31 = s1.
10:0:31 = s2.
10:0:34
10:0:34
10:1:13
10:1:13
10:1:14
10:1:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:58:36 = Process Attach

0:58:36 = end process attach
0:58:36 = ***** NULL == SampleProvider *****
0:58:36 = ##### Begin waiting Mutex to release process #####
0:58:36 = hWnd = 0x00100502; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
0:58:36 =
x=0, y=0,
0:58:36 =
x=0, y=0,
0:59:21 =
0:59:21 =

width=1, height=1
hWnd = 0x0002076c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000a0422; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:59:21 = ##### Get event and release process #####

0:59:21 = ***** NULL == SampleProvider *****
0:59:21 = end close Process
0:59:21 = ##### Get event and release process end #####
0:59:21 = hWnd = 0x00b30056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:59:21 = hWnd = 0x018501aa; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:21 = hWnd = 0x01320058; ClassName:
x=0, y=0, width=0, height=0
0:59:21 = hWnd = 0x007e002a; ClassName:
x=0, y=0, width=0, height=0
11:25:29 = Process Attach
11:25:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:25:29 = * NULL == SampleProvider *

11:25:29 = ##### Begin waiting Mutex to release process #####
11:25:29 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:25:29 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:25:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:25:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:25:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:25:33 = s1.
11:25:33 = s2.
11:25:36
11:25:36
11:26:13
11:26:13
11:26:14
11:26:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:23:5 = Process Attach

2:23:5 = end process attach
2:23:5 = ***** NULL == SampleProvider *****

2:23:5 = hWnd = 0x000403f8; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:23:5 = hWnd = 0x000503e4; ClassName:
w.
x=0, y=0, width=1, height=1
2:23:5 = hWnd = 0x0007026e; ClassName:
x=0, y=0, width=0, height=0
2:23:5 = hWnd = 0x000503ec; ClassName:
x=0, y=0, width=0, height=0
2:23:41 = Process Attach
2:23:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:23:41 = ##### Get event and release process #####

2:23:41 = begin close Process
2:23:41 = end close Process
2:23:41 = ##### Get event and release process end #####
2:23:41 = hWnd = 0x015201ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:23:41 = hWnd = 0x00e40056; ClassName:
ow.
x=0, y=0, width=1, height=1
2:23:41 = hWnd = 0x00a70196; ClassName:
x=0, y=0, width=0, height=0
2:23:41 = hWnd = 0x00e900ea; ClassName:
x=0, y=0, width=0, height=0
8:36:52 = Process Attach
8:36:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:36:52 = * NULL == SampleProvider *

8:36:53 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:36:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:36:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:36:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:36:58 = Need to re-create objects.
8:36:58 = s1.
8:36:58 = s2.
8:37:2 = Start show animate
8:37:2 = Shell Excutute VerifyHost
8:37:40 = begin close Process
8:37:40 = Terminate Process
8:37:41 = end close Process
8:37:41 = DLL_PROCESS_DETACH
23:33:38 = Process Attach
23:33:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:33:38 = * NULL == SampleProvider *

23:33:38 = hWnd = 0x005b045e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:33:38 = hWnd = 0x00100804; ClassName:
dow.
x=0, y=0, width=1, height=1
23:33:38 = hWnd = 0x000e0826; ClassName:
x=0, y=0, width=0, height=0
23:33:38 = hWnd = 0x000c078c; ClassName:
x=0, y=0, width=0, height=0
23:34:12 = Process Attach
23:34:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:34:12 = ##### Get event and release process #####

23:34:12 = begin close Process
23:34:12 = ***** NULL == SampleProvider *****
23:34:12 = hWnd = 0x0031003a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:34:12 = hWnd = 0x01510056; ClassName:
dow.
x=0, y=0, width=1, height=1
23:34:12 = hWnd = 0x01cf002e; ClassName:
x=0, y=0, width=0, height=0
23:34:12 = hWnd = 0x006d007e; ClassName:
x=0, y=0, width=0, height=0
8:59:45 = Process Attach
8:59:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:59:45 = * NULL == SampleProvider *

8:59:45 = ##### Begin waiting Mutex to release process #####
8:59:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:59:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:59:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:59:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:59:49 = Need to re-create objects.
8:59:49 = s1.
8:59:49 = s2.
8:59:53 = Start show animate
8:59:53 = Shell Excutute VerifyHost
9:0:30 = begin close Process
9:0:30 = Terminate Process
9:0:31 = end close Process
9:0:31 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:34:45 = Process Attach

16:34:45 = end process attach
16:34:45 = ***** NULL == SampleProvider *****
16:34:45 = hWnd = 0x00070b9c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:34:45 = hWnd = 0x000d04e4; ClassName:
dow.
x=0, y=0, width=1, height=1
16:34:45 = hWnd = 0x00071278; ClassName:
x=0, y=0, width=0, height=0
16:34:45 = hWnd = 0x00040b58; ClassName:
x=0, y=0, width=0, height=0
16:35:14 = Process Attach
16:35:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:35:14 = * NULL == SampleProvider *

16:35:14 = begin close Process
16:35:14 = end close Process
16:35:14 = ##### Get event and release process end #####
16:35:14 = hWnd = 0x00a4019c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:35:14 = hWnd = 0x0048004a; ClassName:
dow.
x=0, y=0, width=1, height=1
16:35:14 = hWnd = 0x002801f8; ClassName:
x=0, y=0, width=0, height=0
16:35:14 = hWnd = 0x00c4006a; ClassName:
x=0, y=0, width=0, height=0
16:39:14 = Process Attach
16:39:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:39:14 = * NULL == SampleProvider *

16:39:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:39:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:39:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:39:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:39:18 = Need to re-create objects.
16:39:19 = s1.
16:39:19 = s2.
16:39:22 = Start show animate
16:39:22 = Shell Excutute VerifyHost
16:40:0 = begin close Process
16:40:0 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:40:1 = end close Process

16:40:1 = DLL_PROCESS_DETACH
4:24:40 = Process Attach
4:24:40 = end process attach
4:24:40 = ***** NULL == SampleProvider *****
4:24:40 = ##### Begin waiting Mutex to release process #####
4:24:40 =
ow.
x=0, y=0,
4:24:40 =
x=0, y=0,
4:24:40 =
x=0, y=0,
4:25:16 =
4:25:16 =

hWnd = 0x0016084a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000f0f8a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001607f0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

4:25:16 = ##### Get event and release process #####

4:25:16 = ***** NULL == SampleProvider *****
4:25:16 = end close Process
4:25:16 = ##### Get event and release process end #####
4:25:16 = hWnd = 0x01540142; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:25:16 = hWnd = 0x01080052; ClassName:
ow.
x=0, y=0, width=1, height=1
4:25:16 = hWnd = 0x004201d4; ClassName:
x=0, y=0, width=0, height=0
4:25:16 = hWnd = 0x00e501da; ClassName:
x=0, y=0, width=0, height=0
10:18:31 = Process Attach
10:18:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:18:32 = * NULL == SampleProvider *

10:18:32 = ##### Begin waiting Mutex to release process #####
10:18:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:18:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:18:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:18:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:18:35 = Need to re-create objects.
10:18:35 = s1.
10:18:35 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:18:39
10:18:39
10:19:17
10:19:17
10:19:18
10:19:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:11:40 = Process Attach

2:11:40 = end process attach
2:11:40 = ***** NULL == SampleProvider *****
2:11:40 = hWnd = 0x000204c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:11:40 = hWnd = 0x002a0446; ClassName:
ow.
x=0, y=0, width=1, height=1
2:11:40 = hWnd = 0x000204be; ClassName:
x=0, y=0, width=0, height=0
2:11:40 = hWnd = 0x000f0486; ClassName:
x=0, y=0, width=0, height=0
2:12:28 = Process Attach
2:12:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:12:28 = ##### Get event and release process #####

2:12:28 = begin close Process
2:12:28 = end close Process
2:12:28 = ##### Get event and release process end #####
2:12:28 = ***** NULL == SampleProvider *****
2:12:28 = hWnd = 0x014201e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:12:28 = hWnd = 0x013001da; ClassName:
ow.
x=0, y=0, width=1, height=1
2:12:28 = hWnd = 0x012901e6; ClassName:
x=0, y=0, width=0, height=0
2:12:28 = hWnd = 0x012b002c; ClassName:
x=0, y=0, width=0, height=0
9:24:21 = Process Attach
9:24:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:21 = * NULL == SampleProvider *

9:24:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:24:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:24:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:24:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:26 = s1.
9:24:26 = s2.
9:24:31 = Start show animate
9:24:31 = Shell Excutute VerifyHost
9:25:9 = begin close Process
9:25:9 = Terminate Process
9:25:10 = end close Process
9:25:10 = DLL_PROCESS_DETACH
1:31:59 = Process Attach
1:31:59 = end process attach
1:31:59 = ***** NULL == SampleProvider *****
1:31:59 = hWnd = 0x00050662; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:31:59 = hWnd = 0x0002066a; ClassName:
ow.
x=0, y=0, width=1, height=1
1:31:59 = hWnd = 0x0028083a; ClassName:
x=0, y=0, width=0, height=0
1:31:59 = hWnd = 0x00020668; ClassName:
x=0, y=0, width=0, height=0
1:32:40 = Process Attach
1:32:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:32:40 = ##### Get event and release process #####

1:32:40 = begin close Process
1:32:40 = end close Process
1:32:40 = ##### Get event and release process end #####
1:32:40 = hWnd = 0x004801e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:32:40 = hWnd = 0x01db004c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:32:40 = hWnd = 0x011301aa; ClassName:
x=0, y=0, width=0, height=0
1:32:40 = hWnd = 0x013b0152; ClassName:
x=0, y=0, width=0, height=0
9:53:42 = Process Attach
9:53:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:43 = ##### Begin waiting Mutex to release process #####

9:53:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:53:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:53:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:53:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:46 = Need to re-create objects.

9:53:46 = s1.
9:53:46 = s2.
9:53:49
9:53:49
9:54:26
9:54:26
9:54:27
9:54:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:5:55 = Process Attach

2:5:55 = end process attach
2:5:55 = ***** NULL == SampleProvider *****
2:5:55 = ##### Begin waiting Mutex to release process #####
2:5:55 = hWnd = 0x000906cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:5:55 = hWnd = 0x000706c6; ClassName:
w.
x=0, y=0, width=1, height=1
2:5:55 = hWnd = 0x000d06da; ClassName:
x=0, y=0, width=0, height=0
2:5:55 = hWnd = 0x002205d0; ClassName:
x=0, y=0, width=0, height=0
2:6:20 = Process Attach
2:6:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:6:20 = ##### Get event and release process #####

2:6:20 = begin close Process
2:6:20 = end close Process
2:6:20 = ##### Get event and release process end #####
2:6:20 = hWnd = 0x01d400a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:6:20 = hWnd = 0x013601ee; ClassName:
w.
x=0, y=0, width=1, height=1
2:6:20 = hWnd = 0x011f0084; ClassName:
x=0, y=0, width=0, height=0
2:6:20 = hWnd = 0x007e0056; ClassName:
x=0, y=0, width=0, height=0
11:38:39 = Process Attach
11:38:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:38:39 = ##### Begin waiting Mutex to release process #####

11:38:39 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:38:40 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

11:38:40 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
11:38:40 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:38:43 = Need to re-create objects.
11:38:43 = s1.
11:38:43 = s2.
11:38:46
11:38:46
11:39:23
11:39:23
11:39:24
11:39:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:45:20 = Process Attach

0:45:20 = end process attach
0:45:20 = ***** NULL == SampleProvider *****
0:45:20 = hWnd = 0x000b04c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:45:20 = hWnd = 0x000d0410; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:20 = hWnd = 0x000704f6; ClassName:
x=0, y=0, width=0, height=0
0:45:20 = hWnd = 0x0005058a; ClassName:
x=0, y=0, width=0, height=0
0:46:2 = Process Attach
0:46:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:46:2 = ##### Get event and release process #####

0:46:2 = begin close Process
0:46:2 = ***** NULL == SampleProvider *****
0:46:2 = hWnd = 0x018501fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:46:2 = hWnd = 0x0079016c; ClassName:
w.
x=0, y=0, width=1, height=1
0:46:2 = hWnd = 0x00630140; ClassName:
x=0, y=0, width=0, height=0
0:46:2 = hWnd = 0x00d3004c; ClassName:
x=0, y=0, width=0, height=0
9:40:3 = Process Attach
9:40:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:3 = * NULL == SampleProvider *

9:40:3 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:40:4 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

9:40:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:40:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:40:10 = Need to re-create objects.
9:40:10 = s1.
9:40:10 = s2.
9:40:14
9:40:14
9:40:51
9:40:51
9:40:52
9:40:52

=
=
=
=
=
=

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:11:20 = * NULL == SampleProvider *

10:11:20 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:11:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:11:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:11:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:11:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:11:25 = s1.
10:11:25 = s2.
10:11:28 = Start show animate
10:11:28 = Shell Excutute VerifyHost
10:12:6 = begin close Process
10:12:6 = Terminate Process
10:12:7 = end close Process
10:12:7 = DLL_PROCESS_DETACH
1:5:12 = Process Attach
1:5:12 = end process attach
1:5:12 = ***** NULL == SampleProvider *****

1:5:12 = hWnd = 0x000506d0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:5:12 = ##### Begin waiting Mutex to release process #####
1:5:12 = hWnd = 0x000e0434; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:5:12 = hWnd = 0x000806dc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:5:12 = hWnd = 0x0009044c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:5:57 = Process Attach
1:5:57 = ## ERR ## Setevent
1:5:57 = ***** NULL == SampleProvider *****
1:5:57 = begin close Process
1:5:57 = end close Process
1:5:57 = ##### Get event and release process end #####
1:5:57 = hWnd = 0x027e0036; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:5:57 = hWnd = 0x000300ce; ClassName:
w.
x=0, y=0, width=1, height=1
1:5:57 = hWnd = 0x00e201fc; ClassName:
x=0, y=0, width=0, height=0
1:5:57 = hWnd = 0x000300d0; ClassName:
x=0, y=0, width=0, height=0
1:9:15 = Process Attach
1:9:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:9:15 = * NULL == SampleProvider *

1:9:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:9:16 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
1:9:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:9:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:9:18 = Need to re-create objects.
1:9:18 = s1.
1:9:18 = s2.
1:9:21
1:9:21
1:9:58
1:9:58
1:9:59
1:9:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:27 = Process Attach

1:33:27 = end process attach
1:33:27 = ***** NULL == SampleProvider *****
1:33:27 = ##### Begin waiting Mutex to release process #####
1:33:27 = hWnd = 0x000405fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:33:27 = hWnd = 0x00030460; ClassName:
ow.
x=0, y=0, width=1, height=1
1:33:27 = hWnd = 0x00030600; ClassName:
x=0, y=0, width=0, height=0
1:33:27 = hWnd = 0x0002043e; ClassName:
x=0, y=0, width=0, height=0
1:33:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:33:27 = s1.
1:33:27 = s2.
1:33:27
1:33:27
1:34:22
1:34:22
1:34:23
1:34:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:51:40 = Process Attach

1:51:40 = end process attach
1:51:40 = ***** NULL == SampleProvider *****
1:51:40 = ##### Begin waiting Mutex to release process #####
1:51:40 = hWnd = 0x000704d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:51:40 = hWnd = 0x0002064c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:51:40 = hWnd = 0x000406a2; ClassName:
x=0, y=0, width=0, height=0
1:51:40 = hWnd = 0x00030424; ClassName:
x=0, y=0, width=0, height=0
1:51:45 = Process Attach
1:51:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:51:45 = ##### Get event and release process #####

1:51:45 = begin close Process
1:51:45 = end close Process
1:51:45 = ##### Get event and release process end #####
1:51:45 = hWnd = 0x000601ae; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:51:45 = hWnd = 0x000301e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0, width=1, height=1
1:51:45 = hWnd = 0x0006004e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:51:45 = hWnd = 0x000701ba; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:58:7 = Process Attach
7:58:7 = end process attach
7:58:7 = ***** NULL == SampleProvider *****
7:58:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:58:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:58:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:58:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:58:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:58:12 = s1.
7:58:12 = s2.
7:58:15
7:58:15
7:58:53
7:58:53
7:58:54
7:58:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:40:0 = Process Attach

8:40:0 = end process attach
8:40:0 = ***** NULL == SampleProvider *****
8:40:0 = hWnd = 0x00020314; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:40:0 = hWnd = 0x00020310; ClassName:
w.
x=0, y=0, width=1, height=1
8:40:0 = hWnd = 0x00030434; ClassName:
x=0, y=0, width=0, height=0
8:40:0 = hWnd = 0x00020312; ClassName:
x=0, y=0, width=0, height=0
8:40:1 = Need to re-create objects.
8:40:1 = s1.
8:40:1 = s2.
8:40:2 = Start show animate
8:40:2 = Shell Excutute VerifyHost
8:40:30 = begin close Process
8:40:30 = Terminate Process
8:40:31 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:31 = DLL_PROCESS_DETACH
23:53:49 = Process Attach
23:53:49 = end process attach
23:53:49 = ***** NULL == SampleProvider *****
23:53:49 = hWnd = 0x001004a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:53:49 = hWnd = 0x00090498; ClassName:
dow.
x=0, y=0, width=1, height=1
23:53:49 = hWnd = 0x00100424; ClassName:
x=0, y=0, width=0, height=0
23:53:49 = hWnd = 0x0022091e; ClassName:
x=0, y=0, width=0, height=0
23:54:50 = Process Attach
23:54:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:54:50 = ##### Get event and release process #####

23:54:50 = begin close Process
23:54:50 = end close Process
23:54:50 = ##### Get event and release process end #####
23:54:50 = hWnd = 0x0007004c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:54:50 = hWnd = 0x000200aa; ClassName:
dow.
x=0, y=0, width=1, height=1
23:54:50 = hWnd = 0x00e201dc; ClassName:
x=0, y=0, width=0, height=0
23:54:50 = hWnd = 0x000a0070; ClassName:
x=0, y=0, width=0, height=0
10:57:14 = Process Attach
10:57:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:57:14 = * NULL == SampleProvider *

10:57:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:57:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:57:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:57:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:57:18 = Need to re-create objects.
10:57:18 = s1.
10:57:18 = s2.
10:57:21 = Start show animate
10:57:21 = Shell Excutute VerifyHost
10:57:56 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:57:56 = Terminate Process

10:57:57 = end close Process
10:57:57 = DLL_PROCESS_DETACH
0:45:55 = Process Attach
0:45:55 = end process attach
0:45:55 = ***** NULL == SampleProvider *****
0:45:55 = hWnd = 0x0064074e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:45:55 = hWnd = 0x001306a6; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:55 = hWnd = 0x00060686; ClassName:
x=0, y=0, width=0, height=0
0:45:55 = hWnd = 0x001f0798; ClassName:
x=0, y=0, width=0, height=0
0:46:38 = Process Attach
0:46:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:46:38 = * NULL == SampleProvider *

0:46:38 = begin close Process
0:46:38 = end close Process
0:46:38 = ##### Get event and release process end #####
0:46:38 = hWnd = 0x01a101dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:46:38 = hWnd = 0x000300d0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:46:38 = hWnd = 0x002c002c; ClassName:
x=0, y=0, width=0, height=0
0:46:38 = hWnd = 0x000300d2; ClassName:
x=0, y=0, width=0, height=0
11:1:27 = Process Attach
11:1:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:1:28 = * NULL == SampleProvider *

11:1:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:1:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:1:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:1:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:1:31 = Need to re-create objects.
11:1:31 = s1.
11:1:31 = s2.
11:1:35 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:1:35
11:2:13
11:2:13
11:2:14
11:2:14

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:37:58 = Process Attach

1:37:58 = end process attach
1:37:58 = ***** NULL == SampleProvider *****
1:37:58 = hWnd = 0x00040908; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:37:58 = hWnd = 0x001107ac; ClassName:
ow.
x=0, y=0, width=1, height=1
1:37:58 = hWnd = 0x001906b4; ClassName:
x=0, y=0, width=0, height=0
1:37:58 = hWnd = 0x001a0854; ClassName:
x=0, y=0, width=0, height=0
1:38:40 = Process Attach
1:38:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:38:40 = * NULL == SampleProvider *

1:38:40 = begin close Process
1:38:40 = end close Process
1:38:40 = ##### Get event and release process end #####
1:38:40 = hWnd = 0x003301e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:38:40 = hWnd = 0x000300b2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:38:40 = hWnd = 0x004a01c0; ClassName:
x=0, y=0, width=0, height=0
1:38:40 = hWnd = 0x000300b4; ClassName:
x=0, y=0, width=0, height=0
9:53:53 = Process Attach
9:53:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:53 = * NULL == SampleProvider *

9:53:53 = ##### Begin waiting Mutex to release process #####
9:53:54 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:53:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:53:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:53:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:53:57 = Need to re-create objects.
9:53:57 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:57 = s2.
9:54:2 = Start show animate
9:54:2 = Shell Excutute VerifyHost
9:54:40 = begin close Process
9:54:40 = Terminate Process
9:54:41 = end close Process
9:54:41 = DLL_PROCESS_DETACH
1:7:1 = Process Attach
1:7:1 = end process attach
1:7:1 = ***** NULL == SampleProvider *****
1:7:1 = hWnd = 0x008c04ea; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:7:1 = hWnd = 0x00130770; ClassName:
.
x=0, y=0, width=1, height=1
1:7:1 = hWnd = 0x000b074e; ClassName:
x=0, y=0, width=0, height=0
1:7:1 = hWnd = 0x000e0752; ClassName:
x=0, y=0, width=0, height=0
1:7:55 = Process Attach
1:7:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:7:55 = ##### Get event and release process #####

1:7:55 = begin close Process
1:7:55 = end close Process
1:7:55 = ##### Get event and release process end #####
1:7:55 = hWnd = 0x014001ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:7:55 = hWnd = 0x000300c6; ClassName:
w.
x=0, y=0, width=1, height=1
1:7:55 = hWnd = 0x0109010a; ClassName:
x=0, y=0, width=0, height=0
1:7:55 = hWnd = 0x000300c8; ClassName:
x=0, y=0, width=0, height=0
10:22:44 = Process Attach
10:22:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:22:44 = * NULL == SampleProvider *

10:22:44 = ##### Begin waiting Mutex to release process #####
10:22:44 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:22:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:22:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:22:45 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

10:22:48 = Need to re-create objects.
10:22:48 = s1.
10:22:48 = s2.
10:22:50
10:22:50
10:23:27
10:23:27
10:23:28
10:23:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:59:56 = Process Attach

1:59:56 = end process attach
1:59:56 = ##### Begin waiting Mutex to release process #####
1:59:56 = hWnd = 0x000b04e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:59:56 = hWnd = 0x00080524; ClassName:
ow.
x=0, y=0, width=1, height=1
1:59:56 = hWnd = 0x000804be; ClassName:
x=0, y=0, width=0, height=0
1:59:56 = hWnd = 0x000c0558; ClassName:
x=0, y=0, width=0, height=0
2:0:41 = Process Attach
2:0:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:0:41 = * NULL == SampleProvider *

2:0:41 = begin close Process
2:0:41 = end close Process
2:0:41 = ##### Get event and release process end #####
2:0:41 = hWnd = 0x009501f4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:0:41 = hWnd = 0x000300d6; ClassName:
w.
x=0, y=0, width=1, height=1
2:0:41 = hWnd = 0x012a01bc; ClassName:
x=0, y=0, width=0, height=0
2:0:41 = hWnd = 0x000300d8; ClassName:
x=0, y=0, width=0, height=0
9:25:42 = Process Attach
9:25:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:42 = * NULL == SampleProvider *

9:25:43 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:25:43 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:25:44 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
9:25:44 =
x=0, y=0,
9:25:46 =

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

9:25:46 = s1.
9:25:46 = s2.
9:25:50
9:25:50
9:26:27
9:26:27
9:26:29
9:26:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:56:51 = Process Attach

23:56:51 = end process attach
23:56:51 = ***** NULL == SampleProvider *****
23:56:51 = hWnd = 0x00060524; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:56:51 = hWnd = 0x0007050e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:56:51 = hWnd = 0x001e08aa; ClassName:
x=0, y=0, width=0, height=0
23:56:51 = hWnd = 0x0005051e; ClassName:
x=0, y=0, width=0, height=0
23:57:39 = Process Attach
23:57:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:57:39 = ##### Get event and release process #####

23:57:39 = begin close Process
23:57:39 = end close Process
23:57:39 = ##### Get event and release process end #####
23:57:39 = hWnd = 0x01740056; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:57:39 = hWnd = 0x0003019e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:57:39 = hWnd = 0x0071007e; ClassName:
x=0, y=0, width=0, height=0
23:57:39 = hWnd = 0x000300ae; ClassName:
x=0, y=0, width=0, height=0
9:2:36 = Process Attach
9:2:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:2:36 = * NULL == SampleProvider *

9:2:36 = ##### Begin waiting Mutex to release process #####
9:2:36 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

9:2:36 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:2:37 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:2:37 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:2:39 = Need to re-create objects.
9:2:39 = s1.
9:2:39 = s2.
9:2:42
9:2:42
9:3:20
9:3:20
9:3:21
9:3:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:3:12 = Process Attach

1:3:12 = end process attach
1:3:12 = ***** NULL == SampleProvider *****
1:3:12 = ##### Begin waiting Mutex to release process #####
1:3:12 = hWnd = 0x001f097e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:3:12 = hWnd = 0x001b0800; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:3:12 = hWnd = 0x00060708; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:4:51 = Need to re-create objects.
1:4:51 = s1.
1:4:51 = s2.
1:4:53
1:4:53
1:10:8
1:10:8
1:10:9
1:10:9

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:45:6 = Process Attach

1:45:6 = end process attach
1:45:6 = ***** NULL == SampleProvider *****
1:45:6 = ##### Begin waiting Mutex to release process #####
1:45:6 = hWnd = 0x002507d2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:45:6 = hWnd = 0x000b06f4; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

1:45:6 = hWnd = 0x000706dc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
1:45:6 = hWnd = 0x00440616; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:45:27 = Process Attach
1:45:27 = ## ERR ## Setevent
1:45:27 = ***** NULL == SampleProvider *****
1:45:27 = end close Process
1:45:27 = ##### Get event and release process end #####
1:45:27 = hWnd = 0x009501be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:45:27 = hWnd = 0x000401ba; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:27 = hWnd = 0x000301b8; ClassName:
x=0, y=0, width=0, height=0
1:45:27 = hWnd = 0x000601b4; ClassName:
x=0, y=0, width=0, height=0
10:25:38 = Process Attach
10:25:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:38 = * NULL == SampleProvider *

10:25:38 = ##### Begin waiting Mutex to release process #####
10:25:38 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:25:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:25:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:25:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:25:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:41 = s1.
10:25:41 = s2.
10:25:43
10:25:43
10:26:21
10:26:21
10:26:22
10:26:22

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:31:55 = Process Attach

1:31:55 = end process attach
1:31:55 = ##### Begin waiting Mutex to release process #####
1:31:55 = hWnd = 0x00090574; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
1:31:55 = hWnd = 0x0003059c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:31:55 = hWnd = 0x007c04f2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:31:55 = hWnd = 0x00040578; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:32:44 = Process Attach
1:32:44 = ## ERR ## Setevent
1:32:44 = ***** NULL == SampleProvider *****
1:32:44 = begin close Process
1:32:44 = end close Process
1:32:44 = ##### Get event and release process end #####
1:32:44 = hWnd = 0x00630054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:32:44 = hWnd = 0x000300d8; ClassName:
ow.
x=0, y=0, width=1, height=1
1:32:44 = hWnd = 0x014600e8; ClassName:
x=0, y=0, width=0, height=0
1:32:44 = hWnd = 0x000300da; ClassName:
x=0, y=0, width=0, height=0
10:2:26 = Process Attach
10:2:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:2:26 = * NULL == SampleProvider *

10:2:26 = ##### Begin waiting Mutex to release process #####
10:2:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:2:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:2:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:2:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:2:31 = Need to re-create objects.
10:2:31 = s1.
10:2:31 = s2.
10:2:34
10:2:34
10:3:11
10:3:11
10:3:12
10:3:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:35:5 = Process Attach

1:35:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:5 = * NULL == SampleProvider *

1:35:5 = ##### Begin waiting Mutex to release process #####
1:35:5 = hWnd = 0x00110612; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:35:5 = hWnd = 0x000b066a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:35:5 = hWnd = 0x000b0668; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:35:36 = Process Attach
1:35:36 = ## ERR ## Setevent
1:35:36 = ##### Get event and release process #####
1:35:36 = ***** NULL == SampleProvider *****
1:35:36 = end close Process
1:35:36 = ##### Get event and release process end #####
1:35:36 = hWnd = 0x01a4011c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:35:36 = hWnd = 0x000300b2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:36 = hWnd = 0x012800ca; ClassName:
x=0, y=0, width=0, height=0
1:35:36 = hWnd = 0x000300b4; ClassName:
x=0, y=0, width=0, height=0
10:46:58 = Process Attach
10:46:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:46:58 = * NULL == SampleProvider *

10:46:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:46:59 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:46:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:46:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:47:3 = Need to re-create objects.
10:47:4 = s1.
10:47:4 = s2.
10:47:8 = Start show animate
10:47:8 = Shell Excutute VerifyHost
10:47:44 = begin close Process
10:47:44 = Terminate Process
10:47:45 = end close Process
10:47:45 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:5:27 = Process Attach

2:5:28 = end process attach
2:5:28 = ***** NULL == SampleProvider *****
2:5:28 = hWnd = 0x00080c06; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:5:28 = hWnd = 0x0013060a; ClassName:
w.
x=0, y=0, width=1, height=1
2:5:28 = hWnd = 0x00160626; ClassName:
x=0, y=0, width=0, height=0
2:5:28 = hWnd = 0x00070cc8; ClassName:
x=0, y=0, width=0, height=0
2:6:5 = Process Attach
2:6:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:6:5 = ##### Get event and release process #####

2:6:5 = begin close Process
2:6:5 = end close Process
2:6:5 = hWnd = 0x010c01e6; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:6:5 = hWnd = 0x000300e2; ClassName:
.
x=0, y=0, width=1, height=1
2:6:5 = hWnd = 0x004b008e; ClassName:
x=0, y=0, width=0, height=0
2:6:5 = hWnd = 0x0003016a; ClassName:
x=0, y=0, width=0, height=0
10:33:2 = Process Attach
10:33:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:33:2 = * NULL == SampleProvider *

10:33:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:33:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:33:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:33:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:33:8 = Need to re-create objects.
10:33:8 = s1.
10:33:8 = s2.
10:33:11
10:33:11
10:33:47
10:33:47
10:33:48
10:33:48

11:0:28 = ##### Begin waiting Mutex to release process #####
11:0:28 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:0:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
11:0:29 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

11:0:29 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
11:0:32 = Need to re-create objects.
11:0:32 = s1.
11:0:32 = s2.
11:0:36
11:0:36
11:1:13
11:1:13
11:1:14
11:1:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:11:22 = Process Attach

4:11:22 = end process attach
4:11:22 = ***** NULL == SampleProvider *****
4:11:22 = ##### Begin waiting Mutex to release process #####
4:11:22 = hWnd = 0x000504d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:11:22 = hWnd = 0x001708c0; ClassName:
ow.
x=0, y=0, width=1, height=1
4:11:22 = hWnd = 0x00110912; ClassName:
x=0, y=0, width=0, height=0
4:11:22 = hWnd = 0x0022076c; ClassName:
x=0, y=0, width=0, height=0
4:12:50 = Process Attach
4:12:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:12:50 = ##### Get event and release process #####

4:12:50 = begin close Process
4:12:50 = end close Process
4:12:50 = ##### Get event and release process end #####
4:12:50 = hWnd = 0x010d01b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:12:50 = hWnd = 0x000300b6; ClassName:
ow.
x=0, y=0, width=1, height=1
4:12:50 = hWnd = 0x00e8002a; ClassName:
x=0, y=0, width=0, height=0
4:12:50 = hWnd = 0x00030072; ClassName:
x=0, y=0, width=0, height=0
10:34:53 = Process Attach
10:34:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:34:53 = * NULL == SampleProvider *

10:34:53 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:34:54 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
10:34:54 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:34:54 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:34:57 = Need to re-create objects.
10:34:57 = s1.
10:34:57 = s2.
10:35:0 = Start show animate
10:35:0 = Shell Excutute VerifyHost
10:35:37 = begin close Process
10:35:37 = Terminate Process
10:35:38 = end close Process
10:35:38 = DLL_PROCESS_DETACH
10:51:3 = Process Attach
10:51:3 = end process attach
10:51:3 = ***** NULL == SampleProvider *****
10:51:3 = ##### Begin waiting Mutex to release process #####
10:51:3 = hWnd = 0x0002039c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:51:3 = hWnd = 0x00080578; ClassName:
ow.
x=0, y=0, width=1, height=1
10:51:3 = hWnd = 0x00120402; ClassName:
x=0, y=0, width=0, height=0
10:51:3 = hWnd = 0x00070460; ClassName:
x=0, y=0, width=0, height=0
10:51:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:3 = s1.
10:51:3 = s2.
10:51:3 = Start show animate
10:51:3 = Shell Excutute VerifyHost
13:39:29 = begin close Process
13:39:29 = end close Process
13:39:29 = DLL_PROCESS_DETACH
14:12:46 = Process Attach
14:12:46 = end process attach
14:12:46 = ***** NULL == SampleProvider *****
14:12:46 = hWnd = 0x001305e8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:12:46 = ##### Begin waiting Mutex to release process #####
14:12:47 = hWnd = 0x00050434; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

14:12:47 = hWnd = 0x00070396; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:12:47 = hWnd = 0x00030656; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:12:47 = Need to re-create objects.
14:12:47 = s1.
14:12:47 = s2.
14:12:47
14:12:47
16:52:19
16:52:19
16:52:19

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
end close Process
DLL_PROCESS_DETACH

1:22:3 = Process Attach

1:22:3 = end process attach
1:22:3 = ***** NULL == SampleProvider *****
1:22:3 = ##### Begin waiting Mutex to release process #####
1:22:3 = hWnd = 0x001005ce; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:22:3 = hWnd = 0x00150576; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:22:3 = hWnd = 0x004606fc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:23:28 = Process Attach
1:23:28 = ## ERR ## Setevent
1:23:28 = ##### Get event and release process #####
1:23:28 = begin close Process
1:23:28 = end close Process
1:23:28 = ##### Get event and release process end #####
1:23:28 = hWnd = 0x009501e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:23:28 = hWnd = 0x003301ce; ClassName:
ow.
x=0, y=0, width=1, height=1
1:23:28 = hWnd = 0x0033014e; ClassName:
x=0, y=0, width=0, height=0
1:23:28 = hWnd = 0x003e0126; ClassName:
x=0, y=0, width=0, height=0
11:52:23 = Process Attach
11:52:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:52:23 = * NULL == SampleProvider *

11:52:23 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:52:24 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

11:52:25 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:52:25 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:52:26 = Need to re-create objects.
11:52:27 = s1.
11:52:27 = s2.
11:52:31 = Start show animate
11:52:31 = Shell Excutute VerifyHost
11:53:8 = begin close Process
11:53:8 = Terminate Process
11:53:9 = end close Process
11:53:9 = DLL_PROCESS_DETACH
2:56:19 = Process Attach
2:56:19 = end process attach
2:56:19 = ***** NULL == SampleProvider *****
2:56:19 = ##### Begin waiting Mutex to release process #####
2:56:19 = hWnd = 0x00aa078e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:56:19 = hWnd = 0x000814ee; ClassName:
ow.
x=0, y=0, width=1, height=1
2:56:19 = hWnd = 0x00100384; ClassName:
x=0, y=0, width=0, height=0
2:56:19 = hWnd = 0x0008038c; ClassName:
x=0, y=0, width=0, height=0
2:57:22 = Process Attach
2:57:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:57:22 = * NULL == SampleProvider *

2:57:22 = begin close Process
2:57:22 = end close Process
2:57:22 = ##### Get event and release process end #####
2:57:22 = hWnd = 0x008a01d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:57:22 = hWnd = 0x001300c0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:57:22 = hWnd = 0x015f015c; ClassName:
x=0, y=0, width=0, height=0
2:57:22 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
8:17:22 = Process Attach
8:17:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:22 = * NULL == SampleProvider *

8:17:22 = ##### Begin waiting Mutex to release process #####

8:17:22 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:17:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:17:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:17:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:17:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:26 = s1.
8:17:26 = s2.
8:17:31 = Start show animate
8:17:31 = Shell Excutute VerifyHost
8:18:9 = begin close Process
8:18:9 = Terminate Process
8:18:10 = end close Process
8:18:10 = DLL_PROCESS_DETACH
1:36:36 = Process Attach
1:36:36 = end process attach
1:36:36 = ***** NULL == SampleProvider *****
1:36:36 = hWnd = 0x001006c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:36:36 = hWnd = 0x001606ae; ClassName:
ow.
x=0, y=0, width=1, height=1
1:36:36 = hWnd = 0x00041292; ClassName:
x=0, y=0, width=0, height=0
1:36:36 = hWnd = 0x000806c8; ClassName:
x=0, y=0, width=0, height=0
1:37:52 = Process Attach
1:37:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:37:52 = ##### Get event and release process #####

1:37:52 = begin close Process
1:37:52 = end close Process
1:37:52 = ##### Get event and release process end #####
1:37:52 = hWnd = 0x001a00d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:37:52 = hWnd = 0x001b0052; ClassName:
ow.
x=0, y=0, width=1, height=1
1:37:52 = hWnd = 0x001b01ce; ClassName:
x=0, y=0, width=0, height=0
1:37:52 = hWnd = 0x0018003a; ClassName:
x=0, y=0, width=0, height=0
6:21:33 = Process Attach
6:21:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:21:33 = * NULL == SampleProvider *

6:21:34 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:21:34 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:21:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:21:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:21:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:21:38 = s1.
6:21:38 = s2.
6:21:42
6:21:42
6:22:18
6:22:18
6:22:19
6:22:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:39:58 = Process Attach

1:39:58 = end process attach
1:39:58 = ***** NULL == SampleProvider *****
1:39:58 = ##### Begin waiting Mutex to release process #####
1:39:58 = hWnd = 0x0011090a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:39:58 = hWnd = 0x00620628; ClassName:
ow.
x=0, y=0, width=1, height=1
1:39:58 = hWnd = 0x003407d8; ClassName:
x=0, y=0, width=0, height=0
1:39:58 = hWnd = 0x0011090e; ClassName:
x=0, y=0, width=0, height=0
1:43:26 = Process Attach
1:43:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:43:26 = * NULL == SampleProvider *

1:43:26 = begin close Process
1:43:27 = hWnd = 0x00020188; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:43:27 = ##### Get event and release process end #####
1:43:27 = hWnd = 0x000400c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:43:27 = hWnd = 0x00020182; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:34:19 = Process Attach
12:34:19 = end process attach

12:34:19 = * NULL == SampleProvider *

12:34:19 = ##### Begin waiting Mutex to release process #####
12:34:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:34:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:34:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:34:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:34:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:34:22 = s1.
12:34:22 = s2.
12:34:25 = Start show animate
12:34:25 = Shell Excutute VerifyHost
12:35:4 = begin close Process
12:35:4 = Terminate Process
12:35:5 = end close Process
12:35:5 = DLL_PROCESS_DETACH
16:46:45 = Process Attach
16:46:45 = end process attach
16:46:45 = ***** NULL == SampleProvider *****
16:46:45 = hWnd = 0x00070578; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:46:45 = hWnd = 0x00280688; ClassName:
dow.
x=0, y=0, width=1, height=1
16:46:45 = hWnd = 0x00050560; ClassName:
x=0, y=0, width=0, height=0
16:46:45 = hWnd = 0x00060494; ClassName:
x=0, y=0, width=0, height=0
16:47:53 = Process Attach
16:47:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:47:53 = ##### Get event and release process #####

16:47:53 = begin close Process
16:47:53 = end close Process
16:47:53 = ##### Get event and release process end #####
16:47:53 = hWnd = 0x000200d6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:47:53 = hWnd = 0x007f004a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:47:53 = hWnd = 0x00030138; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:51:47 = Process Attach

16:51:47 = end process attach

16:51:47 = ***** NULL == SampleProvider *****
16:51:47 = ##### Begin waiting Mutex to release process #####
16:51:47 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:51:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:51:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:51:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:51:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:51:51 = s1.
16:51:51 = s2.
16:51:55
16:51:55
16:52:33
16:52:33
16:52:34
16:52:34

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:17:28 = Process Attach

1:17:28 = end process attach
1:17:28 = ***** NULL == SampleProvider *****
1:17:28 = ##### Begin waiting Mutex to release process #####
1:17:28 =
ow.
x=0, y=0,
1:17:28 =
x=0, y=0,
1:17:28 =
x=0, y=0,
1:18:51 =
1:18:51 =

hWnd = 0x00b60c5a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0019087c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001f086c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:18:51 = ##### Get event and release process #####

1:18:51 = begin close Process
1:18:51 = ***** NULL == SampleProvider *****
1:18:51 = ##### Get event and release process end #####
1:18:51 = hWnd = 0x000200b6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:18:51 = hWnd = 0x00070088; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:18:51 = hWnd = 0x00060100; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:18:51 = hWnd = 0x000200b4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:35:22 = Process Attach
11:35:22 = end process attach
11:35:22 = ***** NULL == SampleProvider *****
11:35:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:35:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:35:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:35:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:35:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:35:26 = s1.
11:35:26 = s2.
11:35:28 = Start show animate
11:35:28 = Shell Excutute VerifyHost
11:36:4 = begin close Process
11:36:4 = Terminate Process
11:36:5 = end close Process
11:36:5 = DLL_PROCESS_DETACH
1:2:7 = Process Attach
1:2:7 = end process attach
1:2:7 = ***** NULL == SampleProvider *****
1:2:7 = hWnd = 0x00140876; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:2:7 = hWnd = 0x0022077e; ClassName:
.
x=0, y=0, width=1, height=1
1:2:7 = hWnd = 0x00170560; ClassName:
x=0, y=0, width=0, height=0
1:2:7 = hWnd = 0x001c06fe; ClassName:
x=0, y=0, width=0, height=0
1:3:19 = Process Attach
1:3:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:3:19 = ##### Get event and release process #####

1:3:19 = begin close Process
1:3:19 = end close Process
1:3:19 = ##### Get event and release process end #####
1:3:19 = hWnd = 0x000200b2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
1:3:19 = hWnd = 0x0006009a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:3:19 = hWnd = 0x008f00ea; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:3:19 = hWnd = 0x000200ae; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:6:50 = Process Attach
11:6:51 = end process attach
11:6:51 = ***** NULL == SampleProvider *****
11:6:51 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:6:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:6:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:6:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:6:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:54 = s1.
11:6:54 = s2.
11:6:58
11:6:58
11:7:36
11:7:36
11:7:37
11:7:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:5:15 = Process Attach

3:5:15 = end process attach
3:5:15 = ***** NULL == SampleProvider *****
3:5:15 = ##### Begin waiting Mutex to release process #####
3:5:15 = hWnd = 0x00200580; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
3:5:15 = hWnd = 0x00690488; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:5:15 = hWnd = 0x001a095c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:6:30 = Process Attach
3:6:30 = ## ERR ## Setevent
3:6:30 = ##### Get event and release process #####
3:6:30 = begin close Process
3:6:30 = end close Process
3:6:30 = ##### Get event and release process end #####

3:6:30 = hWnd = 0x000200ac; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:6:30 = hWnd = 0x0003007e; ClassName:
w.
x=0, y=0, width=1, height=1
3:6:30 = hWnd = 0x000e00fe; ClassName:
x=0, y=0, width=0, height=0
3:6:30 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
11:7:1 = Process Attach
11:7:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:7:1 = * NULL == SampleProvider *

11:7:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:7:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
11:7:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:7:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:7:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:7:4 = s1.
11:7:4 = s2.
11:7:8 = Start show animate
11:7:8 = Shell Excutute VerifyHost
11:7:46 = begin close Process
11:7:46 = Terminate Process
11:7:47 = end close Process
11:7:47 = DLL_PROCESS_DETACH
2:32:7 = Process Attach
2:32:7 = end process attach
2:32:7 = ***** NULL == SampleProvider *****
2:32:7 = ##### Begin waiting Mutex to release process #####
2:32:7 = hWnd = 0x000403a2; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
2:32:7 = hWnd = 0x0004047e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:32:7 = hWnd = 0x0003048a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:33:24 = Process Attach
2:33:24 = ## ERR ## Setevent
2:33:24 = ***** NULL == SampleProvider *****
2:33:24 = begin close Process
2:33:24 = end close Process
2:33:24 = ##### Get event and release process end #####

2:33:24 = hWnd = 0x000200b2; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:33:24 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
2:33:24 = hWnd = 0x005400f6; ClassName:
x=0, y=0, width=0, height=0
2:33:24 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
11:44:1 = Process Attach
11:44:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:44:1 = * NULL == SampleProvider *

11:44:1 = ##### Begin waiting Mutex to release process #####
11:44:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:44:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:44:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:44:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:44:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:44:4 = s1.
11:44:4 = s2.
11:44:8 = Start show animate
11:44:8 = Shell Excutute VerifyHost
11:44:46 = begin close Process
11:44:46 = Terminate Process
11:44:47 = end close Process
11:44:47 = DLL_PROCESS_DETACH
20:30:58 = Process Attach
20:30:58 = end process attach
20:30:58 = ***** NULL == SampleProvider *****
20:30:58 = ##### Begin waiting Mutex to release process #####
20:30:58 = hWnd = 0x000305d6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:30:58 = hWnd = 0x000306c4; ClassName:
dow.
x=0, y=0, width=1, height=1
20:30:58 = hWnd = 0x00050370; ClassName:
x=0, y=0, width=0, height=0
20:30:58 = hWnd = 0x0003064e; ClassName:
x=0, y=0, width=0, height=0
20:32:15 = Process Attach
20:32:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:32:15 = ##### Get event and release process #####

20:32:15 = ***** NULL == SampleProvider *****
20:32:15 = ##### Get event and release process end #####
20:32:15 = hWnd = 0x000200ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:32:15 = hWnd = 0x000200a8; ClassName:
dow.
x=0, y=0, width=1, height=1
20:32:15 = hWnd = 0x000200e2; ClassName:
x=0, y=0, width=0, height=0
20:32:15 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
20:36:29 = Process Attach
20:36:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:36:29 = * NULL == SampleProvider *

20:36:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:36:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:36:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:36:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:36:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:36:33 = s1.
20:36:33 = s2.
20:36:37
20:36:37
20:37:14
20:37:14
20:37:15
20:37:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:24:10 = Process Attach

2:24:10 = end process attach
2:24:10 = ##### Begin waiting Mutex to release process #####
2:24:10 = hWnd = 0x000f04a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:24:10 = hWnd = 0x00040628; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:10 = hWnd = 0x000804f8; ClassName:
x=0, y=0, width=0, height=0
2:24:10 = hWnd = 0x001e04ae; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:24:56 = Process Attach

2:24:56 = ## ERR ## Setevent
2:24:56 = ***** NULL == SampleProvider *****
2:24:56 = ##### Get event and release process #####
2:24:56 = begin close Process
2:24:56 = end close Process
2:24:56 = ##### Get event and release process end #####
2:24:56 = hWnd = 0x000200ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:24:56 = hWnd = 0x00030038; ClassName:
ow.
x=0, y=0, width=1, height=1
2:24:56 = hWnd = 0x000900f4; ClassName:
x=0, y=0, width=0, height=0
2:24:56 = hWnd = 0x000200d6; ClassName:
x=0, y=0, width=0, height=0
9:41:15 = Process Attach
9:41:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:15 = * NULL == SampleProvider *

9:41:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:41:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:41:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:41:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:41:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:18 = s1.
9:41:18 = s2.
9:41:21 = Start show animate
9:41:21 = Shell Excutute VerifyHost
9:41:58 = begin close Process
9:41:58 = Terminate Process
9:42:1 = end close Process
9:42:1 = DLL_PROCESS_DETACH
3:3:57 = Process Attach
3:3:57 = end process attach
3:3:57 = ***** NULL == SampleProvider *****
3:3:57 = hWnd = 0x00030576; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:3:57 = hWnd = 0x0003058a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

3:3:57 = hWnd = 0x0007056c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
3:3:57 = hWnd = 0x00070578; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:5:4 = Process Attach
3:5:4 = ## ERR ## Setevent
3:5:4 = ***** NULL == SampleProvider *****
3:5:4 = begin close Process
3:5:4 = end close Process
3:5:4 = ##### Get event and release process end #####
3:5:4 = hWnd = 0x000200aa; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:5:4 = hWnd = 0x0002009e; ClassName:
.
x=0, y=0, width=1, height=1
3:5:4 = hWnd = 0x000700da; ClassName:
x=0, y=0, width=0, height=0
3:5:4 = hWnd = 0x000200e4; ClassName:
x=0, y=0, width=0, height=0
11:11:52 = Process Attach
11:11:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:52 = * NULL == SampleProvider *

11:11:52 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:11:53 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:11:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:11:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:11:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:11:56 = s1.
11:11:56 = s2.
11:11:59
11:11:59
11:12:37
11:12:37
11:12:38
11:12:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:34:24 = Process Attach

2:34:24 = end process attach
2:34:24 = ***** NULL == SampleProvider *****
2:34:24 = hWnd = 0x0005046c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:34:24 = hWnd = 0x009a06d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
2:34:24 =
x=0, y=0,
2:34:24 =
x=0, y=0,
2:35:49 =
2:35:49 =

width=1, height=1
hWnd = 0x001a0572; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000406f2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

2:35:49 = * NULL == SampleProvider *

2:35:49 = begin close Process
2:35:49 = end close Process
2:35:49 = ##### Get event and release process end #####
2:35:49 = hWnd = 0x0004002a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:35:49 = hWnd = 0x0004008e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:35:49 = hWnd = 0x0003004a; ClassName:
x=0, y=0, width=0, height=0
2:35:49 = hWnd = 0x00030088; ClassName:
x=0, y=0, width=0, height=0
10:31:35 = Process Attach
10:31:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:31:35 = * NULL == SampleProvider *

10:31:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:31:36 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:31:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:31:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:31:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:31:39 = s1.
10:31:39 = s2.
10:31:43
10:31:43
10:32:19
10:32:19
10:32:20
10:32:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:37:59 = Process Attach

1:37:59 = end process attach
1:37:59 = ***** NULL == SampleProvider *****
1:37:59 = hWnd = 0x0006059c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

1:37:59 = hWnd = 0x001a0704; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:37:59 = hWnd = 0x0008057e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:37:59 = hWnd = 0x00c20632; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:39:7 = Process Attach
1:39:7 = ## ERR ## Setevent
1:39:7 = ##### Get event and release process #####
1:39:7 = begin close Process
1:39:7 = ***** NULL == SampleProvider *****
1:39:7 = ##### Get event and release process end #####
1:39:7 = hWnd = 0x0004007c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:39:7 = hWnd = 0x0005003a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:39:7 = hWnd = 0x00040090; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:56:6 = Process Attach
10:56:6 = end process attach
10:56:6 = ***** NULL == SampleProvider *****
10:56:6 = ##### Begin waiting Mutex to release process #####
10:56:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:56:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:56:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:56:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:56:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:56:11 = s1.
10:56:11 = s2.
10:56:15
10:56:15
10:56:52
10:56:52
10:56:53
10:56:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:26:19 = Process Attach

3:26:19 = end process attach
3:26:19 = ***** NULL == SampleProvider *****

3:26:19 = hWnd = 0x000404d4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:26:19 = hWnd = 0x000504d8; ClassName:
ow.
x=0, y=0, width=1, height=1
3:26:19 = hWnd = 0x00270480; ClassName:
x=0, y=0, width=0, height=0
3:26:19 = hWnd = 0x000604ca; ClassName:
x=0, y=0, width=0, height=0
3:27:49 = Process Attach
3:27:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:27:49 = * NULL == SampleProvider *

3:27:49 = begin close Process
3:27:49 = end close Process
3:27:49 = ##### Get event and release process end #####
3:27:49 = hWnd = 0x000200aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:27:49 = hWnd = 0x0006009c; ClassName:
ow.
x=0, y=0, width=1, height=1
3:27:49 = hWnd = 0x00030112; ClassName:
x=0, y=0, width=0, height=0
3:27:49 = hWnd = 0x000300ac; ClassName:
x=0, y=0, width=0, height=0
12:17:3 = Process Attach
12:17:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:17:3 = * NULL == SampleProvider *

12:17:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:17:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:17:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:17:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:17:6 = Need to re-create objects.
12:17:7 = s1.
12:17:7 = s2.
12:17:10
12:17:10
12:17:49
12:17:49
12:17:50
12:17:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:48:38 = Process Attach

3:48:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:48:38 = ##### Begin waiting Mutex to release process #####

3:48:38 = hWnd = 0x0017089e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:48:38 = hWnd = 0x0041072e; ClassName:
ow.
x=0, y=0, width=1, height=1
3:48:38 = hWnd = 0x001507f8; ClassName:
x=0, y=0, width=0, height=0
3:48:38 = hWnd = 0x000b087e; ClassName:
x=0, y=0, width=0, height=0
3:49:46 = Process Attach
3:49:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:49:46 = * NULL == SampleProvider *

3:49:46 = begin close Process
3:49:46 = end close Process
3:49:46 = ##### Get event and release process end #####
3:49:46 = hWnd = 0x000200b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:49:46 = hWnd = 0x000200ac; ClassName:
ow.
x=0, y=0, width=1, height=1
3:49:46 = hWnd = 0x001100b4; ClassName:
x=0, y=0, width=0, height=0
3:49:46 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
12:41:4 = Process Attach
12:41:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:41:4 = * NULL == SampleProvider *

12:41:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:41:5 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:41:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:41:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:41:7 = Need to re-create objects.
12:41:8 = s1.
12:41:8 = s2.
12:41:11
12:41:11
12:41:50
12:41:50
12:41:51
12:41:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:23:53 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:23:53 = end process attach

2:23:53 = ***** NULL == SampleProvider *****
2:23:53 = hWnd = 0x00120552; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:23:53 = hWnd = 0x00090516; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:23:53 = ##### Begin waiting Mutex to release process #####
2:23:53 = hWnd = 0x000904aa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:23:53 = hWnd = 0x00070548; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:25:5 = Process Attach
2:25:5 = ## ERR ## Setevent
2:25:5 = ##### Get event and release process #####
2:25:5 = begin close Process
2:25:5 = end close Process
2:25:5 = ##### Get event and release process end #####
2:25:5 = hWnd = 0x000200ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:25:5 = hWnd = 0x000c0056; ClassName:
w.
x=0, y=0, width=1, height=1
2:25:5 = hWnd = 0x000400d4; ClassName:
x=0, y=0, width=0, height=0
2:25:5 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
12:16:57 = Process Attach
12:16:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:16:57 = * NULL == SampleProvider *

12:16:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:16:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:16:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:16:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:17:2 = Need to re-create objects.
12:17:2 = s1.
12:17:2 = s2.
12:17:3 = Start show animate
12:17:3 = Shell Excutute VerifyHost
12:17:42 = begin close Process
12:17:42 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:17:43 = end close Process

12:17:43 = DLL_PROCESS_DETACH
3:8:38 = Process Attach
3:8:38 = end process attach
3:8:38 = ***** NULL == SampleProvider *****
3:8:38 = hWnd = 0x000509c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:8:38 = hWnd = 0x000e0742; ClassName:
w.
x=0, y=0, width=1, height=1
3:8:38 = hWnd = 0x000709ba; ClassName:
x=0, y=0, width=0, height=0
3:8:38 = hWnd = 0x00060874; ClassName:
x=0, y=0, width=0, height=0
3:9:42 = Process Attach
3:9:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:9:42 = ##### Get event and release process #####

3:9:42 = begin close Process
3:9:42 = end close Process
3:9:42 = ##### Get event and release process end #####
3:9:42 = hWnd = 0x000600a0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:9:42 = hWnd = 0x000200e0; ClassName:
w.
x=0, y=0, width=1, height=1
3:9:42 = hWnd = 0x006a011e; ClassName:
x=0, y=0, width=0, height=0
3:9:42 = hWnd = 0x00030036; ClassName:
x=0, y=0, width=0, height=0
14:1:47 = Process Attach
14:1:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:1:47 = * NULL == SampleProvider *

14:1:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:1:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:1:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:1:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:1:51 = Need to re-create objects.
14:1:51 = s1.
14:1:51 = s2.
14:1:54 = Start show animate
14:1:54 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:2:32
14:2:32
14:2:33
14:2:33

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

4:6:42 = Process Attach

4:6:42 = end process attach
4:6:42 = ***** NULL == SampleProvider *****
4:6:42 = hWnd = 0x0009054a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:6:42 = hWnd = 0x001106ac; ClassName:
w.
x=0, y=0, width=1, height=1
4:6:42 = hWnd = 0x001905d2; ClassName:
x=0, y=0, width=0, height=0
4:6:42 = hWnd = 0x000704a8; ClassName:
x=0, y=0, width=0, height=0
4:8:3 = Process Attach
4:8:3 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:8:3 = ##### Get event and release process #####

4:8:3 = begin close Process
4:8:3 = end close Process
4:8:3 = ##### Get event and release process end #####
4:8:3 = hWnd = 0x00040038; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:8:3 = hWnd = 0x000c00fa; ClassName:
.
x=0, y=0, width=1, height=1
4:8:3 = hWnd = 0x003a00ee; ClassName:
x=0, y=0, width=0, height=0
4:8:3 = hWnd = 0x002b00f2; ClassName:
x=0, y=0, width=0, height=0
13:16:18 = Process Attach
13:16:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:16:18 = * NULL == SampleProvider *

13:16:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:16:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:16:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:16:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:16:22 = Need to re-create objects.
13:16:22 = s1.
13:16:22 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:16:25 = Start show animate

13:16:25 = Shell Excutute VerifyHost
13:17:3 = begin close Process
13:17:3 = Terminate Process
13:17:4 = end close Process
13:17:4 = DLL_PROCESS_DETACH
4:1:6 = Process Attach
4:1:6 = end process attach
4:1:6 = ##### Begin waiting Mutex to release process #####
4:1:6 = hWnd = 0x0009070c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:1:6 = hWnd = 0x0008070e; ClassName:
.
x=0, y=0, width=1, height=1
4:1:6 = hWnd = 0x000506b0; ClassName:
x=0, y=0, width=0, height=0
4:1:6 = hWnd = 0x00080718; ClassName:
x=0, y=0, width=0, height=0
4:2:24 = Process Attach
4:2:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:2:24 = ##### Get event and release process #####

4:2:24 = begin close Process
4:2:24 = end close Process
4:2:24 = ##### Get event and release process end #####
4:2:24 = hWnd = 0x00060094; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:2:24 = hWnd = 0x000200c6; ClassName:
w.
x=0, y=0, width=1, height=1
4:2:24 = hWnd = 0x000a007a; ClassName:
x=0, y=0, width=0, height=0
4:2:24 = hWnd = 0x000200a0; ClassName:
x=0, y=0, width=0, height=0
12:11:58 = Process Attach
12:11:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:11:58 = * NULL == SampleProvider *

12:11:58 = ##### Begin waiting Mutex to release process #####
12:11:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:11:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:11:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:11:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:12:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:12:1 = s1.
12:12:1 = s2.
12:12:4 = Start show animate
12:12:4 = Shell Excutute VerifyHost
12:12:43 = begin close Process
12:12:43 = Terminate Process
12:12:44 = end close Process
12:12:44 = DLL_PROCESS_DETACH
4:6:24 = Process Attach
4:6:24 = end process attach
4:6:24 = ***** NULL == SampleProvider *****
4:6:24 = hWnd = 0x00050596; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:6:24 = hWnd = 0x000505cc; ClassName:
w.
x=0, y=0, width=1, height=1
4:6:24 = hWnd = 0x00050562; ClassName:
x=0, y=0, width=0, height=0
4:6:24 = hWnd = 0x000505c2; ClassName:
x=0, y=0, width=0, height=0
4:7:4 = Process Attach
4:7:4 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:7:4 = ##### Get event and release process #####

4:7:4 = ***** NULL == SampleProvider *****
4:7:4 = ##### Get event and release process end #####
4:7:4 = hWnd = 0x000200aa; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:7:4 = hWnd = 0x000200c8; ClassName:
.
x=0, y=0, width=1, height=1
4:7:4 = hWnd = 0x00060128; ClassName:
x=0, y=0, width=0, height=0
4:7:4 = hWnd = 0x0005009e; ClassName:
x=0, y=0, width=0, height=0
12:39:24 = Process Attach
12:39:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:39:24 = * NULL == SampleProvider *

12:39:24 = ##### Begin waiting Mutex to release process #####
12:39:24 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:39:25 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:39:26 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

12:39:26 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
12:39:29 = Need to re-create objects.
12:39:29 = s1.
12:39:29 = s2.
12:39:33
12:39:33
12:40:11
12:40:11
12:40:12
12:40:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:23:50 = Process Attach

1:23:50 = end process attach
1:23:50 = ***** NULL == SampleProvider *****
1:23:50 = hWnd = 0x000c04a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:23:50 = hWnd = 0x002f0590; ClassName:
ow.
x=0, y=0, width=1, height=1
1:23:50 = hWnd = 0x0018057e; ClassName:
x=0, y=0, width=0, height=0
1:23:50 = hWnd = 0x000a0512; ClassName:
x=0, y=0, width=0, height=0
1:25:9 = Process Attach
1:25:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:25:9 = ##### Get event and release process #####

1:25:9 = ***** NULL == SampleProvider *****
1:25:9 = end close Process
1:25:9 = ##### Get event and release process end #####
1:25:9 = hWnd = 0x000200ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:25:9 = hWnd = 0x000a00a2; ClassName:
w.
x=0, y=0, width=1, height=1
1:25:9 = hWnd = 0x00f20066; ClassName:
x=0, y=0, width=0, height=0
1:25:9 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
8:48:53 = Process Attach
8:48:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:48:53 = * NULL == SampleProvider *

8:48:53 = ##### Begin waiting Mutex to release process #####
8:48:53 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

8:48:54 =
ow.
x=0, y=0,
8:48:54 =
x=0, y=0,
8:48:54 =
x=0, y=0,
8:48:57 =

8:48:57 = s1.
8:48:57 = s2.
8:49:0 = Start show animate
8:49:0 = Shell Excutute VerifyHost
8:49:38 = begin close Process
8:49:38 = Terminate Process
8:49:39 = end close Process
8:49:39 = DLL_PROCESS_DETACH
2:32:59 = Process Attach
2:32:59 = end process attach
2:32:59 = ***** NULL == SampleProvider *****
2:32:59 = ##### Begin waiting Mutex to release process #####
2:32:59 = hWnd = 0x0013089c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:32:59 = hWnd = 0x001008ba; ClassName:
ow.
x=0, y=0, width=1, height=1
2:32:59 = hWnd = 0x002e0844; ClassName:
x=0, y=0, width=0, height=0
2:32:59 = hWnd = 0x001406d2; ClassName:
x=0, y=0, width=0, height=0
2:34:13 = Process Attach
2:34:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:34:13 = * NULL == SampleProvider *

2:34:13 = begin close Process
2:34:13 = end close Process
2:34:13 = hWnd = 0x001000c4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:34:13 = hWnd = 0x0009002e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:34:13 = hWnd = 0x000300ae; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:8:0 = Process Attach
14:8:0 = end process attach
14:8:0 = ***** NULL == SampleProvider *****
14:8:0 = ##### Begin waiting Mutex to release process #####
14:8:0 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

14:8:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
14:8:1 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:8:1 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:8:3 = Need to re-create objects.
14:8:3 = s1.
14:8:3 = s2.
14:8:7 = Start show animate
14:8:7 = Shell Excutute VerifyHost
14:8:43 = begin close Process
14:8:43 = Terminate Process
14:8:44 = end close Process
14:8:44 = DLL_PROCESS_DETACH
3:37:27 = Process Attach
3:37:27 = end process attach
3:37:27 = ***** NULL == SampleProvider *****
3:37:27 = hWnd = 0x000a0502; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:37:27 = hWnd = 0x00f70536; ClassName:
ow.
x=0, y=0, width=1, height=1
3:37:27 = hWnd = 0x000d04d0; ClassName:
x=0, y=0, width=0, height=0
3:37:27 = hWnd = 0x0008051c; ClassName:
x=0, y=0, width=0, height=0
3:38:38 = Process Attach
3:38:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:38:38 = ##### Get event and release process #####

3:38:38 = begin close Process
3:38:38 = end close Process
3:38:38 = ##### Get event and release process end #####
3:38:38 = hWnd = 0x001f00e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:38:38 = hWnd = 0x01510112; ClassName:
ow.
x=0, y=0, width=1, height=1
3:38:38 = hWnd = 0x001b00b6; ClassName:
x=0, y=0, width=0, height=0
3:38:38 = hWnd = 0x011e0132; ClassName:
x=0, y=0, width=0, height=0
14:30:49 = Process Attach
14:30:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:30:49 = * NULL == SampleProvider *

14:30:49 = ##### Begin waiting Mutex to release process #####

14:30:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:30:50 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:30:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:30:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:30:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:30:53 = s1.
14:30:53 = s2.
14:30:56
14:30:56
14:31:34
14:31:34
14:31:35
14:31:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:36:47 = Process Attach

3:36:47 = end process attach
3:36:47 = ***** NULL == SampleProvider *****
3:36:47 = hWnd = 0x000404f4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:36:47 = hWnd = 0x000804e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
3:36:47 = hWnd = 0x00270482; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:36:47 = hWnd = 0x000704ba; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:36:47 = ##### Begin waiting Mutex to release process #####
3:38:26 = Process Attach
3:38:26 = ## ERR ## Setevent
3:38:26 = ***** NULL == SampleProvider *****
3:38:26 = begin close Process
3:38:26 = end close Process
3:38:26 = ##### Get event and release process end #####
3:38:26 = hWnd = 0x000200a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:38:26 = hWnd = 0x000a0084; ClassName:
ow.
x=0, y=0, width=1, height=1
3:38:26 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
3:38:26 = hWnd = 0x0003008e; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

12:40:31 = Process Attach
12:40:31 = end process attach
12:40:31 = ***** NULL == SampleProvider *****
12:40:31 = ##### Begin waiting Mutex to release process #####
12:40:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:40:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:40:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:40:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:40:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:40:35 = s1.
12:40:35 = s2.
12:40:38
12:40:38
12:41:17
12:41:17
12:41:18
12:41:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:44:19 = Process Attach

1:44:19 = end process attach
1:44:19 = ***** NULL == SampleProvider *****
1:44:19 = ##### Begin waiting Mutex to release process #####
1:44:19 =
ow.
x=0, y=0,
1:44:19 =
x=0, y=0,
1:44:19 =
x=0, y=0,
1:45:19 =
1:45:19 =

hWnd = 0x0003049e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000d0494; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00060496; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:45:19 = ##### Get event and release process #####

1:45:19 = begin close Process
1:45:19 = ***** NULL == SampleProvider *****
1:45:19 = ##### Get event and release process end #####
1:45:19 =
ow.
x=0, y=0,
1:45:19 =
x=0, y=0,

hWnd = 0x0004003a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0007010e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0

1:45:19 =
x=0, y=0,
8:44:37 =
8:44:37 =

hWnd = 0x0003006a; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

8:44:37 = * NULL == SampleProvider *

8:44:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:44:38 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:44:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:44:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:44:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:44:41 = s1.
8:44:41 = s2.
8:44:44
8:44:44
8:45:23
8:45:23
8:45:24
8:45:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:0:32 = Process Attach

10:0:32 = end process attach
10:0:32 = ***** NULL == SampleProvider *****
10:0:32 = hWnd = 0x000d0474; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:0:32 = hWnd = 0x000404cc; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:0:32 = ##### Begin waiting Mutex to release process #####
10:0:32 =
x=0, y=0,
10:0:32 =
x=0, y=0,
10:0:57 =
10:0:57 =

hWnd = 0x000204ca; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00100478; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

10:0:57 = * NULL == SampleProvider *

10:0:57 = begin close Process
10:0:57 = end close Process
10:0:57 = hWnd = 0x0005004c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:0:57 = hWnd = 0x000200d0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

10:0:57 =
x=0, y=0,
10:0:57 =
x=0, y=0,
16:9:25 =
16:9:25 =

hWnd = 0x0017010a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000200a4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

16:9:25 = * NULL == SampleProvider *

16:9:25 = ##### Begin waiting Mutex to release process #####
16:9:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:9:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
16:9:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:9:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:9:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:9:29 = s1.
16:9:29 = s2.
16:9:33 = Start show animate
16:9:33 = Shell Excutute VerifyHost
16:10:10 = begin close Process
16:10:10 = Terminate Process
16:10:11 = end close Process
16:10:11 = DLL_PROCESS_DETACH
2:49:58 = Process Attach
2:49:58 = end process attach
2:49:59 = ##### Begin waiting Mutex to release process #####
2:49:59 = hWnd = 0x0006046e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:49:59 = hWnd = 0x003c0654; ClassName:
ow.
x=0, y=0, width=1, height=1
2:49:59 = hWnd = 0x00020474; ClassName:
x=0, y=0, width=0, height=0
2:49:59 = hWnd = 0x0004046a; ClassName:
x=0, y=0, width=0, height=0
2:50:56 = Process Attach
2:50:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:50:56 = ##### Get event and release process #####

2:50:56 = begin close Process
2:50:56 = end close Process
2:50:56 = ##### Get event and release process end #####
2:50:56 = hWnd = 0x000200b2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

2:50:56 = hWnd = 0x000200ae; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:50:56 = hWnd = 0x00020140; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:50:56 = hWnd = 0x000200b0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:22:11 = Process Attach
13:22:11 = end process attach
13:22:11 = ***** NULL == SampleProvider *****
13:22:11 = ##### Begin waiting Mutex to release process #####
13:22:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:22:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:22:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:22:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:22:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:22:14 = s1.
13:22:14 = s2.
13:22:18
13:22:18
13:22:56
13:22:56
13:22:57
13:22:57

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:10:35 = ##### Get event and release process #####

18:10:35 = begin close Process
18:10:35 = end close Process
18:10:35 = ##### Get event and release process end #####
18:10:35 = hWnd = 0x000200b4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:10:35 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
18:10:35 = hWnd = 0x00060120; ClassName:
x=0, y=0, width=0, height=0
18:10:35 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
18:12:50 = Process Attach
18:12:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:12:50 = * NULL == SampleProvider *

18:12:50 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:12:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:12:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:12:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:12:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:12:54 = s1.
18:12:54 = s2.
18:12:57
18:12:57
18:13:36
18:13:36
18:13:37
18:13:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:29:43 = Process Attach

1:29:43 = end process attach
1:29:43 = ***** NULL == SampleProvider *****
1:29:43 = ##### Begin waiting Mutex to release process #####
1:29:43 =
ow.
x=0, y=0,
1:29:43 =
x=0, y=0,
1:29:43 =
x=0, y=0,
1:30:35 =
1:30:35 =

hWnd = 0x00030566; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00040442; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000404f2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:30:35 = * NULL == SampleProvider *

1:30:35 = ##### Get event and release process end #####
1:30:35 = hWnd = 0x000200aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:35 = hWnd = 0x0002009e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:35 = hWnd = 0x00a100cc; ClassName:
x=0, y=0, width=0, height=0
1:30:35 = hWnd = 0x0004003a; ClassName:
x=0, y=0, width=0, height=0
12:46:46 = Process Attach
12:46:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:46:46 = * NULL == SampleProvider *

12:46:46 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
12:46:47 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:46:47 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:46:47 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:46:50 = Need to re-create objects.
12:46:50 = s1.
12:46:50 = s2.
12:46:53
12:46:53
12:47:31
12:47:31
12:47:32
12:47:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:50:56 = Process Attach

14:50:57 = end process attach
14:50:57 = ***** NULL == SampleProvider *****
14:50:57 = ##### Begin waiting Mutex to release process #####
14:50:57 = hWnd = 0x00040340; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:50:57 = hWnd = 0x000402c8; ClassName:
dow.
x=0, y=0, width=1, height=1
14:50:57 = hWnd = 0x000605e8; ClassName:
x=0, y=0, width=0, height=0
14:50:57 = hWnd = 0x0002033a; ClassName:
x=0, y=0, width=0, height=0
14:50:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:50:57 = s1.
14:50:57 = s2.
14:51:1 = Start show animate
14:51:1 = Shell Excutute VerifyHost
15:22:44 = begin close Process
15:22:44 = Terminate Process
15:22:45 = end close Process
15:22:45 = DLL_PROCESS_DETACH
4:42:40 = Process Attach
4:42:42 = end process attach
4:42:42 = ***** NULL == SampleProvider *****
4:42:43 = ##### Begin waiting Mutex to release process #####
4:42:44 = hWnd = 0x00080646; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
4:42:44 = hWnd = 0x00100676; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
4:42:44 = hWnd = 0x00160604; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
4:42:44 = hWnd = 0x000605d2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
4:44:24 = Process Attach
4:44:24 = ## ERR ## Setevent
4:44:24 = ##### Get event and release process #####
4:44:24 = begin close Process
4:44:24 = hWnd = 0x000500dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:44:24 = ##### Get event and release process end #####
4:44:24 = hWnd = 0x000400f0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
4:44:24 = hWnd = 0x000f00ce; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:27:54 = Process Attach
12:27:54 = end process attach
12:27:54 = ***** NULL == SampleProvider *****
12:27:54 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:27:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:27:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:27:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:27:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:27:57 = s1.
12:27:57 = s2.
12:28:1 = Start show animate
12:28:1 = Shell Excutute VerifyHost
12:28:39 = begin close Process
12:28:39 = Terminate Process
12:28:40 = end close Process
12:28:40 = DLL_PROCESS_DETACH
18:9:59 = Process Attach
18:9:59 = end process attach
18:9:59 = ##### Begin waiting Mutex to release process #####
18:9:59 = hWnd = 0x000e07cc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

18:9:59 = hWnd = 0x001407e4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:9:59 = hWnd = 0x000b084a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:9:59 = hWnd = 0x001107f8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:11:53 = Process Attach
18:11:53 = ## ERR ## Setevent
18:11:53 = ***** NULL == SampleProvider *****
18:11:53 = begin close Process
18:11:53 = end close Process
18:11:53 = ##### Get event and release process end #####
18:11:53 = hWnd = 0x000300bc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:11:53 = hWnd = 0x000800de; ClassName:
dow.
x=0, y=0, width=1, height=1
18:11:53 = hWnd = 0x0086011c; ClassName:
x=0, y=0, width=0, height=0
18:11:53 = hWnd = 0x00090116; ClassName:
x=0, y=0, width=0, height=0
18:16:18 = Process Attach
18:16:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:16:18 = * NULL == SampleProvider *

18:16:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:16:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:16:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:16:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:16:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:16:21 = s1.
18:16:21 = s2.
18:16:24 = Start show animate
18:16:24 = Shell Excutute VerifyHost
18:17:0 = begin close Process
18:17:0 = Terminate Process
18:17:2 = end close Process
18:17:2 = DLL_PROCESS_DETACH
2:52:19 = Process Attach
2:52:20 = end process attach
2:52:20 = ***** NULL == SampleProvider *****
2:52:20 = ##### Begin waiting Mutex to release process #####

2:52:20 = hWnd = 0x000605d2; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:52:20 = hWnd = 0x000d04d6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:52:20 = hWnd = 0x00040656; ClassName:
x=0, y=0, width=0, height=0
2:52:20 = hWnd = 0x000f04ec; ClassName:
x=0, y=0, width=0, height=0
2:53:30 = Process Attach
2:53:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:53:30 = ##### Get event and release process #####

2:53:30 = ***** NULL == SampleProvider *****
2:53:30 = hWnd = 0x000200b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:53:30 = hWnd = 0x0004004e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:53:30 = hWnd = 0x00b60108; ClassName:
x=0, y=0, width=0, height=0
2:53:30 = hWnd = 0x0005004a; ClassName:
x=0, y=0, width=0, height=0
10:58:43 = Process Attach
10:58:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:58:43 = * NULL == SampleProvider *

10:58:43 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:58:44 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:58:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:58:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:58:46 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:58:46 = s1.
10:58:46 = s2.
10:58:49
10:58:49
10:59:27
10:59:27
10:59:29
10:59:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:6:30 = Process Attach

3:6:30 = end process attach
3:6:30 = ##### Begin waiting Mutex to release process #####

3:6:30 = hWnd = 0x0004068a; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:6:30 = hWnd = 0x0004069e; ClassName:
w.
x=0, y=0, width=1, height=1
3:6:30 = hWnd = 0x00030596; ClassName:
x=0, y=0, width=0, height=0
3:6:30 = hWnd = 0x00050692; ClassName:
x=0, y=0, width=0, height=0
3:8:31 = Process Attach
3:8:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:8:31 = ##### Get event and release process #####

3:8:31 = begin close Process
3:8:31 = end close Process
3:8:31 = ##### Get event and release process end #####
3:8:31 = hWnd = 0x00050038; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:8:31 = hWnd = 0x02240144; ClassName:
w.
x=0, y=0, width=1, height=1
3:8:31 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
3:8:31 = hWnd = 0x0247012c; ClassName:
x=0, y=0, width=0, height=0
11:30:57 = Process Attach
11:30:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:30:57 = * NULL == SampleProvider *

11:30:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:30:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:30:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:30:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:31:1 = Need to re-create objects.
11:31:1 = s1.
11:31:1 = s2.
11:31:5 = Start show animate
11:31:5 = Shell Excutute VerifyHost
11:31:44 = begin close Process
11:31:44 = Terminate Process
11:31:45 = end close Process
11:31:45 = DLL_PROCESS_DETACH
2:14:44 = Process Attach
2:14:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:14:44 = * NULL == SampleProvider *

2:14:44 = ##### Begin waiting Mutex to release process #####
2:14:44 = hWnd = 0x0002043e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:14:44 = hWnd = 0x00040440; ClassName:
ow.
x=0, y=0, width=1, height=1
2:14:44 = hWnd = 0x004a0984; ClassName:
x=0, y=0, width=0, height=0
2:14:44 = hWnd = 0x0002043c; ClassName:
x=0, y=0, width=0, height=0
2:16:20 = Process Attach
2:16:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:16:20 = ##### Get event and release process #####

2:16:20 = begin close Process
2:16:20 = end close Process
2:16:20 = ##### Get event and release process end #####
2:16:20 = hWnd = 0x000200ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:16:20 = hWnd = 0x0003002c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:16:20 = hWnd = 0x00df0132; ClassName:
x=0, y=0, width=0, height=0
2:16:20 = hWnd = 0x000200da; ClassName:
x=0, y=0, width=0, height=0
8:0:14 = Process Attach
8:0:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:0:14 = * NULL == SampleProvider *

8:0:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:0:15 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:0:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:0:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:0:18 = Need to re-create objects.
8:0:18 = s1.
8:0:18 = s2.
8:0:21 = Start show animate
8:0:21 = Shell Excutute VerifyHost
8:0:59 = begin close Process
8:0:59 = Terminate Process
8:1:0 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:1:0 = DLL_PROCESS_DETACH
3:14:0 = Process Attach
3:14:0 = end process attach
3:14:0 = ***** NULL == SampleProvider *****
3:14:0 = hWnd = 0x00040660; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:14:0 = hWnd = 0x00030636; ClassName:
w.
x=0, y=0, width=1, height=1
3:14:0 = hWnd = 0x0003046a; ClassName:
x=0, y=0, width=0, height=0
3:14:0 = hWnd = 0x000c0668; ClassName:
x=0, y=0, width=0, height=0
3:15:25 = Process Attach
3:15:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:15:25 = * NULL == SampleProvider *

3:15:25 = begin close Process
3:15:25 = end close Process
3:15:25 = ##### Get event and release process end #####
3:15:25 = hWnd = 0x00f60124; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:15:25 = hWnd = 0x00ef00e0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:15:25 = hWnd = 0x00a700ca; ClassName:
x=0, y=0, width=0, height=0
3:15:25 = hWnd = 0x00990122; ClassName:
x=0, y=0, width=0, height=0
10:50:20 = Process Attach
10:50:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:50:20 = * NULL == SampleProvider *

10:50:20 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:50:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:50:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:50:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:50:24 = Need to re-create objects.
10:50:24 = s1.
10:50:24 = s2.
10:50:28 = Start show animate
10:50:28 = Shell Excutute VerifyHost
10:51:5 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:5 = Terminate Process

10:51:6 = end close Process
10:51:6 = DLL_PROCESS_DETACH
2:12:46 = Process Attach
2:12:46 = end process attach
2:12:46 = ##### Begin waiting Mutex to release process #####
2:12:46 = hWnd = 0x000d050e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:12:47 = hWnd = 0x000904cc; ClassName:
ow.
x=0, y=0, width=1, height=1
2:12:47 = hWnd = 0x000904f6; ClassName:
x=0, y=0, width=0, height=0
2:12:47 = hWnd = 0x001204b8; ClassName:
x=0, y=0, width=0, height=0
2:13:50 = Process Attach
2:13:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:13:50 = * NULL == SampleProvider *

2:13:50 = begin close Process
2:13:50 = end close Process
2:13:50 = ##### Get event and release process end #####
2:13:50 = hWnd = 0x000400ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:13:50 = hWnd = 0x000200ac; ClassName:
ow.
x=0, y=0, width=1, height=1
2:13:50 = hWnd = 0x0004009c; ClassName:
x=0, y=0, width=0, height=0
2:13:50 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
11:39:25 = Process Attach
11:39:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:39:25 = * NULL == SampleProvider *

11:39:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:39:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:39:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:39:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:39:29 = Need to re-create objects.
11:39:29 = s1.
11:39:29 = s2.
11:39:33 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:39:33
11:40:10
11:40:10
11:40:11
11:40:11

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:49:36 = Process Attach

14:49:36 = end process attach
14:49:36 = ***** NULL == SampleProvider *****
14:49:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:49:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:49:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:49:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:49:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:49:41 = s1.
14:49:41 = s2.
14:49:45
14:49:45
14:50:23
14:50:23
14:50:24
14:50:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:5:48 = Process Attach

2:5:48 = end process attach
2:5:48 = ***** NULL == SampleProvider *****
2:5:48 = ##### Begin waiting Mutex to release process #####
2:5:48 = hWnd = 0x000904ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:5:48 = hWnd = 0x0011076a; ClassName:
w.
x=0, y=0, width=1, height=1
2:5:48 = hWnd = 0x0007056a; ClassName:
x=0, y=0, width=0, height=0
2:5:48 = hWnd = 0x00b20538; ClassName:
x=0, y=0, width=0, height=0
2:6:35 = Process Attach
2:6:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:6:35 = * NULL == SampleProvider *

2:6:35 = begin close Process
2:6:35 = end close Process
2:6:35 = ##### Get event and release process end #####

2:6:35 = hWnd = 0x000200b4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:6:35 = hWnd = 0x000300a4; ClassName:
w.
x=0, y=0, width=1, height=1
2:6:35 = hWnd = 0x0004007c; ClassName:
x=0, y=0, width=0, height=0
2:6:35 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
11:10:27 = Process Attach
11:10:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:10:28 = * NULL == SampleProvider *

11:10:28 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:10:28 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:10:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:10:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:10:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:10:32 = s1.
11:10:32 = s2.
11:10:35
11:10:35
11:11:14
11:11:14
11:11:15
11:11:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:17:22 = Process Attach

2:17:22 = end process attach
2:17:22 = ***** NULL == SampleProvider *****
2:17:22 = hWnd = 0x0005045c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:17:22 = hWnd = 0x00050470; ClassName:
ow.
x=0, y=0, width=1, height=1
2:17:22 = hWnd = 0x00020446; ClassName:
x=0, y=0, width=0, height=0
2:17:22 = hWnd = 0x00030466; ClassName:
x=0, y=0, width=0, height=0
2:18:8 = Process Attach
2:18:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:8 = ##### Get event and release process #####

2:18:8 = begin close Process
2:18:8 = end close Process

2:18:8 = ##### Get event and release process end #####

2:18:8 = hWnd = 0x000200b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:18:8 = hWnd = 0x000300a2; ClassName:
w.
x=0, y=0, width=1, height=1
2:18:8 = hWnd = 0x0005013a; ClassName:
x=0, y=0, width=0, height=0
2:18:8 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
12:12:55 = Process Attach
12:12:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:12:55 = * NULL == SampleProvider *

12:12:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:12:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:12:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:12:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:12:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:12:58 = s1.
12:12:58 = s2.
12:13:3 = Start show animate
12:13:3 = Shell Excutute VerifyHost
12:13:40 = begin close Process
12:13:40 = Terminate Process
12:13:41 = end close Process
12:13:41 = DLL_PROCESS_DETACH
3:58:15 = Process Attach
3:58:15 = end process attach
3:58:15 = ##### Begin waiting Mutex to release process #####
3:58:15 = ***** NULL == SampleProvider *****
3:58:16 = hWnd = 0x00030450; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:58:16 = hWnd = 0x0002044c; ClassName:
ow.
x=0, y=0, width=1, height=1
3:58:16 = hWnd = 0x0002045a; ClassName:
x=0, y=0, width=0, height=0
3:58:16 = hWnd = 0x0002044e; ClassName:
x=0, y=0, width=0, height=0
3:59:59 = Process Attach
3:59:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:59:59 = ##### Get event and release process #####

3:59:59 = begin close Process
3:59:59 = end close Process
3:59:59 = ##### Get event and release process end #####
3:59:59 = hWnd = 0x0014007e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:59:59 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
3:59:59 = hWnd = 0x01ae0056; ClassName:
x=0, y=0, width=0, height=0
3:59:59 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
9:42:24 = Process Attach
9:42:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:42:24 = * NULL == SampleProvider *

9:42:24 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:42:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:42:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:42:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:42:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:42:30 = s1.
9:42:30 = s2.
9:42:33
9:42:33
9:43:24
9:43:24
9:43:25
9:43:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:38:54 = Process Attach

2:38:54 = end process attach
2:38:54 = ***** NULL == SampleProvider *****
2:38:54 = ##### Begin waiting Mutex to release process #####
2:38:54 = hWnd = 0x000304c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:38:54 = hWnd = 0x0003029c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:54 = hWnd = 0x000404ae; ClassName:
x=0, y=0, width=0, height=0
2:38:54 = hWnd = 0x000401b0; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

2:38:54 = Need to re-create objects.
2:38:54 = s1.
2:38:54 = s2.
2:38:55
2:38:55
2:40:58
2:40:58
2:40:59
2:40:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:5:34 = Process Attach

3:5:34 = end process attach
3:5:34 = ##### Begin waiting Mutex to release process #####
3:5:34 = ***** NULL == SampleProvider *****
3:5:34 = hWnd = 0x000f0b98; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:5:34 = hWnd = 0x000a0bac; ClassName:
w.
x=0, y=0, width=1, height=1
3:5:34 = hWnd = 0x000c0b5c; ClassName:
x=0, y=0, width=0, height=0
3:5:34 = hWnd = 0x000b0b9c; ClassName:
x=0, y=0, width=0, height=0
3:6:11 = Process Attach
3:6:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:6:11 = * NULL == SampleProvider *

3:6:11 = begin close Process
3:6:11 = end close Process
3:6:11 = hWnd = 0x00030132; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:6:11 = hWnd = 0x00120126; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:3:26 = Process Attach
13:3:26 = end process attach
13:3:26 = ***** NULL == SampleProvider *****
13:3:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:3:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:3:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:3:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:3:30 = Need to re-create objects.
13:3:30 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:3:30 = s2.
13:3:34
13:3:34
13:4:12
13:4:12
13:4:14
13:4:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:38:46 = Process Attach

2:38:46 = end process attach
2:38:46 = ***** NULL == SampleProvider *****
2:38:46 = ##### Begin waiting Mutex to release process #####
2:38:47 = hWnd = 0x00560610; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:38:47 = hWnd = 0x00030c7c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:47 = hWnd = 0x0016049c; ClassName:
x=0, y=0, width=0, height=0
2:38:47 = hWnd = 0x00030c7a; ClassName:
x=0, y=0, width=0, height=0
2:39:59 = Process Attach
2:39:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:39:59 = * NULL == SampleProvider *

2:39:59 = begin close Process
2:39:59 = end close Process
2:39:59 = ##### Get event and release process end #####
2:39:59 = hWnd = 0x0003004a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:39:59 = hWnd = 0x0004003a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:39:59 = hWnd = 0x000f0100; ClassName:
x=0, y=0, width=0, height=0
2:39:59 = hWnd = 0x000200dc; ClassName:
x=0, y=0, width=0, height=0
12:5:16 = Process Attach
12:5:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:16 = ##### Begin waiting Mutex to release process #####

12:5:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:5:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:5:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:5:16 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

12:5:16 = Need to re-create objects.
12:5:16 = s1.
12:5:16 = s2.
12:5:16 = Start show animate
12:5:16 = Shell Excutute VerifyHost
12:5:59 = begin close Process
12:5:59 = Terminate Process
12:6:0 = end close Process
12:6:0 = DLL_PROCESS_DETACH
22:59:55 = Process Attach
22:59:55 = end process attach
22:59:55 = ***** NULL == SampleProvider *****
22:59:55 = ##### Begin waiting Mutex to release process #####
22:59:55 = hWnd = 0x00130494; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:59:55 = hWnd = 0x0005052a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:59:55 = hWnd = 0x000f0572; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:0:57 = Process Attach
23:0:57 = ## ERR ## Setevent
23:0:57 = ##### Get event and release process #####
23:0:57 = begin close Process
23:0:57 = end close Process
23:0:57 = ##### Get event and release process end #####
23:0:57 = hWnd = 0x0011005e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:0:57 = hWnd = 0x0004009a; ClassName:
ow.
x=0, y=0, width=1, height=1
23:0:57 = hWnd = 0x00030126; ClassName:
x=0, y=0, width=0, height=0
23:0:57 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
9:12:35 = Process Attach
9:12:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:12:35 = * NULL == SampleProvider *

9:12:35 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:12:35 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:12:36 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

9:12:36 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
9:12:39 = Need to re-create objects.
9:12:39 = s1.
9:12:39 = s2.
9:12:43
9:12:43
9:13:20
9:13:20
9:13:21
9:13:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:4:3 = Process Attach

0:4:3 = end process attach
0:4:3 = ##### Begin waiting Mutex to release process #####
0:4:3 = ***** NULL == SampleProvider *****
0:4:3 = hWnd = 0x00050538; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:4:3 = hWnd = 0x00330506; ClassName:
.
x=0, y=0, width=1, height=1
0:4:3 = hWnd = 0x000308ae; ClassName:
x=0, y=0, width=0, height=0
0:4:3 = hWnd = 0x000f05c4; ClassName:
x=0, y=0, width=0, height=0
0:5:21 = Process Attach
0:5:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:5:21 = ##### Get event and release process #####

0:5:21 = begin close Process
0:5:21 = end close Process
0:5:21 = ##### Get event and release process end #####
0:5:21 = hWnd = 0x000200ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:5:21 = hWnd = 0x00050038; ClassName:
w.
x=0, y=0, width=1, height=1
0:5:21 = hWnd = 0x0003007e; ClassName:
x=0, y=0, width=0, height=0
0:5:21 = hWnd = 0x000200a2; ClassName:
x=0, y=0, width=0, height=0
9:25:28 = Process Attach
9:25:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:28 = * NULL == SampleProvider *

9:25:28 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:25:28 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
9:25:28 =
x=0, y=0,
9:25:28 =
x=0, y=0,
9:25:33 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

9:25:33 = s1.
9:25:33 = s2.
9:25:37
9:25:37
9:26:27
9:26:27
9:26:28
9:26:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:32:57 = Process Attach

23:32:57 = end process attach
23:32:57 = ***** NULL == SampleProvider *****
23:32:57 = ##### Begin waiting Mutex to release process #####
23:32:57 = hWnd = 0x00060ade; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:32:57 = hWnd = 0x000804c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:32:57 = hWnd = 0x00060614; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:34:7 = Process Attach
23:34:7 = ## ERR ## Setevent
23:34:7 = ***** NULL == SampleProvider *****
23:34:7 = end close Process
23:34:7 = ##### Get event and release process end #####
23:34:7 = hWnd = 0x000200b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:34:7 = hWnd = 0x00080032; ClassName:
ow.
x=0, y=0, width=1, height=1
23:34:7 = hWnd = 0x00020118; ClassName:
x=0, y=0, width=0, height=0
23:34:7 = hWnd = 0x0003008e; ClassName:
x=0, y=0, width=0, height=0
9:13:17 = Process Attach
9:13:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:13:17 = * NULL == SampleProvider *

9:13:17 = ##### Begin waiting Mutex to release process #####
9:13:17 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
9:13:18 =
ow.
x=0, y=0,
9:13:18 =
x=0, y=0,
9:13:18 =
x=0, y=0,
9:13:22 =

9:13:22 = s1.
9:13:22 = s2.
9:13:25 = Start show animate
9:13:25 = Shell Excutute VerifyHost
9:14:2 = begin close Process
9:14:2 = Terminate Process
9:14:4 = end close Process
9:14:4 = DLL_PROCESS_DETACH
11:54:17 = Process Attach
11:54:17 = end process attach
11:54:17 = ##### Begin waiting Mutex to release process #####
11:54:17 = hWnd = 0x00030654; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:54:17 = hWnd = 0x00040698; ClassName:
dow.
x=0, y=0, width=1, height=1
11:54:17 = hWnd = 0x00360466; ClassName:
x=0, y=0, width=0, height=0
11:54:17 = hWnd = 0x00040696; ClassName:
x=0, y=0, width=0, height=0
11:54:36 = Process Attach
11:54:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:54:36 = * NULL == SampleProvider *

11:54:36 = begin close Process
11:54:36 = end close Process
11:54:36 = ##### Get event and release process end #####
11:54:36 = hWnd = 0x000200a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:54:36 = hWnd = 0x000400e2; ClassName:
dow.
x=0, y=0, width=1, height=1
11:54:36 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
11:54:36 = hWnd = 0x0008009c; ClassName:
x=0, y=0, width=0, height=0
13:35:48 = Process Attach
13:35:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:35:48 = * NULL == SampleProvider *

13:35:48 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:35:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:35:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:35:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:35:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:35:55 = s1.
13:35:55 = s2.
13:35:55
13:35:55
13:36:22
13:36:22
13:36:23
13:36:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:0:15 = Process Attach

1:0:15 = end process attach
1:0:15 = ***** NULL == SampleProvider *****
1:0:15 = ##### Begin waiting Mutex to release process #####
1:0:15 = hWnd = 0x00030484; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:0:15 = hWnd = 0x0002049c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:0:15 = hWnd = 0x00030480; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:1:0 = Process Attach
1:1:0 = ## ERR ## Setevent
1:1:0 = ##### Get event and release process #####
1:1:0 = begin close Process
1:1:0 = end close Process
1:1:0 = ***** NULL == SampleProvider *****
1:1:0 = hWnd = 0x000700fe; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:0 = hWnd = 0x000200ac; ClassName:
.
x=0, y=0, width=1, height=1
1:1:0 = hWnd = 0x023a00cc; ClassName:
x=0, y=0, width=0, height=0
1:1:0 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
10:10:43 = Process Attach
10:10:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:10:43 = * NULL == SampleProvider *

10:10:43 = ##### Begin waiting Mutex to release process #####

10:10:43 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:10:44 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:10:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:10:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:10:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:10:48 = s1.
10:10:48 = s2.
10:10:50
10:10:50
10:11:26
10:11:26
10:11:27
10:11:27

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:48:28 = s1.
10:48:28 = s2.
10:48:30 = Start show animate
10:48:30 = Shell Excutute VerifyHost
10:49:6 = begin close Process
10:49:6 = Terminate Process
10:49:7 = end close Process
10:49:7 = DLL_PROCESS_DETACH
1:26:14 = Process Attach
1:26:14 = end process attach
1:26:14 = ***** NULL == SampleProvider *****
1:26:14 = ##### Begin waiting Mutex to release process #####
1:26:14 =
ow.
x=0, y=0,
1:26:14 =
x=0, y=0,
1:26:14 =
x=0, y=0,
1:27:54 =
1:27:54 =

hWnd = 0x004d047e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000c0798; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0006049c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:27:54 = ##### Get event and release process #####

1:27:54 = begin close Process
1:27:54 = end close Process
1:27:54 = ##### Get event and release process end #####
1:27:54 = hWnd = 0x003600d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:27:54 = hWnd = 0x000200ac; ClassName:
ow.
x=0, y=0, width=1, height=1
1:27:54 = hWnd = 0x00070050; ClassName:
x=0, y=0, width=0, height=0
1:27:54 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
10:29:19 = Process Attach
10:29:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:19 = * NULL == SampleProvider *

10:29:19 = ##### Begin waiting Mutex to release process #####
10:29:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:29:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:29:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:29:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:29:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:22 = s1.
10:29:22 = s2.
10:29:25 = Start show animate
10:29:25 = Shell Excutute VerifyHost
10:30:4 = begin close Process
10:30:4 = Terminate Process
10:30:5 = end close Process
10:30:5 = DLL_PROCESS_DETACH
2:16:18 = Process Attach
2:16:19 = end process attach
2:16:19 = ##### Begin waiting Mutex to release process #####
2:16:19 = hWnd = 0x0007046c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:16:19 = hWnd = 0x00040524; ClassName:
ow.
x=0, y=0, width=1, height=1
2:16:19 = hWnd = 0x00780470; ClassName:
x=0, y=0, width=0, height=0
2:16:19 = hWnd = 0x00070472; ClassName:
x=0, y=0, width=0, height=0
2:17:50 = Process Attach
2:17:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:17:50 = ##### Get event and release process #####

2:17:50 = begin close Process
2:17:50 = end close Process
2:17:50 = ##### Get event and release process end #####
2:17:50 = hWnd = 0x0017005a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:17:50 = hWnd = 0x000200b2; ClassName:
ow.
x=0, y=0, width=1, height=1
2:17:50 = hWnd = 0x02c20098; ClassName:
x=0, y=0, width=0, height=0
2:17:50 = hWnd = 0x000200b4; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

10:51:33 = Process Attach
10:51:33 = end process attach
10:51:33 = ***** NULL == SampleProvider *****
10:51:33 = ##### Begin waiting Mutex to release process #####
10:51:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:51:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:51:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:51:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:51:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:51:37 = s1.
10:51:37 = s2.
10:51:39
10:51:39
10:52:17
10:52:17
10:52:19
10:52:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:20:25 = Process Attach

1:20:25 = end process attach
1:20:25 = ***** NULL == SampleProvider *****
1:20:25 = ##### Begin waiting Mutex to release process #####
1:20:25 = hWnd = 0x00060c66; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:20:25 = hWnd = 0x004d06f0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:20:25 = hWnd = 0x002104a6; ClassName:
x=0, y=0, width=0, height=0
1:20:25 = hWnd = 0x00060c64; ClassName:
x=0, y=0, width=0, height=0
1:21:39 = Process Attach
1:21:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:21:39 = ##### Get event and release process #####

1:21:39 = begin close Process
1:21:39 = end close Process
1:21:39 = ##### Get event and release process end #####
1:21:39 = hWnd = 0x000200ac; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

1:21:39 = hWnd = 0x010000f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:21:39 = hWnd = 0x01ae00c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:21:39 = hWnd = 0x000200aa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:50:59 = Process Attach
10:50:59 = end process attach
10:50:59 = ***** NULL == SampleProvider *****
10:50:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:50:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:51:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:51:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:51:3 = Need to re-create objects.
10:51:3 = s1.
10:51:3 = s2.
10:51:6 = Start show animate
10:51:6 = Shell Excutute VerifyHost
10:51:45 = begin close Process
10:51:45 = Terminate Process
10:51:46 = end close Process
10:51:46 = DLL_PROCESS_DETACH
2:29:13 = Process Attach
2:29:13 = end process attach
2:29:13 = ***** NULL == SampleProvider *****
2:29:13 = hWnd = 0x000204b4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:29:13 = ##### Begin waiting Mutex to release process #####
2:29:13 = hWnd = 0x0049043a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:29:13 = hWnd = 0x0005042e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:29:13 = hWnd = 0x000204b6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:30:4 = Process Attach
2:30:4 = ## ERR ## Setevent
2:30:4 = ##### Get event and release process #####
2:30:4 = begin close Process
2:30:4 = end close Process
2:30:4 = ##### Get event and release process end #####

2:30:4 = hWnd = 0x0003008e; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:30:4 = hWnd = 0x0005009a; ClassName:
w.
x=0, y=0, width=1, height=1
2:30:4 = hWnd = 0x003c00e6; ClassName:
x=0, y=0, width=0, height=0
2:30:4 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
11:56:35 = Process Attach
11:56:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:56:35 = * NULL == SampleProvider *

11:56:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:56:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:56:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:56:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:56:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:56:35 = s1.
11:56:35 = s2.
11:56:38
11:56:38
11:57:34
11:57:34
11:57:35
11:57:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:42:33 = Process Attach

2:42:33 = end process attach
2:42:33 = ##### Begin waiting Mutex to release process #####
2:42:33 = hWnd = 0x000a06fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:42:33 = hWnd = 0x022e0048; ClassName:
ow.
x=0, y=0, width=1, height=1
2:42:33 = hWnd = 0x002105dc; ClassName:
x=0, y=0, width=0, height=0
2:42:33 = hWnd = 0x000a06a6; ClassName:
x=0, y=0, width=0, height=0
2:43:10 = Process Attach
2:43:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:43:10 = * NULL == SampleProvider *

2:43:10 = begin close Process

2:43:10 = end close Process

2:43:10 = ##### Get event and release process end #####
2:43:10 = hWnd = 0x000200bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:43:10 = hWnd = 0x000700a6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:43:10 = hWnd = 0x0007010e; ClassName:
x=0, y=0, width=0, height=0
2:43:10 = hWnd = 0x000200e4; ClassName:
x=0, y=0, width=0, height=0
12:36:34 = Process Attach
12:36:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:36:34 = * NULL == SampleProvider *

12:36:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:36:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:36:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:36:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:36:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:36:37 = s1.
12:36:37 = s2.
12:36:41
12:36:41
12:37:19
12:37:19
12:37:20
12:37:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:49:29 = Process Attach

2:49:29 = end process attach
2:49:29 = ***** NULL == SampleProvider *****
2:49:29 = hWnd = 0x00050434; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:49:29 = hWnd = 0x00090bec; ClassName:
ow.
x=0, y=0, width=1, height=1
2:49:29 = hWnd = 0x00040bfc; ClassName:
x=0, y=0, width=0, height=0
2:49:29 = hWnd = 0x00070bf0; ClassName:
x=0, y=0, width=0, height=0
2:50:43 = Process Attach
2:50:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:50:43 = ##### Get event and release process #####

2:50:43 = begin close Process

2:50:43 = end close Process
2:50:43 = ##### Get event and release process end #####
2:50:43 = hWnd = 0x000200b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:50:43 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
2:50:43 = hWnd = 0x002a013e; ClassName:
x=0, y=0, width=0, height=0
2:50:43 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
13:33:54 = Process Attach
13:33:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:33:55 = * NULL == SampleProvider *

13:33:55 = ##### Begin waiting Mutex to release process #####
13:33:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:33:55 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:33:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:33:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:33:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:33:58 = s1.
13:33:58 = s2.
13:34:1 = Start show animate
13:34:1 = Shell Excutute VerifyHost
13:34:39 = begin close Process
13:34:39 = Terminate Process
13:34:40 = end close Process
13:34:40 = DLL_PROCESS_DETACH
1:3:25 = Process Attach
1:3:25 = end process attach
1:3:25 = ***** NULL == SampleProvider *****
1:3:25 = hWnd = 0x000204a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:3:25 = hWnd = 0x0002048c; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:25 = hWnd = 0x0002048e; ClassName:
x=0, y=0, width=0, height=0
1:3:25 = hWnd = 0x000d0620; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:5:13 = Process Attach

1:5:13 = ## ERR ## Setevent
1:5:13 = ##### Get event and release process #####
1:5:13 = begin close Process
1:5:13 = end close Process
1:5:13 = ##### Get event and release process end #####
1:5:13 = hWnd = 0x00c00136; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:5:13 = hWnd = 0x018e0114; ClassName:
w.
x=0, y=0, width=1, height=1
1:5:13 = hWnd = 0x000300ac; ClassName:
x=0, y=0, width=0, height=0
1:5:13 = hWnd = 0x00c00138; ClassName:
x=0, y=0, width=0, height=0
12:2:50 = Process Attach
12:2:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:2:50 = * NULL == SampleProvider *

12:2:50 = ##### Begin waiting Mutex to release process #####
12:2:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:2:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:2:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:2:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:2:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:2:56 = s1.
12:2:56 = s2.
12:3:0 = Start show animate
12:3:0 = Shell Excutute VerifyHost
12:3:37 = begin close Process
12:3:37 = Terminate Process
12:3:38 = end close Process
12:3:38 = DLL_PROCESS_DETACH
1:38:28 = Process Attach
1:38:28 = end process attach
1:38:28 = ***** NULL == SampleProvider *****
1:38:28 = ##### Begin waiting Mutex to release process #####
1:38:28 = hWnd = 0x0009047e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:38:28 = hWnd = 0x001005c8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:38:28 =
x=0, y=0,
1:38:28 =
x=0, y=0,
1:39:55 =
1:39:55 =

width=1, height=1
hWnd = 0x000604c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00ae05a0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:39:55 = ##### Get event and release process #####

1:39:55 = begin close Process
1:39:55 = end close Process
1:39:55 = ##### Get event and release process end #####
1:39:55 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:39:55 = hWnd = 0x000600a2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:39:55 = hWnd = 0x0061013c; ClassName:
x=0, y=0, width=0, height=0
1:39:55 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
2:18:23 = Process Attach
2:18:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:23 = * NULL == SampleProvider *

2:18:24 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:18:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
2:18:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:18:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
2:18:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:18:26 = s1.
2:18:26 = s2.
2:18:29 = Start show animate
2:18:29 = Shell Excutute VerifyHost
2:19:6 = begin close Process
2:19:6 = Terminate Process
2:19:7 = end close Process
2:19:7 = DLL_PROCESS_DETACH
4:6:30 = Process Attach
4:6:30 = end process attach
4:6:30 = ***** NULL == SampleProvider *****
4:6:30 = ##### Begin waiting Mutex to release process #####

4:6:30 = hWnd = 0x00a30500; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:6:30 = hWnd = 0x0002035c; ClassName:
w.
x=0, y=0, width=1, height=1
4:6:30 = hWnd = 0x00b904ce; ClassName:
x=0, y=0, width=0, height=0
4:6:30 = hWnd = 0x004f0502; ClassName:
x=0, y=0, width=0, height=0
4:6:35 = Process Attach
4:6:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:6:35 = ##### Get event and release process #####

4:6:35 = begin close Process
4:6:35 = end close Process
4:6:35 = ##### Get event and release process end #####
4:6:35 = hWnd = 0x001500c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:6:35 = hWnd = 0x000d00fe; ClassName:
w.
x=0, y=0, width=1, height=1
4:6:35 = hWnd = 0x000300c6; ClassName:
x=0, y=0, width=0, height=0
4:6:35 = hWnd = 0x002000c4; ClassName:
x=0, y=0, width=0, height=0
4:34:6 = Process Attach
4:34:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:34:6 = * NULL == SampleProvider *

4:34:6 = ##### Begin waiting Mutex to release process #####
4:34:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:34:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
4:34:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
4:34:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
4:34:10 = Need to re-create objects.
4:34:10 = s1.
4:34:10 = s2.
4:34:14
4:34:14
4:34:53
4:34:53
4:34:54
4:34:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:23:12 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:23:12 = end process attach

6:23:12 = ***** NULL == SampleProvider *****
6:23:12 = hWnd = 0x00080436; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:23:12 = hWnd = 0x00040450; ClassName:
ow.
x=0, y=0, width=1, height=1
6:23:12 = hWnd = 0x0012004a; ClassName:
x=0, y=0, width=0, height=0
6:23:12 = hWnd = 0x000f044e; ClassName:
x=0, y=0, width=0, height=0
6:23:18 = Process Attach
6:23:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:23:18 = ##### Get event and release process #####

6:23:18 = begin close Process
6:23:18 = end close Process
6:23:18 = ##### Get event and release process end #####
6:23:18 = hWnd = 0x001b0056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
6:23:18 = hWnd = 0x001400e4; ClassName:
ow.
x=0, y=0, width=1, height=1
6:23:18 = hWnd = 0x000a00b2; ClassName:
x=0, y=0, width=0, height=0
6:23:18 = hWnd = 0x000d00ea; ClassName:
x=0, y=0, width=0, height=0
8:14:30 = Process Attach
8:14:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:14:30 = * NULL == SampleProvider *

8:14:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:14:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:14:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:14:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:14:30 = Need to re-create objects.
8:14:30 = s1.
8:14:30 = s2.
8:14:30 = Start show animate
8:14:30 = Shell Excutute VerifyHost
8:15:2 = begin close Process
8:15:2 = Terminate Process
8:15:3 = end close Process
8:15:3 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:33:36 = Process Attach

18:33:36 = end process attach
18:33:36 = ***** NULL == SampleProvider *****
18:33:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:33:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:33:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:33:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:33:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:33:40 = s1.
18:33:40 = s2.
18:33:44
18:33:44
18:34:21
18:34:21
18:34:22
18:34:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:44:40 = Process Attach

18:44:40 = end process attach
18:44:40 = ***** NULL == SampleProvider *****
18:44:40 = ##### Begin waiting Mutex to release process #####
18:44:40 = hWnd = 0x000a0038; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:44:40 = hWnd = 0x000e0424; ClassName:
dow.
x=0, y=0, width=1, height=1
18:44:40 = hWnd = 0x000800f2; ClassName:
x=0, y=0, width=0, height=0
18:44:40 = hWnd = 0x0007043a; ClassName:
x=0, y=0, width=0, height=0
18:44:45 = Process Attach
18:44:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:44:45 = ##### Get event and release process #####

18:44:45 = begin close Process
18:44:45 = end close Process
18:44:45 = ##### Get event and release process end #####
18:44:45 = ***** NULL == SampleProvider *****
18:44:45 = hWnd = 0x000200fc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

18:44:45 = hWnd = 0x000900fa; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:44:45 = hWnd = 0x0014009e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:44:45 = hWnd = 0x00030048; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:46:22 = Process Attach
18:46:23 = end process attach
18:46:23 = ***** NULL == SampleProvider *****
18:46:23 = ##### Begin waiting Mutex to release process #####
18:46:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:46:24 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:46:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:46:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:46:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:46:27 = s1.
18:46:27 = s2.
18:46:31 = Start show animate
18:46:31 = Shell Excutute VerifyHost
18:47:8 = begin close Process
18:47:8 = Terminate Process
18:47:10 = end close Process
18:47:10 = DLL_PROCESS_DETACH
2:39:12 = Process Attach
2:39:13 = end process attach
2:39:13 = ***** NULL == SampleProvider *****
2:39:13 = ##### Begin waiting Mutex to release process #####
2:39:13 = hWnd = 0x0011057c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:39:13 = hWnd = 0x00100838; ClassName:
ow.
x=0, y=0, width=1, height=1
2:39:13 = hWnd = 0x002b0348; ClassName:
x=0, y=0, width=0, height=0
2:39:13 = hWnd = 0x000a0836; ClassName:
x=0, y=0, width=0, height=0
2:40:5 = Process Attach
2:40:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:40:5 = ##### Get event and release process #####

2:40:5 = begin close Process

2:40:5 = end close Process

2:40:5 = ##### Get event and release process end #####
2:40:5 = hWnd = 0x006d007c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:40:5 = hWnd = 0x0004003a; ClassName:
w.
x=0, y=0, width=1, height=1
2:40:5 = hWnd = 0x001b00ca; ClassName:
x=0, y=0, width=0, height=0
2:40:5 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
11:50:53 = Process Attach
11:50:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:50:53 = * NULL == SampleProvider *

11:50:53 = ##### Begin waiting Mutex to release process #####
11:50:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:50:53 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:50:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:50:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:50:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:50:53 = s1.
11:50:53 = s2.
11:50:57
11:50:57
11:51:12
11:51:12
11:51:13
11:51:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:27:58 = Process Attach

13:27:58 = end process attach
13:27:58 = ***** NULL == SampleProvider *****
13:27:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:27:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:27:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:27:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:28:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:28:1 = s1.
13:28:1 = s2.
13:28:7 = Start show animate
13:28:7 = Shell Excutute VerifyHost
13:28:42 = begin close Process
13:28:42 = Terminate Process
13:28:43 = end close Process
13:28:43 = DLL_PROCESS_DETACH
15:2:52 = Process Attach
15:2:52 = end process attach
15:2:52 = ***** NULL == SampleProvider *****
15:2:52 = ##### Begin waiting Mutex to release process #####
15:2:52 = Need to re-create objects.
15:2:53 = s1.
15:2:53 = s2.
15:2:53 = Start show animate
15:2:53 = Shell Excutute VerifyHost
23:1:50 = Bypass the object creation.
23:2:25
23:2:26
23:2:27
23:2:27

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

23:2:39 = Process Attach

23:2:39 = end process attach
23:2:39 = ##### Begin waiting Mutex to release process #####
23:2:39 = ***** NULL == SampleProvider *****
23:2:39 = hWnd = 0x0002046c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:2:39 = hWnd = 0x000205a0; ClassName:
ow.
x=0, y=0, width=1, height=1
23:2:39 = hWnd = 0x00040446; ClassName:
x=0, y=0, width=0, height=0
23:2:39 = hWnd = 0x00020448; ClassName:
x=0, y=0, width=0, height=0
23:2:56 = Process Attach
23:2:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:2:56 = ##### Get event and release process #####

23:2:56 = begin close Process
23:2:56 = hWnd = 0x0005005a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:2:56 = ##### Get event and release process end #####

23:2:56 =
x=0, y=0,
23:2:56 =
x=0, y=0,
23:3:59 =
23:3:59 =

hWnd = 0x00050130; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00030076; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

23:3:59 = * NULL == SampleProvider *

23:3:59 = ##### Begin waiting Mutex to release process #####
23:3:59 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:3:59 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
23:3:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:3:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:4:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:4:0 = s1.
23:4:0 = s2.
23:4:4 = Start show animate
23:4:4 = Shell Excutute VerifyHost
23:4:36 = begin close Process
23:4:36 = Terminate Process
23:4:37 = end close Process
23:4:37 = DLL_PROCESS_DETACH
1:14:6 = Process Attach
1:14:6 = end process attach
1:14:6 = ***** NULL == SampleProvider *****
1:14:6 = ##### Begin waiting Mutex to release process #####
1:14:6 = hWnd = 0x000a04a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:14:6 = hWnd = 0x000b0492; ClassName:
w.
x=0, y=0, width=1, height=1
1:14:6 = hWnd = 0x001a0498; ClassName:
x=0, y=0, width=0, height=0
1:14:6 = hWnd = 0x000204c0; ClassName:
x=0, y=0, width=0, height=0
1:15:0 = Process Attach
1:15:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:15:0 = ##### Get event and release process #####

1:15:0 = begin close Process
1:15:0 = end close Process
1:15:0 = ##### Get event and release process end #####

1:15:0 = * NULL == SampleProvider *

1:15:0 = hWnd = 0x000200d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:15:0 = hWnd = 0x00020124; ClassName:
w.
x=0, y=0, width=1, height=1
1:15:0 = hWnd = 0x0051004a; ClassName:
x=0, y=0, width=0, height=0
1:15:0 = hWnd = 0x000200c8; ClassName:
x=0, y=0, width=0, height=0
7:58:27 = Process Attach
7:58:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:58:27 = ##### Begin waiting Mutex to release process #####

7:58:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:58:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:58:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:58:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:58:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:58:32 = s1.
7:58:32 = s2.
7:58:32
7:58:32
7:59:56
7:59:56
7:59:57
7:59:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:15:10 = Process Attach

18:15:11 = end process attach
18:15:11 = ##### Begin waiting Mutex to release process #####
18:15:11 = hWnd = 0x000b08ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:15:11 = hWnd = 0x001f09a8; ClassName:
dow.
x=0, y=0, width=1, height=1
18:15:11 = hWnd = 0x0007052c; ClassName:
x=0, y=0, width=0, height=0
18:15:11 = hWnd = 0x000608b8; ClassName:
x=0, y=0, width=0, height=0
18:17:34 = Process Attach
18:17:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:17:34 = ##### Get event and release process #####

18:17:34 = begin close Process

18:17:34 = end close Process
18:17:34 = ##### Get event and release process end #####
18:17:34 = hWnd = 0x0002012e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:17:34 = hWnd = 0x0002012c; ClassName:
dow.
x=0, y=0, width=1, height=1
18:17:34 = hWnd = 0x000500c2; ClassName:
x=0, y=0, width=0, height=0
18:17:34 = hWnd = 0x0002012a; ClassName:
x=0, y=0, width=0, height=0
18:21:53 = Process Attach
18:21:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:21:54 = * NULL == SampleProvider *

18:21:54 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:21:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:21:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:21:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:21:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:21:57 = s1.
18:21:57 = s2.
18:22:1 = Start show animate
18:22:1 = Shell Excutute VerifyHost
18:22:39 = begin close Process
18:22:39 = Terminate Process
18:22:40 = end close Process
18:22:40 = DLL_PROCESS_DETACH
0:1:49 = Process Attach
0:1:49 = end process attach
0:1:49 = ##### Begin waiting Mutex to release process #####
0:1:49 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:1:49 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
0:1:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:1:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:2:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:2:7 = s1.
0:2:7 = s2.
0:2:15
0:2:15
0:3:17
0:3:17
0:3:17

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
end close Process
DLL_PROCESS_DETACH

2:19:39 = Process Attach

2:19:39 = end process attach
2:19:39 = ***** NULL == SampleProvider *****
2:19:39 = ##### Begin waiting Mutex to release process #####
2:19:39 = hWnd = 0x000304d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:19:39 = hWnd = 0x000b04aa; ClassName:
ow.
x=0, y=0, width=1, height=1
2:19:39 = hWnd = 0x001304b2; ClassName:
x=0, y=0, width=0, height=0
2:19:39 = hWnd = 0x000804ca; ClassName:
x=0, y=0, width=0, height=0
2:19:46 = Process Attach
2:19:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:19:46 = * NULL == SampleProvider *

2:19:46 = begin close Process
2:19:46 = end close Process
2:19:46 = ##### Get event and release process end #####
2:19:46 = hWnd = 0x000400ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:19:46 = hWnd = 0x000200c6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:19:46 = hWnd = 0x001e00f0; ClassName:
x=0, y=0, width=0, height=0
2:19:46 = hWnd = 0x000200c8; ClassName:
x=0, y=0, width=0, height=0
8:37:2 = Process Attach
8:37:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:37:2 = ##### Begin waiting Mutex to release process #####

8:37:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:37:2 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:37:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:37:2 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

8:37:11 = Need to re-create objects.
8:37:11 = s1.
8:37:11 = s2.
8:37:13
8:37:13
8:37:42
8:37:42
8:37:43
8:37:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:25:18 = Process Attach

2:25:18 = end process attach
2:25:18 = ***** NULL == SampleProvider *****
2:25:18 = ##### Begin waiting Mutex to release process #####
2:25:18 = hWnd = 0x000c04ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:25:18 = hWnd = 0x0038067e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:25:18 = hWnd = 0x00100474; ClassName:
x=0, y=0, width=0, height=0
2:25:18 = hWnd = 0x00100648; ClassName:
x=0, y=0, width=0, height=0
2:26:29 = Process Attach
2:26:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:26:29 = * NULL == SampleProvider *

2:26:29 = ##### Get event and release process #####
2:26:29 = begin close Process
2:26:29 = end close Process
2:26:29 = ##### Get event and release process end #####
2:26:29 = hWnd = 0x000200ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:26:29 = hWnd = 0x000200c6; ClassName:
ow.
x=0, y=0, width=1, height=1
2:26:29 = hWnd = 0x004c013a; ClassName:
x=0, y=0, width=0, height=0
2:26:29 = hWnd = 0x000200c8; ClassName:
x=0, y=0, width=0, height=0
8:36:34 = Process Attach
8:36:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:36:34 = * NULL == SampleProvider *

8:36:35 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

8:36:35 =
ow.
x=0, y=0,
8:36:36 =
x=0, y=0,
8:36:36 =
x=0, y=0,
8:36:39 =

8:36:39 = s1.
8:36:39 = s2.
8:36:43
8:36:43
8:37:22
8:37:22
8:37:23
8:37:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:45:49 = Process Attach

1:45:50 = end process attach
1:45:50 = ***** NULL == SampleProvider *****
1:45:50 = ##### Begin waiting Mutex to release process #####
1:45:50 = hWnd = 0x0005049a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:45:50 = hWnd = 0x0005048c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:50 = hWnd = 0x00070478; ClassName:
x=0, y=0, width=0, height=0
1:45:50 = hWnd = 0x000204aa; ClassName:
x=0, y=0, width=0, height=0
1:47:8 = Process Attach
1:47:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:47:8 = * NULL == SampleProvider *

1:47:8 = hWnd = 0x004900f4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:47:8 = hWnd = 0x000300c8; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:47:8 = hWnd = 0x0009004e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:47:8 = hWnd = 0x000200ca; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:47:8 = ##### Get event and release process #####
1:47:8 = begin close Process
1:47:8 = end close Process
1:47:8 = ##### Get event and release process end #####
12:56:23 = Process Attach
12:56:23 = end process attach

12:56:23 = * NULL == SampleProvider *

12:56:23 = ##### Begin waiting Mutex to release process #####
12:56:24 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:56:24 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:56:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:56:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:56:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:56:28 = s1.
12:56:28 = s2.
12:56:31 = Start show animate
12:56:31 = Shell Excutute VerifyHost
12:57:8 = begin close Process
12:57:8 = Terminate Process
12:57:9 = end close Process
12:57:9 = DLL_PROCESS_DETACH
13:7:24 = Process Attach
13:7:24 = end process attach
13:7:24 = ***** NULL == SampleProvider *****
13:7:24 = ##### Begin waiting Mutex to release process #####
13:7:24 = hWnd = 0x000202e4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:7:24 = hWnd = 0x000202c8; ClassName:
ow.
x=0, y=0, width=1, height=1
13:7:24 = hWnd = 0x000202da; ClassName:
x=0, y=0, width=0, height=0
13:7:24 = hWnd = 0x000202e2; ClassName:
x=0, y=0, width=0, height=0
13:7:24 = Need to re-create objects.
13:7:24 = s1.
13:7:24 = s2.
13:7:24 = Start show animate
13:7:24 = Shell Excutute VerifyHost
13:37:46 = begin close Process
13:37:46 = Terminate Process
13:37:47 = end close Process
13:37:47 = DLL_PROCESS_DETACH
1:50:35 = Process Attach
1:50:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:50:35 = ##### Begin waiting Mutex to release process #####

1:50:35 = ***** NULL == SampleProvider *****
1:50:35 = hWnd = 0x007d0760; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:50:35 = hWnd = 0x000d0924; ClassName:
ow.
x=0, y=0, width=1, height=1
1:50:35 = hWnd = 0x00190486; ClassName:
x=0, y=0, width=0, height=0
1:50:35 = hWnd = 0x003d07bc; ClassName:
x=0, y=0, width=0, height=0
1:51:58 = Process Attach
1:51:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:51:58 = * NULL == SampleProvider *

1:51:58 = begin close Process
1:51:58 = hWnd = 0x00060154; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:51:58 = ##### Get event and release process end #####
1:51:58 =
ow.
x=0, y=0,
1:51:58 =
x=0, y=0,
1:51:58 =
x=0, y=0,
9:40:12 =
9:40:12 =

hWnd = 0x000200d8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x002500c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00070152; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:40:12 = * NULL == SampleProvider *

9:40:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:40:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:40:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:40:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:40:15 = Need to re-create objects.
9:40:15 = s1.
9:40:15 = s2.
9:40:18
9:40:18
9:40:57
9:40:57
9:40:58
9:40:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:45:41 = Process Attach

2:45:41 = end process attach
2:45:41 = ***** NULL == SampleProvider *****
2:45:41 = ##### Begin waiting Mutex to release process #####
2:45:41 = hWnd = 0x00100bca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:45:41 = hWnd = 0x000b0c68; ClassName:
ow.
x=0, y=0, width=1, height=1
2:45:41 = hWnd = 0x006006ec; ClassName:
x=0, y=0, width=0, height=0
2:45:41 = hWnd = 0x00140c00; ClassName:
x=0, y=0, width=0, height=0
2:47:40 = Process Attach
2:47:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:47:40 = * NULL == SampleProvider *

2:47:40 = begin close Process
2:47:40 = end close Process
2:47:40 = ##### Get event and release process end #####
2:47:40 = hWnd = 0x000200ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:47:40 = hWnd = 0x000200a0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:47:40 = hWnd = 0x001f015c; ClassName:
x=0, y=0, width=0, height=0
2:47:40 = hWnd = 0x0005007c; ClassName:
x=0, y=0, width=0, height=0
10:18:40 = Process Attach
10:18:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:18:40 = * NULL == SampleProvider *

10:18:40 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:18:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:18:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:18:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:18:43 = Need to re-create objects.
10:18:43 = s1.
10:18:43 = s2.
10:18:47 = Start show animate
10:18:47 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:23
10:19:23
10:19:25
10:19:25

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

10:29:41 = Process Attach

10:29:41 = end process attach
10:29:41 = ***** NULL == SampleProvider *****
10:29:41 = ##### Begin waiting Mutex to release process #####
10:29:41 = hWnd = 0x00020448; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:29:41 = hWnd = 0x00020440; ClassName:
dow.
x=0, y=0, width=1, height=1
10:29:41 = hWnd = 0x0003043e; ClassName:
x=0, y=0, width=0, height=0
10:29:41 = hWnd = 0x0002044c; ClassName:
x=0, y=0, width=0, height=0
10:29:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:41 = s1.
10:29:41 = s2.
10:29:41
10:29:41
13:13:17
13:13:17
13:13:18
13:13:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:34:46 = Process Attach

1:34:46 = end process attach
1:34:46 = ##### Begin waiting Mutex to release process #####
1:34:46 = hWnd = 0x00e20730; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:34:46 = hWnd = 0x00150916; ClassName:
ow.
x=0, y=0, width=1, height=1
1:34:46 = hWnd = 0x002c061c; ClassName:
x=0, y=0, width=0, height=0
1:34:46 = hWnd = 0x001507f6; ClassName:
x=0, y=0, width=0, height=0
1:36:5 = Process Attach
1:36:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:36:5 = * NULL == SampleProvider *

1:36:5 = begin close Process
1:36:5 = end close Process
1:36:5 = ##### Get event and release process end #####
1:36:5 = hWnd = 0x00040104; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
1:36:5 = hWnd = 0x0006009c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:36:5 = hWnd = 0x0062012a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:36:5 = hWnd = 0x00050084; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:53:39 = Process Attach
9:53:39 = end process attach
9:53:39 = ***** NULL == SampleProvider *****
9:53:40 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:53:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:53:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:53:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:53:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:53:44 = s1.
9:53:44 = s2.
9:53:48
9:53:48
9:54:26
9:54:26
9:54:27
9:54:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:56:42 = Process Attach

2:56:42 = end process attach
2:56:42 = ***** NULL == SampleProvider *****
2:56:42 = hWnd = 0x005a04d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:56:42 = hWnd = 0x0007043e; ClassName:
ow.
x=0, y=0, width=1, height=1
2:56:42 = hWnd = 0x00020446; ClassName:
x=0, y=0, width=0, height=0
2:56:42 = hWnd = 0x001b0b42; ClassName:
x=0, y=0, width=0, height=0
2:57:43 = Process Attach
2:57:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:57:43 = ##### Get event and release process #####

2:57:43 = begin close Process
2:57:43 = end close Process
2:57:43 = ##### Get event and release process end #####

2:57:43 =
x=0, y=0,
13:9:44 =
13:9:44 =

hWnd = 0x000200dc; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

13:9:44 = * NULL == SampleProvider *

13:9:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:9:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:9:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:9:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:9:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:9:47 = s1.
13:9:47 = s2.
13:9:51 = Start show animate
13:9:51 = Shell Excutute VerifyHost
13:10:28 = begin close Process
13:10:28 = Terminate Process
13:10:29 = end close Process
13:10:29 = DLL_PROCESS_DETACH
1:44:40 = Process Attach
1:44:40 = end process attach
1:44:40 = ***** NULL == SampleProvider *****
1:44:40 = hWnd = 0x00040452; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:44:40 = hWnd = 0x00060362; ClassName:
ow.
x=0, y=0, width=1, height=1
1:44:40 = hWnd = 0x00040442; ClassName:
x=0, y=0, width=0, height=0
1:44:40 = hWnd = 0x002004d0; ClassName:
x=0, y=0, width=0, height=0
1:45:56 = Process Attach
1:45:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:45:56 = ##### Get event and release process #####

1:45:56 = begin close Process
1:45:56 = end close Process
1:45:56 = ##### Get event and release process end #####
1:45:56 = hWnd = 0x000200e2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:45:56 = hWnd = 0x000300c6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

1:45:56 = hWnd = 0x000b0090; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:45:56 = hWnd = 0x000200c8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:12:56 = Process Attach
12:12:56 = end process attach
12:12:56 = ***** NULL == SampleProvider *****
12:12:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:12:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:12:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:12:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:13:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:13:1 = s1.
12:13:1 = s2.
12:13:1 = Start show animate
12:13:1 = Shell Excutute VerifyHost
12:13:34 = begin close Process
12:13:34 = Terminate Process
12:13:35 = end close Process
12:13:35 = DLL_PROCESS_DETACH
2:56:37 = Process Attach
2:56:37 = end process attach
2:56:37 = ***** NULL == SampleProvider *****
2:56:37 = hWnd = 0x0002046a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:56:37 = hWnd = 0x00060464; ClassName:
ow.
x=0, y=0, width=1, height=1
2:56:37 = hWnd = 0x0003047e; ClassName:
x=0, y=0, width=0, height=0
2:56:37 = hWnd = 0x00020484; ClassName:
x=0, y=0, width=0, height=0
2:57:53 = Process Attach
2:57:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:57:53 = ##### Get event and release process #####

2:57:53 = begin close Process
2:57:53 = end close Process
2:57:53 = ##### Get event and release process end #####
2:57:53 = hWnd = 0x00030042; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

2:57:53 = hWnd = 0x00030114; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:57:53 = hWnd = 0x000d0102; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:57:53 = hWnd = 0x000200c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:46:10 = Process Attach
11:46:10 = end process attach
11:46:10 = ***** NULL == SampleProvider *****
11:46:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:46:10 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:46:10 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:46:10 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:46:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:46:11 = s1.
11:46:11 = s2.
11:46:13
11:46:13
11:46:49
11:46:49
11:46:50
11:46:50

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:8:49 = Process Attach

3:8:49 = end process attach
3:8:49 = ##### Begin waiting Mutex to release process #####
3:8:49 = hWnd = 0x00190778; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:8:49 = hWnd = 0x001209e2; ClassName:
w.
x=0, y=0, width=1, height=1
3:8:49 = hWnd = 0x001509ea; ClassName:
x=0, y=0, width=0, height=0
3:8:49 = hWnd = 0x00300674; ClassName:
x=0, y=0, width=0, height=0
3:11:21 = Process Attach
3:11:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:11:21 = ##### Get event and release process #####

3:11:21 = begin close Process

3:11:21 = end close Process
3:11:21 = ##### Get event and release process end #####
3:11:21 = hWnd = 0x006a0130; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:11:21 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
3:11:21 = hWnd = 0x001e0134; ClassName:
x=0, y=0, width=0, height=0
3:11:21 = hWnd = 0x000200dc; ClassName:
x=0, y=0, width=0, height=0
12:11:23 = Process Attach
12:11:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:11:23 = ##### Begin waiting Mutex to release process #####

12:11:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:11:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:11:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:11:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:11:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:11:31 = s1.
12:11:31 = s2.
12:11:36
12:11:36
12:12:12
12:12:12
12:12:13
12:12:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:10:11 = Process Attach

2:10:11 = end process attach
2:10:11 = ***** NULL == SampleProvider *****
2:10:11 = ##### Begin waiting Mutex to release process #####
2:10:11 = hWnd = 0x001f0482; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:10:11 = hWnd = 0x000a05ee; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:11 = hWnd = 0x001804fc; ClassName:
x=0, y=0, width=0, height=0
2:10:11 = hWnd = 0x000704b0; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:11:0 = Process Attach

2:11:0 = ## ERR ## Setevent
2:11:0 = ##### Get event and release process #####
2:11:0 = begin close Process
2:11:0 = end close Process
2:11:0 = ##### Get event and release process end #####
2:11:0 = hWnd = 0x000200b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:11:0 = hWnd = 0x000400a2; ClassName:
w.
x=0, y=0, width=1, height=1
2:11:0 = hWnd = 0x005f00c2; ClassName:
x=0, y=0, width=0, height=0
2:11:0 = hWnd = 0x000300b0; ClassName:
x=0, y=0, width=0, height=0
4:45:40 = Process Attach
4:45:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:45:40 = * NULL == SampleProvider *

4:45:40 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:45:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
4:45:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
4:45:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
4:45:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:45:45 = s1.
4:45:45 = s2.
4:45:48
4:45:48
4:46:25
4:46:25
4:46:26
4:46:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:57:50 = Process Attach

4:57:50 = end process attach
4:57:50 = ##### Begin waiting Mutex to release process #####
4:57:50 = hWnd = 0x0003044a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:57:50 = hWnd = 0x00030434; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
4:57:50 = hWnd = 0x0002043a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

4:57:50 = hWnd = 0x00030436; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
4:58:8 = Process Attach
4:58:8 = ## ERR ## Setevent
4:58:8 = ***** NULL == SampleProvider *****
4:58:8 = ##### Get event and release process #####
4:58:8 = begin close Process
4:58:8 = end close Process
4:58:8 = ##### Get event and release process end #####
4:58:8 = hWnd = 0x000200a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:58:8 = hWnd = 0x00040084; ClassName:
w.
x=0, y=0, width=1, height=1
4:58:8 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
4:58:8 = hWnd = 0x000400a0; ClassName:
x=0, y=0, width=0, height=0
5:7:16 = Process Attach
5:7:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:7:16 = * NULL == SampleProvider *

5:7:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:7:16 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
5:7:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:7:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:7:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:7:17 = s1.
5:7:17 = s2.
5:7:17
5:7:17
5:7:37
5:7:37
5:7:38
5:7:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:37:23 = Process Attach

1:37:23 = end process attach
1:37:23 = ***** NULL == SampleProvider *****
1:37:23 = hWnd = 0x00160898; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:37:23 = hWnd = 0x002109ea; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
1:37:23 =
x=0, y=0,
1:37:23 =
x=0, y=0,
1:37:58 =
1:37:58 =

width=1, height=1
hWnd = 0x002e0538; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001a09ce; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:37:58 = * NULL == SampleProvider *

1:37:58 = hWnd = 0x000200b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:37:58 = hWnd = 0x000300a8; ClassName:
ow.
x=0, y=0, width=1, height=1
1:37:58 = hWnd = 0x00c800be; ClassName:
x=0, y=0, width=0, height=0
1:37:58 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
9:48:42 = Process Attach
9:48:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:48:42 = * NULL == SampleProvider *

9:48:42 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:48:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:48:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:48:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:48:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:48:46 = s1.
9:48:46 = s2.
9:48:49
9:48:49
9:49:27
9:49:27
9:49:28
9:49:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:56:23 = Process Attach

1:56:23 = end process attach
1:56:23 = ##### Begin waiting Mutex to release process #####
1:56:23 = hWnd = 0x000204f0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:56:23 = hWnd = 0x000704e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:56:23 =
x=0, y=0,
1:56:23 =
x=0, y=0,
1:57:55 =
1:57:55 =

hWnd = 0x0003052a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000504e2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:57:55 = * NULL == SampleProvider *

1:57:55 = ##### Get event and release process end #####
1:57:55 = hWnd = 0x00030036; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:57:55 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
1:57:55 = hWnd = 0x0067005a; ClassName:
x=0, y=0, width=0, height=0
1:57:55 = hWnd = 0x00040118; ClassName:
x=0, y=0, width=0, height=0
2:52:55 = Process Attach
2:52:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:52:56 = * NULL == SampleProvider *

2:52:56 = ##### Begin waiting Mutex to release process #####
2:52:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:52:56 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
2:52:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:52:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
2:52:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:52:57 = s1.
2:52:57 = s2.
2:52:59
2:52:59
2:53:37
2:53:37
2:53:38
2:53:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:32:58 = Process Attach

3:32:58 = end process attach
3:32:58 = ***** NULL == SampleProvider *****
3:32:58 = ##### Begin waiting Mutex to release process #####
3:32:58 = hWnd = 0x000603d8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

3:32:58 = hWnd = 0x0002055a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
3:32:58 = hWnd = 0x00020536; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:32:58 = hWnd = 0x000303ee; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
3:33:5 = Process Attach
3:33:5 = ## ERR ## Setevent
3:33:5 = ***** NULL == SampleProvider *****
3:33:5 = begin close Process
3:33:5 = end close Process
3:33:5 = ##### Get event and release process end #####
3:33:5 = hWnd = 0x009400c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:33:5 = hWnd = 0x000200b0; ClassName:
w.
x=0, y=0, width=1, height=1
3:33:5 = hWnd = 0x000500c2; ClassName:
x=0, y=0, width=0, height=0
3:33:5 = hWnd = 0x0003008a; ClassName:
x=0, y=0, width=0, height=0
14:52:2 = Process Attach
14:52:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:52:2 = * NULL == SampleProvider *

14:52:2 = ##### Begin waiting Mutex to release process #####
14:52:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:52:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:52:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:52:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:52:7 = Need to re-create objects.
14:52:7 = s1.
14:52:7 = s2.
14:52:7 = Start show animate
14:52:7 = Shell Excutute VerifyHost
14:52:33 = begin close Process
14:52:33 = Terminate Process
14:52:34 = end close Process
14:52:34 = DLL_PROCESS_DETACH
2:37:8 = Process Attach
2:37:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:37:8 = ##### Begin waiting Mutex to release process #####

2:37:8 = hWnd = 0x0006064a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:37:8 = hWnd = 0x000a0ade; ClassName:
w.
x=0, y=0, width=1, height=1
2:37:8 = hWnd = 0x000406ce; ClassName:
x=0, y=0, width=0, height=0
2:37:8 = hWnd = 0x00030922; ClassName:
x=0, y=0, width=0, height=0
2:38:18 = Process Attach
2:38:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:38:18 = ##### Get event and release process #####

2:38:18 = ***** NULL == SampleProvider *****
2:38:18 = end close Process
2:38:18 = ##### Get event and release process end #####
2:38:18 = hWnd = 0x0074008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:38:18 = hWnd = 0x00a30058; ClassName:
ow.
x=0, y=0, width=1, height=1
2:38:18 = hWnd = 0x005c00d8; ClassName:
x=0, y=0, width=0, height=0
2:38:18 = hWnd = 0x00e400e4; ClassName:
x=0, y=0, width=0, height=0
8:23:34 = Process Attach
8:23:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:23:34 = * NULL == SampleProvider *

8:23:34 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:23:34 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:23:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:23:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:23:35 = Need to re-create objects.
8:23:35 = s1.
8:23:35 = s2.
8:23:35
8:23:35
8:24:19
8:24:19
8:24:20
8:24:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:45:25 = Process Attach

1:45:25 = end process attach
1:45:25 = ##### Begin waiting Mutex to release process #####
1:45:25 = hWnd = 0x001704a0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:45:25 = hWnd = 0x000805de; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:25 = hWnd = 0x000c05c4; ClassName:
x=0, y=0, width=0, height=0
1:45:25 = hWnd = 0x003507ec; ClassName:
x=0, y=0, width=0, height=0
1:46:22 = Process Attach
1:46:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:46:22 = ##### Get event and release process #####

1:46:22 = begin close Process
1:46:22 = end close Process
1:46:22 = ##### Get event and release process end #####
1:46:22 = hWnd = 0x006600f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:46:22 = hWnd = 0x000200ac; ClassName:
ow.
x=0, y=0, width=1, height=1
1:46:22 = hWnd = 0x002d0128; ClassName:
x=0, y=0, width=0, height=0
1:46:22 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
13:49:13 = Process Attach
13:49:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:49:13 = * NULL == SampleProvider *

13:49:13 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:49:14 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:49:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:49:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:49:16 = Need to re-create objects.
13:49:17 = s1.
13:49:17 = s2.
13:49:19
13:49:19
13:49:57
13:49:57
13:49:58

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:49:58 = DLL_PROCESS_DETACH
3:20:40 = Process Attach
3:20:40 = end process attach
3:20:40 = ##### Begin waiting Mutex to release process #####
3:20:41 = hWnd = 0x00650564; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:20:41 = hWnd = 0x00090728; ClassName:
ow.
x=0, y=0, width=1, height=1
3:20:41 = hWnd = 0x0004063e; ClassName:
x=0, y=0, width=0, height=0
3:20:41 = hWnd = 0x000506e6; ClassName:
x=0, y=0, width=0, height=0
3:21:19 = Process Attach
3:21:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:21:19 = ##### Get event and release process #####

3:21:19 = begin close Process
3:21:19 = end close Process
3:21:19 = ##### Get event and release process end #####
3:21:19 = hWnd = 0x000200ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:21:19 = hWnd = 0x0005009c; ClassName:
ow.
x=0, y=0, width=1, height=1
3:21:19 = hWnd = 0x00ba0126; ClassName:
x=0, y=0, width=0, height=0
3:21:19 = hWnd = 0x0005009e; ClassName:
x=0, y=0, width=0, height=0
9:56:41 = Process Attach
9:56:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:56:43 = * NULL == SampleProvider *

9:56:43 = ##### Begin waiting Mutex to release process #####
9:56:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:56:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:56:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:56:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:56:44 = Need to re-create objects.
9:56:44 = s1.
9:56:44 = s2.
9:56:44 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:56:44 = Shell Excutute VerifyHost

9:57:8 = begin close Process
9:57:8 = Terminate Process
9:57:9 = end close Process
9:57:9 = DLL_PROCESS_DETACH
1:29:29 = Process Attach
1:29:29 = end process attach
1:29:29 = ***** NULL == SampleProvider *****
1:29:29 = hWnd = 0x00060530; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:29:29 = ##### Begin waiting Mutex to release process #####
1:29:30 =
ow.
x=0, y=0,
1:29:30 =
x=0, y=0,
1:29:30 =
x=0, y=0,
1:30:20 =
1:30:20 =

hWnd = 0x000f060a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000f075a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000f0740; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:30:20 = ##### Get event and release process #####

1:30:20 = begin close Process
1:30:20 = end close Process
1:30:20 = ##### Get event and release process end #####
1:30:20 = hWnd = 0x0061013e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:20 = hWnd = 0x000200b2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:20 = hWnd = 0x01a400ea; ClassName:
x=0, y=0, width=0, height=0
1:30:20 = hWnd = 0x00900138; ClassName:
x=0, y=0, width=0, height=0
13:4:18 = Process Attach
13:4:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:4:18 = * NULL == SampleProvider *

13:4:18 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:4:19 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:4:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:4:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:4:23 = Need to re-create objects.
13:4:23 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:4:23 = s2.
13:4:26 = Start show animate
13:4:26 = Shell Excutute VerifyHost
13:5:3 = begin close Process
13:5:3 = Terminate Process
13:5:4 = end close Process
13:5:4 = DLL_PROCESS_DETACH
2:6:7 = Process Attach
2:6:7 = end process attach
2:6:7 = ***** NULL == SampleProvider *****
2:6:7 = hWnd = 0x00240aea; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:6:7 = hWnd = 0x000e05c2; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
2:6:7 = hWnd = 0x007f057c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
2:6:7 = hWnd = 0x001204bc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:6:7 = ##### Begin waiting Mutex to release process #####
2:6:42 = Process Attach
2:6:42 = ## ERR ## Setevent
2:6:42 = ***** NULL == SampleProvider *****
2:6:42 = begin close Process
2:6:42 = end close Process
2:6:42 = ##### Get event and release process end #####
2:6:42 = hWnd = 0x0002009e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:6:42 = hWnd = 0x000200f4; ClassName:
w.
x=0, y=0, width=1, height=1
2:6:42 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
2:6:42 = hWnd = 0x000200f6; ClassName:
x=0, y=0, width=0, height=0
11:12:8 = Process Attach
11:12:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:12:10 = * NULL == SampleProvider *

11:12:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:12:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:12:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:12:21 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

11:12:45 = Need to re-create objects.
11:12:45 = s1.
11:12:45 = s2.
11:12:45
11:12:45
11:13:19
11:13:19
11:13:20
11:13:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:10:11 = Process Attach

2:10:11 = end process attach
2:10:11 = ##### Begin waiting Mutex to release process #####
2:10:11 = hWnd = 0x001009b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:10:11 = hWnd = 0x004805fa; ClassName:
ow.
x=0, y=0, width=1, height=1
2:10:11 = hWnd = 0x000f0996; ClassName:
x=0, y=0, width=0, height=0
2:10:11 = hWnd = 0x002204e4; ClassName:
x=0, y=0, width=0, height=0
2:11:23 = Process Attach
2:11:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:11:23 = ##### Get event and release process #####

2:11:23 = begin close Process
2:11:23 = end close Process
2:11:23 = ##### Get event and release process end #####
2:11:23 = hWnd = 0x0003009c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:11:23 = hWnd = 0x0004006c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:11:23 = hWnd = 0x00c60142; ClassName:
x=0, y=0, width=0, height=0
2:11:23 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
9:4:46 = Process Attach
9:4:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:4:46 = * NULL == SampleProvider *

9:4:46 = ##### Begin waiting Mutex to release process #####
9:4:46 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:4:47 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

9:4:47 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:4:47 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:4:50 = Need to re-create objects.
9:4:51 = s1.
9:4:51 = s2.
9:4:55
9:4:55
9:5:31
9:5:31
9:5:32
9:5:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:8:43 = Process Attach

1:8:43 = end process attach
1:8:43 = ##### Begin waiting Mutex to release process #####
1:8:43 = ***** NULL == SampleProvider *****
1:8:43 = hWnd = 0x00040bec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:8:43 = hWnd = 0x0010063a; ClassName:
w.
x=0, y=0, width=1, height=1
1:8:43 = hWnd = 0x00060c3e; ClassName:
x=0, y=0, width=0, height=0
1:8:43 = hWnd = 0x00060c0c; ClassName:
x=0, y=0, width=0, height=0
1:9:6 = Process Attach
1:9:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:9:6 = * NULL == SampleProvider *

1:9:6 = begin close Process
1:9:6 = end close Process
1:9:6 = ##### Get event and release process end #####
1:9:6 = hWnd = 0x0011012a; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:9:6 = hWnd = 0x0024010a; ClassName:
.
x=0, y=0, width=1, height=1
1:9:6 = hWnd = 0x00020122; ClassName:
x=0, y=0, width=0, height=0
1:9:6 = hWnd = 0x00100118; ClassName:
x=0, y=0, width=0, height=0
10:2:16 = Process Attach
10:2:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:2:16 = * NULL == SampleProvider *

10:2:16 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
10:2:16 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:2:17 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:2:17 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:2:20 = Need to re-create objects.
10:2:20 = s1.
10:2:20 = s2.
10:2:24 = Start show animate
10:2:24 = Shell Excutute VerifyHost
10:3:3 = begin close Process
10:3:3 = Terminate Process
10:3:4 = end close Process
10:3:4 = DLL_PROCESS_DETACH
1:1:14 = Process Attach
1:1:14 = end process attach
1:1:14 = ##### Begin waiting Mutex to release process #####
1:1:15 = hWnd = 0x00040888; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:15 = hWnd = 0x00530c10; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:15 = hWnd = 0x00050810; ClassName:
x=0, y=0, width=0, height=0
1:1:15 = hWnd = 0x0008087a; ClassName:
x=0, y=0, width=0, height=0
1:1:36 = Process Attach
1:1:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:36 = ##### Get event and release process #####

1:1:36 = begin close Process
1:1:36 = end close Process
1:1:36 = ##### Get event and release process end #####
1:1:36 = hWnd = 0x000200aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:36 = hWnd = 0x000200ce; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:36 = hWnd = 0x0062010c; ClassName:
x=0, y=0, width=0, height=0
1:1:36 = hWnd = 0x0002009c; ClassName:
x=0, y=0, width=0, height=0
8:34:32 = Process Attach
8:34:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:34:32 = * NULL == SampleProvider *

8:34:32 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:34:32 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:34:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:34:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:34:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:34:33 = s1.
8:34:33 = s2.
8:34:33
8:34:33
8:35:16
8:35:16
8:35:17
8:35:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:46:20 = Process Attach

2:46:20 = end process attach
2:46:20 = ***** NULL == SampleProvider *****
2:46:20 = ##### Begin waiting Mutex to release process #####
2:46:21 = hWnd = 0x001d0936; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:46:21 = hWnd = 0x00450b22; ClassName:
ow.
x=0, y=0, width=1, height=1
2:46:21 = hWnd = 0x0008045e; ClassName:
x=0, y=0, width=0, height=0
2:46:21 = hWnd = 0x006b0a26; ClassName:
x=0, y=0, width=0, height=0
2:47:33 = Process Attach
2:47:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:47:33 = * NULL == SampleProvider *

2:47:33 = begin close Process
2:47:33 = end close Process
2:47:33 = ##### Get event and release process end #####
2:47:33 = hWnd = 0x00c500ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:47:33 = hWnd = 0x00050068; ClassName:
ow.
x=0, y=0, width=1, height=1
2:47:33 = hWnd = 0x00e600b8; ClassName:
x=0, y=0, width=0, height=0
2:47:33 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:34:49 = Process Attach

12:34:49 = end process attach
12:34:49 = ##### Begin waiting Mutex to release process #####
12:34:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:34:50 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:34:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:34:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:34:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:34:54 = s1.
12:34:54 = s2.
12:34:58
12:34:58
12:35:35
12:35:35
12:35:36
12:35:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:31:19 = Process Attach

1:31:19 = end process attach
1:31:19 = ***** NULL == SampleProvider *****
1:31:19 = hWnd = 0x00090bd4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:31:19 = hWnd = 0x0015041e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:31:19 = hWnd = 0x000f0414; ClassName:
x=0, y=0, width=0, height=0
1:31:19 = hWnd = 0x00110438; ClassName:
x=0, y=0, width=0, height=0
1:32:6 = Process Attach
1:32:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:32:6 = ##### Get event and release process #####

1:32:6 = begin close Process
1:32:6 = end close Process
1:32:6 = ##### Get event and release process end #####
1:32:6 = ***** NULL == SampleProvider *****
1:32:6 = hWnd = 0x0099011e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:32:6 = hWnd = 0x00240068; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

1:32:6 = hWnd = 0x00f600fa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
1:32:6 = hWnd = 0x008f010c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:54:22 = Process Attach
10:54:22 = end process attach
10:54:22 = ***** NULL == SampleProvider *****
10:54:22 = ##### Begin waiting Mutex to release process #####
10:54:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:54:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:54:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:54:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:54:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:54:25 = s1.
10:54:25 = s2.
10:54:28 = Start show animate
10:54:28 = Shell Excutute VerifyHost
10:55:6 = begin close Process
10:55:6 = Terminate Process
10:55:7 = end close Process
10:55:7 = DLL_PROCESS_DETACH
15:48:24 = Process Attach
15:48:24 = end process attach
15:48:24 = ##### Begin waiting Mutex to release process #####
15:48:24 = hWnd = 0x0016050a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:48:24 = hWnd = 0x0004033a; ClassName:
dow.
x=0, y=0, width=1, height=1
15:48:24 = hWnd = 0x000506fc; ClassName:
x=0, y=0, width=0, height=0
15:48:24 = hWnd = 0x00040742; ClassName:
x=0, y=0, width=0, height=0
15:48:24 = Need to re-create objects.
15:48:24 = s1.
15:48:24 = s2.
15:48:25
15:48:25
16:43:56
16:43:56
16:43:57

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:43:57 = DLL_PROCESS_DETACH
18:36:3 = Process Attach
18:36:3 = end process attach
18:36:3 = ##### Begin waiting Mutex to release process #####
18:36:3 = hWnd = 0x0036012a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:36:3 = hWnd = 0x001606f8; ClassName:
ow.
x=0, y=0, width=1, height=1
18:36:3 = hWnd = 0x009705b0; ClassName:
x=0, y=0, width=0, height=0
18:36:3 = hWnd = 0x004904a2; ClassName:
x=0, y=0, width=0, height=0
18:37:27 = Process Attach
18:37:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:37:27 = * NULL == SampleProvider *

18:37:27 = begin close Process
18:37:27 = hWnd = 0x000400f8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:37:27 = ##### Get event and release process end #####
18:37:27 = hWnd = 0x005a0066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:37:27 = hWnd = 0x005d0102; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:41:33 = Process Attach
18:41:34 = end process attach
18:41:34 = ***** NULL == SampleProvider *****
18:41:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:41:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:41:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:41:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:41:36 = Need to re-create objects.
18:41:37 = s1.
18:41:37 = s2.
18:41:40
18:41:40
18:42:17
18:42:17
18:42:18
18:42:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:55:15 = Process Attach

0:55:15 = end process attach
0:55:15 = ***** NULL == SampleProvider *****
0:55:15 = hWnd = 0x00080a3e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:55:15 = hWnd = 0x00050a64; ClassName:
ow.
x=0, y=0, width=1, height=1
0:55:15 = hWnd = 0x000a05a6; ClassName:
x=0, y=0, width=0, height=0
0:55:15 = hWnd = 0x000f06d8; ClassName:
x=0, y=0, width=0, height=0
0:56:0 = Process Attach
0:56:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:56:0 = ##### Get event and release process #####

0:56:0 = ***** NULL == SampleProvider *****
0:56:0 = end close Process
0:56:0 = ##### Get event and release process end #####
0:56:0 = hWnd = 0x000200ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:56:0 = hWnd = 0x0004004e; ClassName:
w.
x=0, y=0, width=1, height=1
0:56:0 = hWnd = 0x0083013e; ClassName:
x=0, y=0, width=0, height=0
0:56:0 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
11:36:38 = Process Attach
11:36:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:36:38 = * NULL == SampleProvider *

11:36:38 = ##### Begin waiting Mutex to release process #####
11:36:38 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:36:38 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:36:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:36:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:36:40 = Need to re-create objects.
11:36:41 = s1.
11:36:41 = s2.
11:36:43 = Start show animate
11:36:43 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:37:20
11:37:20
11:37:21
11:37:21

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

2:8:39 = Process Attach

2:8:39 = end process attach
2:8:39 = ***** NULL == SampleProvider *****
2:8:39 = ##### Begin waiting Mutex to release process #####
2:8:39 = hWnd = 0x00080b66; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:8:39 = hWnd = 0x000a0486; ClassName:
w.
x=0, y=0, width=1, height=1
2:8:39 = hWnd = 0x005e0608; ClassName:
x=0, y=0, width=0, height=0
2:8:39 = hWnd = 0x000e0b6e; ClassName:
x=0, y=0, width=0, height=0
2:9:23 = Process Attach
2:9:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:9:23 = ##### Get event and release process #####

2:9:23 = begin close Process
2:9:23 = end close Process
2:9:23 = ##### Get event and release process end #####
2:9:23 = hWnd = 0x000200aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:9:23 = hWnd = 0x000200d0; ClassName:
w.
x=0, y=0, width=1, height=1
2:9:23 = hWnd = 0x00ce0146; ClassName:
x=0, y=0, width=0, height=0
2:9:23 = hWnd = 0x000300a8; ClassName:
x=0, y=0, width=0, height=0
7:34:14 = Process Attach
7:34:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:34:16 = * NULL == SampleProvider *

7:34:16 = ##### Begin waiting Mutex to release process #####
7:34:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:34:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:34:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:34:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:34:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:34:17 = s1.
7:34:17 = s2.
7:34:17
7:34:17
7:34:31
7:34:31
7:34:32
7:34:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:59:12 = Process Attach

1:59:13 = end process attach
1:59:13 = ***** NULL == SampleProvider *****
1:59:13 = ##### Begin waiting Mutex to release process #####
1:59:13 = hWnd = 0x00080894; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:59:13 = hWnd = 0x000809a8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:59:13 = hWnd = 0x0008067c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
2:0:0 = Process Attach
2:0:0 = ## ERR ## Setevent
2:0:0 = ##### Get event and release process #####
2:0:0 = begin close Process
2:0:0 = end close Process
2:0:0 = ##### Get event and release process end #####
2:0:0 = hWnd = 0x01180040; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:0:0 = hWnd = 0x018d012e; ClassName:
.
x=0, y=0, width=1, height=1
2:0:0 = hWnd = 0x011300b8; ClassName:
x=0, y=0, width=0, height=0
2:0:0 = hWnd = 0x024500d2; ClassName:
x=0, y=0, width=0, height=0
7:46:41 = Process Attach
7:46:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:46:41 = * NULL == SampleProvider *

7:46:41 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:46:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:46:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:46:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:46:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:46:45 = s1.
7:46:45 = s2.
7:46:48
7:46:48
7:47:25
7:47:25
7:47:26
7:47:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:10:55 = Process Attach

8:10:55 = end process attach
8:10:55 = ***** NULL == SampleProvider *****
8:10:55 = hWnd = 0x0006043e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:10:55 = hWnd = 0x00140474; ClassName:
ow.
x=0, y=0, width=1, height=1
8:10:55 = hWnd = 0x0008033a; ClassName:
x=0, y=0, width=0, height=0
8:10:55 = hWnd = 0x00230448; ClassName:
x=0, y=0, width=0, height=0
8:10:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:10:55 = s1.
8:10:55 = s2.
8:10:55 = Start show animate
8:10:55 = Shell Excutute VerifyHost
9:7:12 = begin close Process
9:7:13 = Terminate Process
9:7:14 = end close Process
9:7:14 = DLL_PROCESS_DETACH
0:35:51 = Process Attach
0:35:52 = end process attach
0:35:52 = ***** NULL == SampleProvider *****
0:35:52 = ##### Begin waiting Mutex to release process #####
0:35:52 =
ow.
x=0, y=0,
0:35:52 =
x=0, y=0,
0:35:52 =
x=0, y=0,
0:36:37 =
0:36:37 =

hWnd = 0x00c205d0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001306fe; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00100550; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:36:37 = ##### Get event and release process #####

0:36:37 = begin close Process

0:36:37 = end close Process

0:36:37 = ##### Get event and release process end #####
0:36:37 =
x=0, y=0,
0:45:11 =
0:45:11 =

hWnd = 0x000800ae; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

0:45:11 = * NULL == SampleProvider *

0:45:11 = ##### Begin waiting Mutex to release process #####
0:45:11 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:45:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
0:45:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:45:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:45:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:45:14 = s1.
0:45:14 = s2.
0:45:17
0:45:17
0:45:55
0:45:55
0:45:56
0:45:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:58:41 = Process Attach

1:58:41 = end process attach
1:58:41 = ##### Begin waiting Mutex to release process #####
1:58:41 = hWnd = 0x00030468; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:58:41 = hWnd = 0x003404d0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:58:41 = hWnd = 0x0003045e; ClassName:
x=0, y=0, width=0, height=0
1:58:41 = hWnd = 0x000304ce; ClassName:
x=0, y=0, width=0, height=0
1:58:49 = Process Attach
1:58:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:58:49 = ##### Get event and release process #####

1:58:49 = begin close Process
1:58:49 = end close Process
1:58:49 = ##### Get event and release process end #####
1:58:49 = hWnd = 0x000b0108; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
1:58:49 = hWnd = 0x000200c2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:58:49 = hWnd = 0x000d004a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:58:49 = hWnd = 0x000200c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:10:9 = Process Attach
9:10:9 = end process attach
9:10:9 = ***** NULL == SampleProvider *****
9:10:9 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:10:9 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:10:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:10:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:10:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:13 = s1.
9:10:13 = s2.
9:10:15
9:10:15
9:10:29
9:10:29
9:10:30
9:10:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:57:57 = Process Attach

0:57:57 = end process attach
0:57:57 = ##### Begin waiting Mutex to release process #####
0:57:57 = hWnd = 0x001c0494; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:57 = hWnd = 0x000e05c2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:57 = hWnd = 0x000d0560; ClassName:
x=0, y=0, width=0, height=0
0:57:57 = hWnd = 0x00190580; ClassName:
x=0, y=0, width=0, height=0
0:58:29 = Process Attach
0:58:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:58:29 = ##### Get event and release process #####

0:58:29 = ***** NULL == SampleProvider *****
0:58:29 = hWnd = 0x010b003a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
0:58:29 = hWnd = 0x000200ae; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:58:29 = hWnd = 0x01c6011e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:58:29 = hWnd = 0x000200b0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:42:26 = Process Attach
10:42:26 = end process attach
10:42:26 = ***** NULL == SampleProvider *****
10:42:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:42:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:42:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:42:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:42:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:42:31 = s1.
10:42:31 = s2.
10:42:34
10:42:34
10:43:10
10:43:10
10:43:11
10:43:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:32:33 = Process Attach

2:32:33 = end process attach
2:32:33 = ##### Begin waiting Mutex to release process #####
2:32:33 = hWnd = 0x0008041c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:32:33 = hWnd = 0x0020047c; ClassName:
ow.
x=0, y=0, width=1, height=1
2:32:33 = hWnd = 0x00060446; ClassName:
x=0, y=0, width=0, height=0
2:32:33 = hWnd = 0x00030526; ClassName:
x=0, y=0, width=0, height=0
2:33:43 = Process Attach
2:33:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:33:43 = ##### Get event and release process #####

2:33:43 = ***** NULL == SampleProvider *****
2:33:43 = ##### Get event and release process end #####

2:33:43 = hWnd = 0x0004002a; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:33:43 = hWnd = 0x000200e0; ClassName:
ow.
x=0, y=0, width=1, height=1
2:33:43 = hWnd = 0x002b0116; ClassName:
x=0, y=0, width=0, height=0
2:33:43 = hWnd = 0x0006004a; ClassName:
x=0, y=0, width=0, height=0
11:45:54 = Process Attach
11:45:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:45:55 = * NULL == SampleProvider *

11:45:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:45:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:45:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:45:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:45:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:45:58 = s1.
11:45:58 = s2.
11:46:1 = Start show animate
11:46:1 = Shell Excutute VerifyHost
11:46:39 = begin close Process
11:46:39 = Terminate Process
11:46:40 = end close Process
11:46:40 = DLL_PROCESS_DETACH
1:29:2 = Process Attach
1:29:2 = end process attach
1:29:2 = ***** NULL == SampleProvider *****
1:29:2 = ##### Begin waiting Mutex to release process #####
1:29:2 = hWnd = 0x000c048a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:29:2 = hWnd = 0x0006049e; ClassName:
w.
x=0, y=0, width=1, height=1
1:29:2 = hWnd = 0x00040462; ClassName:
x=0, y=0, width=0, height=0
1:29:2 = hWnd = 0x000304a4; ClassName:
x=0, y=0, width=0, height=0
1:29:28 = Process Attach
1:29:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:29:28 = * NULL == SampleProvider *

1:29:28 = begin close Process

1:29:28 = end close Process
1:29:28 = ##### Get event and release process end #####
1:29:28 = hWnd = 0x0003002c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:29:28 = hWnd = 0x00060098; ClassName:
ow.
x=0, y=0, width=1, height=1
1:29:28 = hWnd = 0x00020108; ClassName:
x=0, y=0, width=0, height=0
1:29:28 = hWnd = 0x00030038; ClassName:
x=0, y=0, width=0, height=0
6:40:34 = Process Attach
6:40:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:40:34 = * NULL == SampleProvider *

6:40:34 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:40:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:40:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:40:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:40:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:40:38 = s1.
6:40:38 = s2.
6:40:42
6:40:42
6:41:20
6:41:20
6:41:21
6:41:21

=
=
=
=
=
=

x=0, y=0, width=0, height=0

20:37:50 = hWnd = 0x001205e2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:37:50 = Need to re-create objects.
20:37:50 = s1.
20:37:50 = s2.
20:37:52 = Start show animate
20:37:52 = Shell Excutute VerifyHost
21:47:6 = begin close Process
21:47:6 = Terminate Process
21:47:7 = end close Process
21:47:7 = DLL_PROCESS_DETACH
21:47:40 = Process Attach
21:47:40 = end process attach
21:47:40 = ***** NULL == SampleProvider *****
21:47:40 = hWnd = 0x001305e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:47:40 = hWnd = 0x001205d2; ClassName:
dow.
x=0, y=0, width=1, height=1
21:47:40 = hWnd = 0x001304b2; ClassName:
x=0, y=0, width=0, height=0
21:47:40 = hWnd = 0x000602b4; ClassName:
x=0, y=0, width=0, height=0
21:47:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:47:41 = s1.
21:47:41 = s2.
21:47:41 = Start show animate
21:47:41 = Shell Excutute VerifyHost
21:48:8 = begin close Process
21:48:8 = Terminate Process
21:48:9 = end close Process
21:48:9 = DLL_PROCESS_DETACH
21:50:13 = Process Attach
21:50:13 = end process attach
21:50:13 = ***** NULL == SampleProvider *****
21:50:13 = ##### Begin waiting Mutex to release process #####
21:50:13 = hWnd = 0x00040d5a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:50:13 = hWnd = 0x001002ea; ClassName:
dow.
x=0, y=0, width=1, height=1
21:50:13 = hWnd = 0x0011096c; ClassName:
x=0, y=0, width=0, height=0
21:50:13 = hWnd = 0x000d0a84; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

21:50:18 = Process Attach
21:50:18 = ## ERR ## Setevent
21:50:18 = ***** NULL == SampleProvider *****
21:50:18 = begin close Process
21:50:18 = end close Process
21:50:18 = ##### Get event and release process end #####
21:50:18 = hWnd = 0x0018010a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:50:18 = hWnd = 0x001a0038; ClassName:
dow.
x=0, y=0, width=1, height=1
21:50:18 = hWnd = 0x002f0096; ClassName:
x=0, y=0, width=0, height=0
21:50:18 = hWnd = 0x007a0088; ClassName:
x=0, y=0, width=0, height=0
20:28:51 = Process Attach
20:28:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:28:51 = ##### Begin waiting Mutex to release process #####

20:28:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:28:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:28:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:28:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:28:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:28:57 = s1.
20:28:57 = s2.
20:28:57
20:28:57
20:29:24
20:29:24
20:29:25
20:29:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:17:0 = Process Attach

21:17:0 = end process attach
21:17:0 = ***** NULL == SampleProvider *****
21:17:0 = hWnd = 0x001a00dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:17:0 = hWnd = 0x000e0596; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
21:17:0 = hWnd = 0x000d0482; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

21:17:0 = hWnd = 0x000a00ec; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:17:12 = Process Attach
21:17:12 = ## ERR ## Setevent
21:17:12 = ***** NULL == SampleProvider *****
21:17:12 = begin close Process
21:17:12 = end close Process
21:17:12 = ##### Get event and release process end #####
21:17:12 = hWnd = 0x000300d2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:17:12 = hWnd = 0x002200d0; ClassName:
dow.
x=0, y=0, width=1, height=1
21:17:12 = hWnd = 0x00030086; ClassName:
x=0, y=0, width=0, height=0
21:17:12 = hWnd = 0x00030108; ClassName:
x=0, y=0, width=0, height=0
21:18:10 = Process Attach
21:18:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:18:10 = * NULL == SampleProvider *

21:18:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:18:10 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:18:10 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:18:10 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:18:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:18:11 = s1.
21:18:11 = s2.
21:18:13
21:18:13
21:18:45
21:18:45
21:18:46
21:18:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:20:27 = Process Attach

21:20:27 = end process attach
21:20:27 = ***** NULL == SampleProvider *****
21:20:27 = ##### Begin waiting Mutex to release process #####
21:20:27 = hWnd = 0x000203b2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

21:20:27 = hWnd = 0x0003012e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:20:27 = hWnd = 0x00020390; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:20:27 = hWnd = 0x00040384; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:20:38 = Process Attach
21:20:38 = ## ERR ## Setevent
21:20:38 = ***** NULL == SampleProvider *****
21:20:38 = begin close Process
21:20:38 = end close Process
21:20:38 = ##### Get event and release process end #####
21:20:38 = hWnd = 0x000100c0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:20:38 = hWnd = 0x00030084; ClassName:
dow.
x=0, y=0, width=1, height=1
21:20:38 = hWnd = 0x000100c8; ClassName:
x=0, y=0, width=0, height=0
21:20:38 = hWnd = 0x000300be; ClassName:
x=0, y=0, width=0, height=0
14:58:44 = Process Attach
14:58:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:58:44 = * NULL == SampleProvider *

14:58:44 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:58:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:58:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:58:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:58:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:58:48 = s1.
14:58:48 = s2.
14:58:52
14:58:52
14:59:29
14:59:29
14:59:30
14:59:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:23:16 = Process Attach

15:23:16 = end process attach
15:23:16 = ***** NULL == SampleProvider *****
15:23:16 = ##### Begin waiting Mutex to release process #####

15:23:16 = hWnd = 0x000a059c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:23:16 = hWnd = 0x00050388; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:23:16 = hWnd = 0x00140380; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:23:34 = Process Attach
15:23:34 = ## ERR ## Setevent
15:23:34 = ***** NULL == SampleProvider *****
15:23:34 = ##### Get event and release process #####
15:23:34 = begin close Process
15:23:34 = end close Process
15:23:34 = ##### Get event and release process end #####
15:23:34 = hWnd = 0x0017004a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:23:34 = hWnd = 0x00030054; ClassName:
dow.
x=0, y=0, width=1, height=1
15:23:34 = hWnd = 0x001300b6; ClassName:
x=0, y=0, width=0, height=0
15:23:34 = hWnd = 0x0003008a; ClassName:
x=0, y=0, width=0, height=0
15:24:30 = Process Attach
15:24:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:24:30 = * NULL == SampleProvider *

15:24:30 = ##### Begin waiting Mutex to release process #####
15:24:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:24:30 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:24:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:24:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:24:31 = Need to re-create objects.
15:24:31 = s1.
15:24:31 = s2.
15:24:32 = Start show animate
15:24:32 = Shell Excutute VerifyHost
15:25:6 = begin close Process
15:25:6 = Terminate Process
15:25:7 = end close Process
15:25:7 = DLL_PROCESS_DETACH
15:47:32 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:47:32 = end process attach

15:47:32 = ***** NULL == SampleProvider *****
15:47:32 = ##### Begin waiting Mutex to release process #####
15:47:32 = hWnd = 0x0011053a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:47:32 = hWnd = 0x00130524; ClassName:
dow.
x=0, y=0, width=1, height=1
15:47:32 = hWnd = 0x00110590; ClassName:
x=0, y=0, width=0, height=0
15:47:32 = hWnd = 0x000f0654; ClassName:
x=0, y=0, width=0, height=0
15:47:37 = Process Attach
15:47:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:47:37 = * NULL == SampleProvider *

15:47:37 = begin close Process
15:47:37 = end close Process
15:47:37 = ##### Get event and release process end #####
15:47:37 = hWnd = 0x009e0074; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:47:37 = hWnd = 0x0003003a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:47:37 = hWnd = 0x001a0058; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:33:17 = Process Attach
17:33:17 = end process attach
17:33:17 = ##### Begin waiting Mutex to release process #####
17:33:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:33:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:33:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:33:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:33:17 = Need to re-create objects.
17:33:17 = s1.
17:33:17 = s2.
17:33:17
17:33:17
17:33:38
17:33:38
17:33:39
17:33:39

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:21:56 = Process Attach

19:21:57 = end process attach
19:21:57 = ##### Begin waiting Mutex to release process #####
19:21:57 = ***** NULL == SampleProvider *****
19:21:57 = hWnd = 0x000704b2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:21:57 = hWnd = 0x000304ec; ClassName:
dow.
x=0, y=0, width=1, height=1
19:21:57 = hWnd = 0x000204f0; ClassName:
x=0, y=0, width=0, height=0
19:21:57 = hWnd = 0x00020544; ClassName:
x=0, y=0, width=0, height=0
19:22:2 = Process Attach
19:22:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:22:2 = * NULL == SampleProvider *

19:22:2 = begin close Process
19:22:2 = end close Process
19:22:2 = ##### Get event and release process end #####
19:22:2 = hWnd = 0x00020062; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:22:2 = hWnd = 0x000e00b6; ClassName:
ow.
x=0, y=0, width=1, height=1
19:22:2 = hWnd = 0x000400fc; ClassName:
x=0, y=0, width=0, height=0
19:22:2 = hWnd = 0x000800f6; ClassName:
x=0, y=0, width=0, height=0
7:44:22 = Process Attach
7:44:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:44:22 = * NULL == SampleProvider *

7:44:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:44:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:44:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:44:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:44:26 = Need to re-create objects.
7:44:27 = s1.
7:44:27 = s2.
7:44:32 = Start show animate
7:44:32 = Shell Excutute VerifyHost
7:45:10 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:45:10 = Terminate Process

7:45:11 = end close Process
7:45:11 = DLL_PROCESS_DETACH
11:16:59 = Process Attach
11:16:59 = end process attach
11:16:59 = ***** NULL == SampleProvider *****
11:16:59 = hWnd = 0x000704e4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:16:59 = hWnd = 0x000c0442; ClassName:
dow.
x=0, y=0, width=1, height=1
11:16:59 = hWnd = 0x00060544; ClassName:
x=0, y=0, width=0, height=0
11:16:59 = hWnd = 0x00120460; ClassName:
x=0, y=0, width=0, height=0
11:17:4 = Process Attach
11:17:4 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:17:4 = * NULL == SampleProvider *

11:17:4 = begin close Process
11:17:4 = end close Process
11:17:4 = ##### Get event and release process end #####
11:17:4 = hWnd = 0x000700c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:17:4 = hWnd = 0x000700d0; ClassName:
ow.
x=0, y=0, width=1, height=1
11:17:4 = hWnd = 0x0013002c; ClassName:
x=0, y=0, width=0, height=0
11:17:4 = hWnd = 0x0005007e; ClassName:
x=0, y=0, width=0, height=0
15:34:28 = Process Attach
15:34:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:34:28 = * NULL == SampleProvider *

15:34:28 = ##### Begin waiting Mutex to release process #####
15:34:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:34:29 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:34:29 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:34:32 = Need to re-create objects.
15:34:32 = s1.
15:34:32 = s2.
15:34:36 = Start show animate
15:34:36 = Shell Excutute VerifyHost

15:35:13
15:35:13
15:35:14
15:35:14

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

17:19:35 = Process Attach

17:19:35 = end process attach
17:19:35 = ***** NULL == SampleProvider *****
17:19:35 = ##### Begin waiting Mutex to release process #####
17:19:35 = hWnd = 0x00050356; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:19:35 = hWnd = 0x000e086e; ClassName:
dow.
x=0, y=0, width=1, height=1
17:19:35 = hWnd = 0x001205da; ClassName:
x=0, y=0, width=0, height=0
17:19:35 = hWnd = 0x000c0820; ClassName:
x=0, y=0, width=0, height=0
17:19:46 = Process Attach
17:19:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:19:46 = * NULL == SampleProvider *

17:19:46 = begin close Process
17:19:46 = end close Process
17:19:46 = ##### Get event and release process end #####
17:19:46 = hWnd = 0x000200b6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:19:46 = hWnd = 0x0005004a; ClassName:
dow.
x=0, y=0, width=1, height=1
17:19:46 = hWnd = 0x00070090; ClassName:
x=0, y=0, width=0, height=0
17:19:46 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
18:14:58 = Process Attach
18:14:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:14:58 = ##### Begin waiting Mutex to release process #####

18:14:58 = ***** NULL == SampleProvider *****
18:14:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:14:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:14:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:14:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:15:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:15:0 = s1.
18:15:0 = s2.
18:15:0 = Start show animate
18:15:0 = Shell Excutute VerifyHost
18:15:33 = begin close Process
18:15:33 = Terminate Process
18:15:34 = end close Process
18:15:34 = DLL_PROCESS_DETACH
22:8:45 = Process Attach
22:8:45 = end process attach
22:8:45 = ***** NULL == SampleProvider *****
22:8:45 = hWnd = 0x00050a26; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:8:45 = hWnd = 0x006908a4; ClassName:
ow.
x=0, y=0, width=1, height=1
22:8:45 = hWnd = 0x00080748; ClassName:
x=0, y=0, width=0, height=0
22:8:45 = hWnd = 0x00120a94; ClassName:
x=0, y=0, width=0, height=0
22:9:0 = Process Attach
22:9:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:9:0 = ##### Get event and release process #####

22:9:0 = begin close Process
22:9:0 = end close Process
22:9:0 = ##### Get event and release process end #####
22:9:0 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:9:0 = hWnd = 0x000200aa; ClassName:
w.
x=0, y=0, width=1, height=1
22:9:0 = hWnd = 0x0008005a; ClassName:
x=0, y=0, width=0, height=0
22:9:0 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
17:54:21 = Process Attach
17:54:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:54:21 = * NULL == SampleProvider *

17:54:21 = ##### Begin waiting Mutex to release process #####
17:54:21 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
17:54:21 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:54:21 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:55:1 = Need to re-create objects.

17:55:1 = s1.
17:55:1 = s2.
17:55:2 = Start show animate
17:55:2 = Shell Excutute VerifyHost
17:55:24 = begin close Process
17:55:24 = Terminate Process
17:55:25 = end close Process
17:55:25 = DLL_PROCESS_DETACH
18:44:27 = Process Attach
18:44:27 = end process attach
18:44:27 = ***** NULL == SampleProvider *****
18:44:27 = ##### Begin waiting Mutex to release process #####
18:44:27 = hWnd = 0x00190570; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:44:27 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
18:44:27 = hWnd = 0x000708b8; ClassName:
x=0, y=0, width=0, height=0
18:44:27 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
18:44:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:44:27 = s1.
18:44:27 = s2.
18:44:27
18:44:27
19:21:11
19:21:11
19:21:12
19:21:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:49:10 = Process Attach

20:49:10 = end process attach
20:49:10 = ***** NULL == SampleProvider *****
20:49:10 = hWnd = 0x001d18ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:49:10 = hWnd = 0x001917fc; ClassName:
dow.
x=0, y=0, width=1, height=1
20:49:10 = hWnd = 0x00071532; ClassName:
x=0, y=0, width=0, height=0
20:49:10 = hWnd = 0x00171900; ClassName:
x=0, y=0, width=0, height=0
20:49:10 = Need to re-create objects.
20:49:10 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:49:10 = s2.
20:49:10
20:49:10
21:34:22
21:34:22
21:34:23
21:34:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:4:35 = Process Attach

22:4:35 = end process attach
22:4:35 = ##### Begin waiting Mutex to release process #####
22:4:35 = hWnd = 0x0009069a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:4:35 = hWnd = 0x00260506; ClassName:
ow.
x=0, y=0, width=1, height=1
22:4:35 = hWnd = 0x0009047e; ClassName:
x=0, y=0, width=0, height=0
22:4:35 = hWnd = 0x0009046e; ClassName:
x=0, y=0, width=0, height=0
22:4:45 = Process Attach
22:4:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:4:45 = * NULL == SampleProvider *

22:4:45 = ##### Get event and release process #####
22:4:45 =
ow.
x=0, y=0,
22:4:45 =
22:4:45 =
x=0, y=0,
14:1:24 =
14:1:24 =

hWnd = 0x0002009a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
end close Process
hWnd = 0x000900ac; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

14:1:24 = * NULL == SampleProvider *

14:1:24 = ##### Begin waiting Mutex to release process #####
14:1:24 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:1:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:1:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:1:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:1:26 = Need to re-create objects.
14:1:26 = s1.
14:1:26 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:1:32 = Start show animate

14:1:32 = Shell Excutute VerifyHost
14:2:5 = begin close Process
14:2:5 = Terminate Process
14:2:6 = end close Process
14:2:6 = DLL_PROCESS_DETACH
14:4:52 = Process Attach
14:4:52 = end process attach
14:4:52 = ***** NULL == SampleProvider *****
14:4:52 = ##### Begin waiting Mutex to release process #####
14:4:52 = hWnd = 0x0007020a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:4:52 = hWnd = 0x0005040e; ClassName:
ow.
x=0, y=0, width=1, height=1
14:4:52 = hWnd = 0x00020384; ClassName:
x=0, y=0, width=0, height=0
14:4:52 = hWnd = 0x0002038a; ClassName:
x=0, y=0, width=0, height=0
14:4:56 = Process Attach
14:4:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:4:56 = ##### Get event and release process #####

14:4:56 = begin close Process
14:4:56 = end close Process
14:4:56 = ##### Get event and release process end #####
14:4:56 = hWnd = 0x000200be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:4:56 = hWnd = 0x0002006c; ClassName:
ow.
x=0, y=0, width=1, height=1
14:4:56 = hWnd = 0x00020056; ClassName:
x=0, y=0, width=0, height=0
14:4:56 = hWnd = 0x000200c0; ClassName:
x=0, y=0, width=0, height=0
16:19:36 = Process Attach
16:19:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:19:36 = * NULL == SampleProvider *

16:19:36 = ##### Begin waiting Mutex to release process #####
16:19:36 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:19:36 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:19:36 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:20:1 = Need to re-create objects.

16:20:1 = s1.
16:20:1 = s2.
16:20:2 = Start show animate
16:20:2 = Shell Excutute VerifyHost
16:20:19 = begin close Process
16:20:19 = end close Process
16:20:19 = DLL_PROCESS_DETACH
17:33:58 = Process Attach
17:33:58 = end process attach
17:33:58 = ***** NULL == SampleProvider *****
17:33:58 = ##### Begin waiting Mutex to release process #####
17:33:58 = hWnd = 0x000c0506; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:33:58 = hWnd = 0x00080bf8; ClassName:
dow.
x=0, y=0, width=1, height=1
17:33:58 = hWnd = 0x000804a2; ClassName:
x=0, y=0, width=0, height=0
17:33:58 = hWnd = 0x00080c3e; ClassName:
x=0, y=0, width=0, height=0
17:34:5 = Process Attach
17:34:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:34:5 = * NULL == SampleProvider *

17:34:5 = begin close Process
17:34:5 = end close Process
17:34:5 = ##### Get event and release process end #####
17:34:5 = hWnd = 0x0004004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:34:5 = hWnd = 0x00380074; ClassName:
ow.
x=0, y=0, width=1, height=1
17:34:5 = hWnd = 0x001700d6; ClassName:
x=0, y=0, width=0, height=0
17:34:5 = hWnd = 0x000900b4; ClassName:
x=0, y=0, width=0, height=0
21:56:14 = Process Attach
21:56:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:56:14 = * NULL == SampleProvider *

21:56:14 = ##### Begin waiting Mutex to release process #####
21:56:15 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:56:15 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:56:16 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

21:56:16 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:56:20 = Need to re-create objects.
21:56:20 = s1.
21:56:20 = s2.
21:56:24 = Start show animate
21:56:24 = Shell Excutute VerifyHost
21:57:1 = begin close Process
21:57:1 = Terminate Process
21:57:2 = end close Process
21:57:2 = DLL_PROCESS_DETACH
22:39:0 = Process Attach
22:39:0 = end process attach
22:39:0 = ***** NULL == SampleProvider *****
22:39:0 = ##### Begin waiting Mutex to release process #####
22:39:0 = hWnd = 0x000904ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:39:0 = hWnd = 0x000705b0; ClassName:
ow.
x=0, y=0, width=1, height=1
22:39:0 = hWnd = 0x00040484; ClassName:
x=0, y=0, width=0, height=0
22:39:0 = hWnd = 0x00070658; ClassName:
x=0, y=0, width=0, height=0
22:39:7 = Process Attach
22:39:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:39:7 = * NULL == SampleProvider *

22:39:7 = hWnd = 0x00180038; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:39:7 = hWnd = 0x00050056; ClassName:
ow.
x=0, y=0, width=1, height=1
22:39:7 = hWnd = 0x000a002c; ClassName:
x=0, y=0, width=0, height=0
22:39:7 = hWnd = 0x0005009e; ClassName:
x=0, y=0, width=0, height=0
22:52:33 = Process Attach
22:52:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:52:33 = * NULL == SampleProvider *

22:52:33 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:52:33 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:52:33 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

22:52:33 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:52:33 = Need to re-create objects.
22:52:33 = s1.
22:52:33 = s2.
22:52:34 = Start show animate
22:52:34 = Shell Excutute VerifyHost
22:53:1 = begin close Process
22:53:1 = Terminate Process
22:53:2 = end close Process
22:53:2 = DLL_PROCESS_DETACH
22:55:11 = Process Attach
22:55:11 = end process attach
22:55:11 = ***** NULL == SampleProvider *****
22:55:11 = ##### Begin waiting Mutex to release process #####
22:55:11 = hWnd = 0x0002031a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:55:11 = hWnd = 0x000302d4; ClassName:
dow.
x=0, y=0, width=1, height=1
22:55:11 = hWnd = 0x000302ea; ClassName:
x=0, y=0, width=0, height=0
22:55:11 = hWnd = 0x0002031e; ClassName:
x=0, y=0, width=0, height=0
22:55:17 = Process Attach
22:55:17 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:55:17 = * NULL == SampleProvider *

22:55:17 = begin close Process
22:55:17 = end close Process
22:55:17 = ##### Get event and release process end #####
22:55:17 = hWnd = 0x000b009c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:55:17 = hWnd = 0x000e00a2; ClassName:
dow.
x=0, y=0, width=1, height=1
22:55:17 = hWnd = 0x000500b0; ClassName:
x=0, y=0, width=0, height=0
22:55:17 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
7:47:58 = Process Attach
7:47:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:58 = ##### Begin waiting Mutex to release process #####

7:47:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

7:47:58 =
ow.
x=0, y=0,
7:47:58 =
x=0, y=0,
7:47:58 =
x=0, y=0,
7:47:58 =

7:47:58 = s1.
7:47:58 = s2.
7:47:58
7:47:58
7:48:23
7:48:23
7:48:24
7:48:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:23:54 = Process Attach

9:23:54 = end process attach
9:23:54 = ***** NULL == SampleProvider *****
9:23:54 = ##### Begin waiting Mutex to release process #####
9:23:54 = hWnd = 0x00020426; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:23:54 = hWnd = 0x00020418; ClassName:
ow.
x=0, y=0, width=1, height=1
9:23:54 = hWnd = 0x0002041e; ClassName:
x=0, y=0, width=0, height=0
9:23:54 = hWnd = 0x00070018; ClassName:
x=0, y=0, width=0, height=0
9:24:0 = Process Attach
9:24:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:0 = * NULL == SampleProvider *

9:24:0 = begin close Process
9:24:0 = end close Process
9:24:0 = ##### Get event and release process end #####
9:24:0 = hWnd = 0x000b0074; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:24:0 = hWnd = 0x00040092; ClassName:
w.
x=0, y=0, width=1, height=1
9:24:0 = hWnd = 0x000800e4; ClassName:
x=0, y=0, width=0, height=0
9:24:0 = hWnd = 0x00030094; ClassName:
x=0, y=0, width=0, height=0
12:3:44 = Process Attach
12:3:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:3:44 = * NULL == SampleProvider *

12:3:44 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:3:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:3:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:3:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:3:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:3:48 = s1.
12:3:48 = s2.
12:3:54
12:3:54
12:4:30
12:4:30
12:4:31
12:4:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:50:0 = Process Attach

12:50:0 = end process attach
12:50:0 = ***** NULL == SampleProvider *****
12:50:0 = ##### Begin waiting Mutex to release process #####
12:50:0 = hWnd = 0x0002037e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:50:0 = hWnd = 0x00080340; ClassName:
ow.
x=0, y=0, width=1, height=1
12:50:0 = hWnd = 0x00040374; ClassName:
x=0, y=0, width=0, height=0
12:50:0 = hWnd = 0x00040356; ClassName:
x=0, y=0, width=0, height=0
12:50:5 = Process Attach
12:50:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:50:5 = ##### Get event and release process #####

12:50:5 = begin close Process
12:50:5 = end close Process
12:50:5 = ##### Get event and release process end #####
12:50:5 = ***** NULL == SampleProvider *****
12:50:5 = hWnd = 0x000400c4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:50:5 = hWnd = 0x0003006a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
12:50:5 = hWnd = 0x00030094; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

12:50:5 = hWnd = 0x00030056; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
15:12:15 = Process Attach
15:12:15 = end process attach
15:12:15 = ***** NULL == SampleProvider *****
15:12:15 = ##### Begin waiting Mutex to release process #####
15:12:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:12:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:12:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:12:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:12:15 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:12:15 = s1.
15:12:15 = s2.
15:12:15
15:12:15
15:12:49
15:12:49
15:12:50
15:12:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:2:39 = Process Attach

16:2:40 = end process attach
16:2:40 = ***** NULL == SampleProvider *****
16:2:40 = ##### Begin waiting Mutex to release process #####
16:2:40 = hWnd = 0x00030a0c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:2:40 = hWnd = 0x004204de; ClassName:
ow.
x=0, y=0, width=1, height=1
16:2:40 = hWnd = 0x00030a1c; ClassName:
x=0, y=0, width=0, height=0
16:2:40 = hWnd = 0x000409c2; ClassName:
x=0, y=0, width=0, height=0
16:2:46 = Process Attach
16:2:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:2:46 = * NULL == SampleProvider *

16:2:46 = end close Process
16:2:46 = ##### Get event and release process end #####
16:2:46 = hWnd = 0x0014010e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

16:2:46 = hWnd = 0x00050108; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
16:2:46 = hWnd = 0x00160106; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:2:46 = hWnd = 0x000300d8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:41:26 = Process Attach
10:41:26 = end process attach
10:41:26 = ***** NULL == SampleProvider *****
10:41:26 = ##### Begin waiting Mutex to release process #####
10:41:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:41:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:41:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:41:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:41:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:31 = s1.
10:41:31 = s2.
10:41:35
10:41:35
10:42:13
10:42:13
10:42:15
10:42:15

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:16:41 = ##### Get event and release process #####

12:16:41 = begin close Process

12:16:41 = end close Process
12:16:41 = ##### Get event and release process end #####
12:16:41 = hWnd = 0x000c0054; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:16:41 = hWnd = 0x0003008c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:16:41 = hWnd = 0x0021004c; ClassName:
x=0, y=0, width=0, height=0
12:16:41 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
13:44:43 = Process Attach
13:44:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:44:43 = * NULL == SampleProvider *

13:44:43 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:44:44 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:44:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:44:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:44:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:44:48 = s1.
13:44:48 = s2.
13:44:51
13:44:51
13:45:30
13:45:30
13:45:31
13:45:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:21:39 = Process Attach

14:21:39 = end process attach
14:21:39 = ***** NULL == SampleProvider *****
14:21:39 = ##### Begin waiting Mutex to release process #####
14:21:39 = hWnd = 0x00020366; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:21:39 = hWnd = 0x00020334; ClassName:
dow.
x=0, y=0, width=1, height=1
14:21:39 = hWnd = 0x0002033c; ClassName:
x=0, y=0, width=0, height=0
14:21:39 = hWnd = 0x0002033a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:21:48 = Process Attach

14:21:48 = ## ERR ## Setevent
14:21:48 = ***** NULL == SampleProvider *****
14:21:48 = ##### Get event and release process #####
14:21:48 = begin close Process
14:21:48 = end close Process
14:21:48 = hWnd = 0x0012008a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:21:48 = hWnd = 0x00030036; ClassName:
dow.
x=0, y=0, width=1, height=1
14:21:48 = hWnd = 0x001200c4; ClassName:
x=0, y=0, width=0, height=0
14:21:48 = hWnd = 0x0005004e; ClassName:
x=0, y=0, width=0, height=0
18:42:17 = Process Attach
18:42:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:17 = * NULL == SampleProvider *

18:42:17 = ##### Begin waiting Mutex to release process #####
18:42:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:42:18 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:42:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:42:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:42:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:42:20 = s1.
18:42:20 = s2.
18:42:24 = Start show animate
18:42:24 = Shell Excutute VerifyHost
18:43:4 = begin close Process
18:43:4 = Terminate Process
18:43:5 = end close Process
18:43:5 = DLL_PROCESS_DETACH
19:28:10 = Process Attach
19:28:10 = end process attach
19:28:10 = ***** NULL == SampleProvider *****
19:28:10 = ##### Begin waiting Mutex to release process #####
19:28:10 = hWnd = 0x000c04c8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:28:10 = hWnd = 0x000d0574; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
19:28:10 = hWnd = 0x001103a8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:28:10 = hWnd = 0x000e0558; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:28:15 = Process Attach
19:28:15 = ## ERR ## Setevent
19:28:15 = ***** NULL == SampleProvider *****
19:28:15 = begin close Process
19:28:15 = end close Process
19:28:15 = ##### Get event and release process end #####
19:28:15 = hWnd = 0x000200cc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:28:15 = hWnd = 0x000400ca; ClassName:
dow.
x=0, y=0, width=1, height=1
19:28:15 = hWnd = 0x000200ba; ClassName:
x=0, y=0, width=0, height=0
19:28:15 = hWnd = 0x000b0096; ClassName:
x=0, y=0, width=0, height=0
7:19:46 = Process Attach
7:19:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:19:48 = * NULL == SampleProvider *

7:19:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:19:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:19:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:19:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:19:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:19:52 = s1.
7:19:52 = s2.
7:19:59
7:19:59
7:20:36
7:20:36
7:20:37
7:20:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:25:56 = Process Attach

9:25:56 = end process attach
9:25:56 = ***** NULL == SampleProvider *****
9:25:56 = ##### Begin waiting Mutex to release process #####

9:25:56 = hWnd = 0x00140628; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:25:56 = hWnd = 0x001b0618; ClassName:
ow.
x=0, y=0, width=1, height=1
9:25:56 = hWnd = 0x0003044c; ClassName:
x=0, y=0, width=0, height=0
9:25:56 = hWnd = 0x001b0630; ClassName:
x=0, y=0, width=0, height=0
9:26:4 = Process Attach
9:26:4 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:26:4 = * NULL == SampleProvider *

9:26:4 = begin close Process
9:26:4 = end close Process
9:26:4 = ##### Get event and release process end #####
9:26:4 = hWnd = 0x000400d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:26:4 = hWnd = 0x000900da; ClassName:
w.
x=0, y=0, width=1, height=1
9:26:4 = hWnd = 0x000300ae; ClassName:
x=0, y=0, width=0, height=0
9:26:4 = hWnd = 0x0004008e; ClassName:
x=0, y=0, width=0, height=0
13:7:4 = Process Attach
13:7:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:7:5 = * NULL == SampleProvider *

13:7:5 = ##### Begin waiting Mutex to release process #####
13:7:5 = hWnd = 0x00010018;
w.
x=0, y=0, width=1, height=1
13:7:6 = hWnd = 0x00010022;
x=0, y=0, width=0, height=0
13:7:6 = hWnd = 0x0001001a;
x=0, y=0, width=0, height=0
13:7:10 = Need to re-create

ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

ClassName: MSCTFIME UI; Title: MSCTFIME UI.
ClassName: IME; Title: Default IME.
objects.

13:7:10 = s1.
13:7:10 = s2.
13:7:13
13:7:13
13:7:50
13:7:50
13:7:51
13:7:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:19:47 = Process Attach

13:19:47 = end process attach
13:19:47 = ***** NULL == SampleProvider *****

13:19:47 = ##### Begin waiting Mutex to release process #####

13:19:47 = hWnd = 0x0002076c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:19:47 = hWnd = 0x001b0520; ClassName:
dow.
x=0, y=0, width=1, height=1
13:19:47 = hWnd = 0x00020758; ClassName:
x=0, y=0, width=0, height=0
13:19:47 = hWnd = 0x000c0588; ClassName:
x=0, y=0, width=0, height=0
13:19:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:19:47 = s1.
13:19:47 = s2.
13:19:47
13:19:47
13:52:48
13:52:48
13:52:49
13:52:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:55:2 = Process Attach

15:55:2 = end process attach
15:55:3 = ***** NULL == SampleProvider *****
15:55:3 = hWnd = 0x0053091a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:55:3 = hWnd = 0x000904e2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
15:55:3 = hWnd = 0x00040334; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:55:3 = hWnd = 0x00200564; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:55:3 = ##### Begin waiting Mutex to release process #####
15:55:3 = Need to re-create objects.
15:55:3 = s1.
15:55:3 = s2.
15:55:4 = Start show animate
15:55:4 = Shell Excutute VerifyHost
15:57:40 = begin close Process
15:57:40 = Terminate Process
15:57:41 = end close Process
15:57:41 = DLL_PROCESS_DETACH
16:5:38 = Process Attach
16:5:38 = end process attach
16:5:38 = ***** NULL == SampleProvider *****

16:5:38 = hWnd = 0x00090f3e; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:5:38 = hWnd = 0x00060c50; ClassName:
ow.
x=0, y=0, width=1, height=1
16:5:38 = hWnd = 0x005808d8; ClassName:
x=0, y=0, width=0, height=0
16:5:38 = hWnd = 0x000f047a; ClassName:
x=0, y=0, width=0, height=0
16:5:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:5:38 = s1.
16:5:38 = s2.
16:5:38 = Start show animate
16:5:38 = Shell Excutute VerifyHost
16:54:21 = begin close Process
16:54:21 = Terminate Process
16:54:22 = end close Process
16:54:22 = DLL_PROCESS_DETACH
16:54:25 = Process Attach
16:54:25 = end process attach
16:54:25 = ***** NULL == SampleProvider *****
16:54:25 = ##### Begin waiting Mutex to release process #####
16:54:25 = hWnd = 0x00060f36; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:54:25 = hWnd = 0x001b0e08; ClassName:
dow.
x=0, y=0, width=1, height=1
16:54:25 = hWnd = 0x0011047a; ClassName:
x=0, y=0, width=0, height=0
16:54:25 = hWnd = 0x000b0df6; ClassName:
x=0, y=0, width=0, height=0
16:54:51 = Process Attach
16:54:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:54:51 = * NULL == SampleProvider *

16:54:51 = begin close Process
16:54:51 = end close Process
16:54:51 = ##### Get event and release process end #####
16:54:51 = hWnd = 0x01a700a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:54:51 = hWnd = 0x003b00b4; ClassName:
dow.
x=0, y=0, width=1, height=1
16:54:51 = hWnd = 0x000a0064; ClassName:
x=0, y=0, width=0, height=0
16:54:51 = hWnd = 0x031700b6; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:15 = Process Attach

9:24:16 = end process attach
9:24:16 = ***** NULL == SampleProvider *****
9:24:16 = ##### Begin waiting Mutex to release process #####
9:24:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:24:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:24:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:24:18 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:18 = s1.
9:24:18 = s2.
9:24:18
9:24:18
9:24:37
9:24:37
9:24:38
9:24:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:33:23 = Process Attach

9:33:23 = end process attach
9:33:23 = ***** NULL == SampleProvider *****
9:33:23 = ##### Begin waiting Mutex to release process #####
9:33:23 = hWnd = 0x00050710; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:33:23 = hWnd = 0x000304a0; ClassName:
ow.
x=0, y=0, width=1, height=1
9:33:23 = hWnd = 0x000a002e; ClassName:
x=0, y=0, width=0, height=0
9:33:23 = hWnd = 0x000a0382; ClassName:
x=0, y=0, width=0, height=0
9:33:23 = Need to re-create objects.
9:33:23 = s1.
9:33:23 = s2.
9:33:23 = Start show animate
9:33:23 = Shell Excutute VerifyHost
16:54:10 = Bypass the object creation.
16:55:40 = begin close Process
16:55:40 = Terminate Process
16:55:41 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:55:41 = DLL_PROCESS_DETACH
18:11:4 = Process Attach
18:11:4 = end process attach
18:11:4 = ***** NULL == SampleProvider *****
18:11:4 = ##### Begin waiting Mutex to release process #####
18:11:4 = hWnd = 0x00060452; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:11:4 = hWnd = 0x0006044e; ClassName:
ow.
x=0, y=0, width=1, height=1
18:11:4 = hWnd = 0x0007046c; ClassName:
x=0, y=0, width=0, height=0
18:11:4 = hWnd = 0x000c0414; ClassName:
x=0, y=0, width=0, height=0
18:11:29 = Process Attach
18:11:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:11:29 = * NULL == SampleProvider *

18:11:29 = begin close Process
18:11:29 = hWnd = 0x00770064; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:11:29 = ##### Get event and release process end #####
18:11:29 = hWnd = 0x00310092; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:14:12 = Process Attach
18:14:12 = end process attach
18:14:12 = ***** NULL == SampleProvider *****
18:14:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:14:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:14:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:14:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:14:15 = Need to re-create objects.
18:14:15 = s1.
18:14:15 = s2.
18:14:15
18:14:15
18:14:40
18:14:40
18:14:41
18:14:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:56:37 = Process Attach

18:56:37 = end process attach
18:56:37 = ***** NULL == SampleProvider *****
18:56:37 = ##### Begin waiting Mutex to release process #####
18:56:37 = hWnd = 0x00020154; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:56:37 = hWnd = 0x000606ee; ClassName:
dow.
x=0, y=0, width=1, height=1
18:56:37 = hWnd = 0x00090452; ClassName:
x=0, y=0, width=0, height=0
18:56:37 = hWnd = 0x000905d2; ClassName:
x=0, y=0, width=0, height=0
18:56:41 = Process Attach
18:56:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:56:41 = ##### Get event and release process #####

18:56:41 = begin close Process
18:56:41 = ***** NULL == SampleProvider *****
18:56:41 = hWnd = 0x000400ea; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:56:41 = hWnd = 0x00050060; ClassName:
dow.
x=0, y=0, width=1, height=1
18:56:41 = hWnd = 0x000500b4; ClassName:
x=0, y=0, width=0, height=0
18:56:41 = hWnd = 0x0006005e; ClassName:
x=0, y=0, width=0, height=0
9:20:22 = Process Attach
9:20:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:20:22 = * NULL == SampleProvider *

9:20:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=800, height=600
9:20:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:20:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:20:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:20:26 = Need to re-create objects.
9:20:26 = s1.
9:20:26 = s2.
9:20:31 = Start show animate
9:20:31 = Shell Excutute VerifyHost
9:21:8 = begin close Process
9:21:8 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:21:9 = end close Process

9:21:9 = DLL_PROCESS_DETACH
12:30:7 = Process Attach
12:30:7 = end process attach
12:30:7 = ***** NULL == SampleProvider *****
12:30:7 = ##### Begin waiting Mutex to release process #####
12:30:7 = hWnd = 0x000e098e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:30:7 = hWnd = 0x0006080a; ClassName:
ow.
x=0, y=0, width=1, height=1
12:30:7 = hWnd = 0x000d05d0; ClassName:
x=0, y=0, width=0, height=0
12:30:7 = hWnd = 0x000b0730; ClassName:
x=0, y=0, width=0, height=0
12:30:19 = Process Attach
12:30:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:30:19 = * NULL == SampleProvider *

12:30:19 = begin close Process
12:30:19 = end close Process
12:30:19 = ##### Get event and release process end #####
12:30:19 = hWnd = 0x002100c8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:30:19 = hWnd = 0x0003002a; ClassName:
dow.
x=0, y=0, width=1, height=1
12:30:19 = hWnd = 0x0020008c; ClassName:
x=0, y=0, width=0, height=0
12:30:19 = hWnd = 0x001e002e; ClassName:
x=0, y=0, width=0, height=0
13:55:14 = Process Attach
13:55:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:55:15 = * NULL == SampleProvider *

13:55:15 = ##### Begin waiting Mutex to release process #####
13:55:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:55:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:55:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:55:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:55:22 = Need to re-create objects.
13:55:22 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:55:22 = s2.
13:55:27 = Start show animate
13:55:27 = Shell Excutute VerifyHost
13:56:3 = begin close Process
13:56:3 = Terminate Process
13:56:4 = end close Process
13:56:4 = DLL_PROCESS_DETACH
14:3:57 = Process Attach
14:3:57 = end process attach
14:3:57 = ***** NULL == SampleProvider *****
14:3:57 = ##### Begin waiting Mutex to release process #####
14:3:57 = hWnd = 0x0002046e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:3:57 = hWnd = 0x00030300; ClassName:
ow.
x=0, y=0, width=1, height=1
14:3:57 = hWnd = 0x000604c8; ClassName:
x=0, y=0, width=0, height=0
14:3:57 = hWnd = 0x000404d8; ClassName:
x=0, y=0, width=0, height=0
14:3:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:3:57 = s1.
14:3:57 = s2.
14:3:57 = Start show animate
14:3:57 = Shell Excutute VerifyHost
15:46:22 = Process Attach
15:46:22 = ## ERR ## Setevent
15:46:22 = ##### Get event and release process #####
15:46:22 = begin close Process
15:46:22 = Terminate Process
15:46:22 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:46:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:46:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:46:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:46:23 = Need to re-create objects.
15:46:23 = s1.
15:46:23 = s2.
15:46:23 = Start show animate
15:46:23 = Shell Excutute VerifyHost
15:46:23 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:46:23 = ##### Get event and release process end #####

15:46:37
15:46:37
15:46:37
15:46:37
15:46:37

=
=
=
=
=

begin close Process

Terminate Process
begin close Process
end close Process
DLL_PROCESS_DETACH

15:46:38 = end close Process

15:46:38 = DLL_PROCESS_DETACH
15:46:47 = Process Attach
15:46:47 = end process attach
15:46:47 = ***** NULL == SampleProvider *****
15:46:47 = ##### Begin waiting Mutex to release process #####
15:46:47 = hWnd = 0x000404ec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:46:47 = hWnd = 0x0003046e; ClassName:
dow.
x=0, y=0, width=1, height=1
15:46:47 = hWnd = 0x000204c0; ClassName:
x=0, y=0, width=0, height=0
15:46:47 = hWnd = 0x000604e0; ClassName:
x=0, y=0, width=0, height=0
15:46:48 = Process Attach
15:46:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:46:48 = * NULL == SampleProvider *

15:46:48 = begin close Process
15:46:48 = end close Process
15:46:48 = ##### Get event and release process end #####
15:46:48 = hWnd = 0x000e00a4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:46:48 = hWnd = 0x00070052; ClassName:
dow.
x=0, y=0, width=1, height=1
15:46:48 = hWnd = 0x00030074; ClassName:
x=0, y=0, width=0, height=0
15:46:48 = hWnd = 0x0005004c; ClassName:
x=0, y=0, width=0, height=0
19:49:41 = Process Attach
19:49:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:49:41 = * NULL == SampleProvider *

19:49:41 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:49:42 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:49:42 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

19:49:42 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
19:49:46 = Need to re-create objects.
19:49:47 = s1.
19:49:47 = s2.
19:49:51
19:49:51
19:50:27
19:50:27
19:50:28
19:50:28

17:2:49 = end process attach
17:2:49 = ***** NULL == SampleProvider *****
17:2:49 = hWnd = 0x00150904; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:2:49 = hWnd = 0x00170810; ClassName:
ow.
x=0, y=0, width=1, height=1
17:2:49 = hWnd = 0x0020075c; ClassName:
x=0, y=0, width=0, height=0
17:2:49 = hWnd = 0x003104ee; ClassName:
x=0, y=0, width=0, height=0
17:2:57 = Process Attach
17:2:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:2:57 = * NULL == SampleProvider *

17:2:57 = begin close Process

17:2:57 = hWnd = 0x0007009e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:2:57 = ##### Get event and release process end #####
17:2:57 = hWnd = 0x005e00c4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:2:57 = hWnd = 0x0005009c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:55:15 = Process Attach
20:55:15 = end process attach
20:55:15 = ***** NULL == SampleProvider *****
20:55:15 = ##### Begin waiting Mutex to release process #####
20:55:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:55:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:55:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:55:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:55:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:55:19 = s1.
20:55:19 = s2.
20:55:24 = Start show animate
20:55:24 = Shell Excutute VerifyHost
20:56:3 = begin close Process
20:56:3 = Terminate Process
20:56:4 = end close Process
20:56:4 = DLL_PROCESS_DETACH
21:39:9 = Process Attach
21:39:9 = end process attach
21:39:9 = ##### Begin waiting Mutex to release process #####
21:39:9 = hWnd = 0x00030376; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:39:9 = hWnd = 0x00040372; ClassName:
ow.
x=0, y=0, width=1, height=1
21:39:9 = hWnd = 0x0003036a; ClassName:
x=0, y=0, width=0, height=0
21:39:9 = hWnd = 0x00030374; ClassName:
x=0, y=0, width=0, height=0
21:39:15 = Process Attach
21:39:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:39:15 = * NULL == SampleProvider *

21:39:15 = begin close Process

21:39:15 = end close Process
21:39:15 = ##### Get event and release process end #####
21:39:15 = hWnd = 0x000200e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:39:15 = hWnd = 0x000200e4; ClassName:
dow.
x=0, y=0, width=1, height=1
21:39:15 = hWnd = 0x000c006c; ClassName:
x=0, y=0, width=0, height=0
21:39:15 = hWnd = 0x000200e0; ClassName:
x=0, y=0, width=0, height=0
8:37:36 = Process Attach
8:37:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:37:36 = * NULL == SampleProvider *

8:37:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:37:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:37:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:37:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:37:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:37:40 = s1.
8:37:40 = s2.
8:37:43
8:37:43
8:38:20
8:38:20
8:38:21
8:38:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:17:0 = Process Attach

12:17:0 = end process attach
12:17:0 = ***** NULL == SampleProvider *****
12:17:0 = ##### Begin waiting Mutex to release process #####
12:17:0 = hWnd = 0x000b0690; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:17:0 = hWnd = 0x00080518; ClassName:
ow.
x=0, y=0, width=1, height=1
12:17:0 = hWnd = 0x000804f8; ClassName:
x=0, y=0, width=0, height=0
12:17:0 = hWnd = 0x00070514; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:17:7 = Process Attach

12:17:7 = ## ERR ## Setevent
12:17:7 = ***** NULL == SampleProvider *****
12:17:7 = begin close Process
12:17:7 = end close Process
12:17:7 = ##### Get event and release process end #####
12:17:7 = hWnd = 0x000200b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:17:7 = hWnd = 0x000300ac; ClassName:
ow.
x=0, y=0, width=1, height=1
12:17:7 = hWnd = 0x000d0084; ClassName:
x=0, y=0, width=0, height=0
12:17:7 = hWnd = 0x00050048; ClassName:
x=0, y=0, width=0, height=0
20:26:49 = Process Attach
20:26:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:26:49 = * NULL == SampleProvider *

20:26:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:26:50 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:26:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:26:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:26:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:26:54 = s1.
20:26:54 = s2.
20:26:59
20:26:59
20:27:37
20:27:37
20:27:38
20:27:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:5:58 = Process Attach

23:5:58 = end process attach
23:5:58 = ***** NULL == SampleProvider *****
23:5:58 = ##### Begin waiting Mutex to release process #####
23:5:58 = hWnd = 0x001a0622; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:5:58 = hWnd = 0x000c0522; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

23:5:58 =
x=0, y=0,
23:5:58 =
x=0, y=0,
23:6:12 =
23:6:12 =

hWnd = 0x0005074c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000506ce; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

23:6:12 = * NULL == SampleProvider *

23:6:12 = begin close Process
23:6:12 = end close Process
23:6:12 = ##### Get event and release process end #####
23:6:12 = hWnd = 0x003000bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:6:12 = hWnd = 0x00030036; ClassName:
ow.
x=0, y=0, width=1, height=1
23:6:12 = hWnd = 0x000e0054; ClassName:
x=0, y=0, width=0, height=0
23:6:12 = hWnd = 0x00060038; ClassName:
x=0, y=0, width=0, height=0
0:7:52 = Process Attach
0:7:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:7:52 = * NULL == SampleProvider *

0:7:52 = ##### Begin waiting Mutex to release process #####
0:7:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:7:52 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
0:7:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:7:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:7:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:7:52 = s1.
0:7:52 = s2.
0:7:53
0:7:53
0:8:25
0:8:25
0:8:26
0:8:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:51:59 = Process Attach

0:51:59 = end process attach
0:51:59 = ***** NULL == SampleProvider *****
0:51:59 = ##### Begin waiting Mutex to release process #####

0:51:59 = hWnd = 0x000303aa; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:51:59 = hWnd = 0x0007049c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:51:59 = hWnd = 0x002206a6; ClassName:
x=0, y=0, width=0, height=0
0:51:59 = hWnd = 0x0005036e; ClassName:
x=0, y=0, width=0, height=0
0:52:5 = Process Attach
0:52:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:52:5 = * NULL == SampleProvider *

0:52:5 = ##### Get event and release process #####
0:52:5 = begin close Process
0:52:5 = end close Process
0:52:5 = ##### Get event and release process end #####
0:52:5 = hWnd = 0x0003009e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:52:5 = hWnd = 0x00090096; ClassName:
w.
x=0, y=0, width=1, height=1
0:52:5 = hWnd = 0x00020076; ClassName:
x=0, y=0, width=0, height=0
0:52:5 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
8:6:36 = Process Attach
8:6:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:6:36 = * NULL == SampleProvider *

8:6:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:6:37 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:6:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:6:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:6:38 = Need to re-create objects.
8:6:38 = s1.
8:6:38 = s2.
8:6:40
8:6:40
8:7:14
8:7:14
8:7:15
8:7:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:50:37 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:50:37 = end process attach

8:50:37 = ***** NULL == SampleProvider *****
8:50:37 = hWnd = 0x00020462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:50:37 = hWnd = 0x0003045a; ClassName:
ow.
x=0, y=0, width=1, height=1
8:50:37 = hWnd = 0x00020454; ClassName:
x=0, y=0, width=0, height=0
8:50:37 = hWnd = 0x0002046a; ClassName:
x=0, y=0, width=0, height=0
8:50:41 = Process Attach
8:50:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:50:41 = ##### Get event and release process #####

8:50:41 = begin close Process
8:50:41 = end close Process
8:50:41 = ##### Get event and release process end #####
8:50:41 = ***** NULL == SampleProvider *****
8:50:41 = hWnd = 0x00030052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:50:41 = hWnd = 0x00020076; ClassName:
ow.
x=0, y=0, width=1, height=1
8:50:41 = hWnd = 0x000600bc; ClassName:
x=0, y=0, width=0, height=0
8:50:41 = hWnd = 0x00040088; ClassName:
x=0, y=0, width=0, height=0
10:47:39 = Process Attach
10:47:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:47:39 = * NULL == SampleProvider *

10:47:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:47:40 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:47:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:47:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:47:42 = Need to re-create objects.
10:47:42 = s1.
10:47:42 = s2.
10:47:42
10:47:42
10:48:13
10:48:13

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:48:14 = end close Process

10:48:14 = DLL_PROCESS_DETACH
11:21:14 = Process Attach
11:21:14 = end process attach
11:21:14 = ***** NULL == SampleProvider *****
11:21:14 = ##### Begin waiting Mutex to release process #####
11:21:14 = hWnd = 0x001c05aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:21:14 = hWnd = 0x0002061e; ClassName:
dow.
x=0, y=0, width=1, height=1
11:21:14 = hWnd = 0x003504ae; ClassName:
x=0, y=0, width=0, height=0
11:21:14 = hWnd = 0x001a04d4; ClassName:
x=0, y=0, width=0, height=0
11:21:19 = Process Attach
11:21:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:21:19 = * NULL == SampleProvider *

11:21:19 = begin close Process
11:21:19 = end close Process
11:21:19 = hWnd = 0x00170102; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:21:19 = hWnd = 0x002500fe; ClassName:
dow.
x=0, y=0, width=1, height=1
11:21:19 = hWnd = 0x00050062; ClassName:
x=0, y=0, width=0, height=0
11:21:19 = hWnd = 0x001100da; ClassName:
x=0, y=0, width=0, height=0
21:38:59 = Process Attach
21:38:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:38:59 = * NULL == SampleProvider *

21:38:59 = ##### Begin waiting Mutex to release process #####
21:38:59 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:38:59 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:38:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:38:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:39:0 = Need to re-create objects.
21:39:0 = s1.
21:39:0 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:39:2 = Start show animate

21:39:2 = Shell Excutute VerifyHost
21:39:37 = begin close Process
21:39:37 = Terminate Process
21:39:38 = end close Process
21:39:38 = DLL_PROCESS_DETACH
21:57:50 = Process Attach
21:57:50 = end process attach
21:57:50 = ##### Begin waiting Mutex to release process #####
21:57:50 = ***** NULL == SampleProvider *****
21:57:50 = hWnd = 0x000205c4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:57:50 = hWnd = 0x000205c8; ClassName:
dow.
x=0, y=0, width=1, height=1
21:57:50 = hWnd = 0x000205da; ClassName:
x=0, y=0, width=0, height=0
21:57:50 = hWnd = 0x000205c6; ClassName:
x=0, y=0, width=0, height=0
21:58:1 = Process Attach
21:58:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:58:1 = ##### Get event and release process #####

21:58:1 = begin close Process
21:58:1 = end close Process
21:58:1 = ##### Get event and release process end #####
21:58:1 = hWnd = 0x000a00aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:58:1 = hWnd = 0x000300ac; ClassName:
ow.
x=0, y=0, width=1, height=1
21:58:1 = hWnd = 0x0005002a; ClassName:
x=0, y=0, width=0, height=0
21:58:1 = hWnd = 0x00090086; ClassName:
x=0, y=0, width=0, height=0
11:21:42 = Process Attach
11:21:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:21:43 = * NULL == SampleProvider *

11:21:43 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:21:43 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:21:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:21:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:21:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:21:44 = s1.
11:21:44 = s2.
11:21:46
11:21:46
11:22:23
11:22:23
11:22:24
11:22:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:27:20 = Process Attach

18:27:20 = end process attach
18:27:20 = ***** NULL == SampleProvider *****
18:27:20 = ##### Begin waiting Mutex to release process #####
18:27:20 = hWnd = 0x00b306d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:27:20 = hWnd = 0x00420732; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:27:20 = hWnd = 0x00a00592; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:27:30 = Process Attach
18:27:30 = ## ERR ## Setevent
18:27:30 = ***** NULL == SampleProvider *****
18:27:30 = begin close Process
18:27:30 = end close Process
18:27:30 = ##### Get event and release process end #####
18:27:30 = hWnd = 0x0041010e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:27:30 = hWnd = 0x004b0064; ClassName:
dow.
x=0, y=0, width=1, height=1
18:27:30 = hWnd = 0x003c00f4; ClassName:
x=0, y=0, width=0, height=0
18:27:30 = hWnd = 0x002d0102; ClassName:
x=0, y=0, width=0, height=0
20:33:13 = Process Attach
20:33:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:33:13 = * NULL == SampleProvider *

20:33:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:33:14 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:33:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:33:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:33:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:33:17 = s1.
20:33:17 = s2.
20:33:24 = Start show animate
20:33:24 = Shell Excutute VerifyHost
20:34:0 = begin close Process
20:34:0 = Terminate Process
20:34:1 = end close Process
20:34:1 = DLL_PROCESS_DETACH
23:39:21 = Process Attach
23:39:21 = end process attach
23:39:21 = ***** NULL == SampleProvider *****
23:39:21 = ##### Begin waiting Mutex to release process #####
23:39:21 = hWnd = 0x001209ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:39:21 = hWnd = 0x000d0a68; ClassName:
dow.
x=0, y=0, width=1, height=1
23:39:21 = hWnd = 0x00070a70; ClassName:
x=0, y=0, width=0, height=0
23:39:21 = hWnd = 0x000c0d3e; ClassName:
x=0, y=0, width=0, height=0
23:39:47 = Process Attach
23:39:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:39:47 = ##### Get event and release process #####

23:39:47 = begin close Process
23:39:47 = end close Process
23:39:47 = ##### Get event and release process end #####
23:39:47 = hWnd = 0x001d00c8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:39:47 = hWnd = 0x0005009e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:39:47 = hWnd = 0x000e0088; ClassName:
x=0, y=0, width=0, height=0
23:39:47 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
13:22:45 = Process Attach
13:22:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:22:45 = * NULL == SampleProvider *

13:22:45 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:22:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:22:46 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

13:22:46 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:22:49 = Need to re-create objects.
13:22:50 = s1.
13:22:50 = s2.
13:22:55
13:22:55
13:23:31
13:23:31
13:23:32
13:23:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:33:38 = Process Attach

15:33:38 = end process attach
15:33:38 = ***** NULL == SampleProvider *****
15:33:38 = ##### Begin waiting Mutex to release process #####
15:33:38 = hWnd = 0x007e0596; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:33:38 = hWnd = 0x000605a4; ClassName:
dow.
x=0, y=0, width=1, height=1
15:33:38 = hWnd = 0x008005a2; ClassName:
x=0, y=0, width=0, height=0
15:33:38 = hWnd = 0x00a505b0; ClassName:
x=0, y=0, width=0, height=0
15:33:43 = Process Attach
15:33:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:33:43 = ##### Get event and release process #####

15:33:43 = begin close Process
15:33:43 = end close Process
15:33:43 = ##### Get event and release process end #####
15:33:43 = ***** NULL == SampleProvider *****
15:33:43 = hWnd = 0x000600ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:33:43 = hWnd = 0x004f004e; ClassName:
dow.
x=0, y=0, width=1, height=1
15:33:43 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
15:33:43 = hWnd = 0x000e00d0; ClassName:
x=0, y=0, width=0, height=0
12:48:6 = Process Attach
12:48:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:48:6 = * NULL == SampleProvider *

12:48:6 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
12:48:6 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
12:48:6 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:48:6 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:48:11 = Need to re-create objects.
12:48:11 = s1.
12:48:11 = s2.
12:48:11
12:48:11
12:48:35
12:48:35
12:48:36
12:48:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:37:31 = Process Attach

14:37:31 = end process attach
14:37:31 = ##### Begin waiting Mutex to release process #####
14:37:31 = hWnd = 0x001c0638; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:37:31 = hWnd = 0x00120614; ClassName:
dow.
x=0, y=0, width=1, height=1
14:37:31 = hWnd = 0x001b05de; ClassName:
x=0, y=0, width=0, height=0
14:37:31 = hWnd = 0x0011062c; ClassName:
x=0, y=0, width=0, height=0
14:37:37 = Process Attach
14:37:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:37:37 = * NULL == SampleProvider *

14:37:37 = ##### Get event and release process #####
14:37:37 = begin close Process
14:37:37 = end close Process
14:37:37 = ##### Get event and release process end #####
14:37:37 = hWnd = 0x0002010c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:37:48 = Process Attach
22:37:48 = end process attach
22:37:48 = ***** NULL == SampleProvider *****
22:37:48 = ##### Begin waiting Mutex to release process #####
22:37:48 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

22:37:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:37:55 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:37:55 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:37:56 = Need to re-create objects.
22:37:56 = s1.
22:37:56 = s2.
22:37:56
22:37:56
22:38:31
22:38:31
22:38:32
22:38:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:51:53 = Process Attach

22:51:53 = end process attach
22:51:53 = ***** NULL == SampleProvider *****
22:51:53 = ##### Begin waiting Mutex to release process #####
22:51:53 = hWnd = 0x0006057e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:51:53 = hWnd = 0x000b0678; ClassName:
dow.
x=0, y=0, width=1, height=1
22:51:53 = hWnd = 0x000704f8; ClassName:
x=0, y=0, width=0, height=0
22:51:53 = hWnd = 0x000705a2; ClassName:
x=0, y=0, width=0, height=0
22:51:58 = Process Attach
22:51:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:51:58 = ##### Get event and release process #####

22:51:58 = begin close Process
22:51:58 = end close Process
22:51:58 = ##### Get event and release process end #####
22:51:58 = ***** NULL == SampleProvider *****
22:51:58 = hWnd = 0x00030066; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:51:58 = hWnd = 0x000d006c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:51:58 = hWnd = 0x000200fa; ClassName:
x=0, y=0, width=0, height=0
22:51:58 = hWnd = 0x00030096; ClassName:
x=0, y=0, width=0, height=0
15:52:19 = Process Attach
15:52:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:52:19 = * NULL == SampleProvider *

15:52:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:52:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:52:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:52:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:52:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:52:25 = s1.
15:52:25 = s2.
15:52:34
15:52:34
15:53:13
15:53:13
15:53:14
15:53:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:16:14 = Process Attach

16:16:14 = end process attach
16:16:14 = ***** NULL == SampleProvider *****
16:16:14 = ##### Begin waiting Mutex to release process #####
16:16:14 = hWnd = 0x00090106; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:16:14 = hWnd = 0x000500de; ClassName:
dow.
x=0, y=0, width=1, height=1
16:16:14 = hWnd = 0x000a05c0; ClassName:
x=0, y=0, width=0, height=0
16:16:14 = hWnd = 0x00120582; ClassName:
x=0, y=0, width=0, height=0
16:16:27 = Process Attach
16:16:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:16:27 = * NULL == SampleProvider *

16:16:27 = begin close Process
16:16:27 = end close Process
16:16:27 = ##### Get event and release process end #####
16:16:27 = hWnd = 0x0006010c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:16:27 = hWnd = 0x000300f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:16:27 = hWnd = 0x0002004c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

16:16:27 = hWnd = 0x000400f4; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
13:49:0 = Process Attach
13:49:0 = end process attach
13:49:0 = ***** NULL == SampleProvider *****
13:49:0 = ##### Begin waiting Mutex to release process #####
13:49:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:49:0 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:49:0 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:49:0 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:49:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:49:4 = s1.
13:49:4 = s2.
13:49:4 = Start show animate
13:49:4 = Shell Excutute VerifyHost
13:49:40 = begin close Process
13:49:40 = Terminate Process
13:49:41 = end close Process
13:49:41 = DLL_PROCESS_DETACH
14:12:56 = Process Attach
14:12:56 = end process attach
14:12:56 = ***** NULL == SampleProvider *****
14:12:56 = ##### Begin waiting Mutex to release process #####
14:12:56 = hWnd = 0x000305f6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:12:56 = hWnd = 0x00080380; ClassName:
dow.
x=0, y=0, width=1, height=1
14:12:56 = hWnd = 0x000604e4; ClassName:
x=0, y=0, width=0, height=0
14:12:56 = hWnd = 0x0006037e; ClassName:
x=0, y=0, width=0, height=0
14:13:0 = Process Attach
14:13:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:13:0 = ##### Get event and release process #####

14:13:0 = begin close Process
14:13:0 = end close Process
14:13:0 = ##### Get event and release process end #####
14:13:0 = ***** NULL == SampleProvider *****

14:13:0 = hWnd = 0x00020076; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:13:0 = hWnd = 0x00040074; ClassName:
ow.
x=0, y=0, width=1, height=1
14:13:0 = hWnd = 0x0004003a; ClassName:
x=0, y=0, width=0, height=0
14:13:0 = hWnd = 0x00020084; ClassName:
x=0, y=0, width=0, height=0
22:19:20 = Process Attach
22:19:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:19:20 = * NULL == SampleProvider *

22:19:20 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:19:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:19:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:19:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:19:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:19:22 = s1.
22:19:22 = s2.
22:19:22
22:19:22
22:19:58
22:19:58
22:19:59
22:19:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:25:55 = Process Attach

22:25:55 = end process attach
22:25:55 = ***** NULL == SampleProvider *****
22:25:55 = ##### Begin waiting Mutex to release process #####
22:25:55 = hWnd = 0x0003044a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:25:55 = hWnd = 0x00040476; ClassName:
dow.
x=0, y=0, width=1, height=1
22:25:55 = hWnd = 0x00030446; ClassName:
x=0, y=0, width=0, height=0
22:25:55 = hWnd = 0x00030444; ClassName:
x=0, y=0, width=0, height=0
22:26:0 = Process Attach
22:26:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:26:0 = ##### Get event and release process #####

22:26:0 = begin close Process

22:26:0 = end close Process
22:26:0 = ##### Get event and release process end #####
22:26:0 = hWnd = 0x0004004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:26:0 = hWnd = 0x0003010a; ClassName:
ow.
x=0, y=0, width=1, height=1
22:26:0 = hWnd = 0x00050092; ClassName:
x=0, y=0, width=0, height=0
22:26:0 = hWnd = 0x0006003a; ClassName:
x=0, y=0, width=0, height=0
8:47:50 = Process Attach
8:47:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:50 = * NULL == SampleProvider *

8:47:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:47:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:47:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:47:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:47:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:47:54 = s1.
8:47:54 = s2.
8:47:59
8:47:59
8:48:31
8:48:31
8:48:32
8:48:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:23:24 = Process Attach

13:23:24 = end process attach
13:23:24 = ***** NULL == SampleProvider *****
13:23:24 = ##### Begin waiting Mutex to release process #####
13:23:24 = hWnd = 0x00390476; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:23:24 = hWnd = 0x0027063a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:23:24 = hWnd = 0x002a048c; ClassName:
x=0, y=0, width=0, height=0
13:23:24 = hWnd = 0x0014069e; ClassName:
x=0, y=0, width=0, height=0
13:23:29 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:23:29 = ## ERR ## Setevent

13:23:29 = ***** NULL == SampleProvider *****
13:23:29 = begin close Process
13:23:29 = end close Process
13:23:29 = ##### Get event and release process end #####
13:23:29 = hWnd = 0x001a0096; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:23:29 = hWnd = 0x002e0100; ClassName:
dow.
x=0, y=0, width=1, height=1
13:23:29 = hWnd = 0x003600b8; ClassName:
x=0, y=0, width=0, height=0
13:23:29 = hWnd = 0x000800a4; ClassName:
x=0, y=0, width=0, height=0
9:0:0 = Process Attach
9:0:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:0:0 = * NULL == SampleProvider *

9:0:0 = ##### Begin waiting Mutex to release process #####
9:0:0 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:0:0 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
9:0:0 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:0:0 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:0:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:0:6 = s1.
9:0:6 = s2.
9:0:7 = Start show animate
9:0:7 = Shell Excutute VerifyHost
9:0:40 = begin close Process
9:0:40 = Terminate Process
9:0:41 = end close Process
9:0:41 = DLL_PROCESS_DETACH
9:14:2 = Process Attach
9:14:2 = end process attach
9:14:2 = ***** NULL == SampleProvider *****
9:14:2 = ##### Begin waiting Mutex to release process #####
9:14:2 = hWnd = 0x0004046a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:14:2 = hWnd = 0x0005042a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

9:14:2 = hWnd = 0x0003043a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:14:2 = hWnd = 0x001905a4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:14:8 = Process Attach
9:14:8 = ## ERR ## Setevent
9:14:8 = ##### Get event and release process #####
9:14:8 = begin close Process
9:14:8 = end close Process
9:14:8 = ##### Get event and release process end #####
9:14:8 = ***** NULL == SampleProvider *****
9:14:8 = hWnd = 0x000300ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:14:8 = hWnd = 0x0004006e; ClassName:
w.
x=0, y=0, width=1, height=1
9:14:8 = hWnd = 0x00120094; ClassName:
x=0, y=0, width=0, height=0
9:14:8 = hWnd = 0x00050058; ClassName:
x=0, y=0, width=0, height=0
9:15:1 = Process Attach
9:15:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:1 = * NULL == SampleProvider *

9:15:1 = ##### Begin waiting Mutex to release process #####
9:15:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:15:1 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:15:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:15:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:15:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:20 = s1.
9:15:20 = s2.
9:15:20
9:15:20
9:16:22
9:16:22
9:16:23
9:16:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:39:15 = Process Attach

13:39:16 = end process attach
13:39:16 = ***** NULL == SampleProvider *****

13:39:16 = ##### Begin waiting Mutex to release process #####

13:39:16 = hWnd = 0x004204de; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:39:16 = hWnd = 0x000f05c2; ClassName:
dow.
x=0, y=0, width=1, height=1
13:39:16 = hWnd = 0x00080630; ClassName:
x=0, y=0, width=0, height=0
13:39:16 = hWnd = 0x007605b2; ClassName:
x=0, y=0, width=0, height=0
13:39:22 = Process Attach
13:39:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:39:22 = * NULL == SampleProvider *

13:39:22 = begin close Process
13:39:22 = end close Process
13:39:22 = ##### Get event and release process end #####
13:39:22 = hWnd = 0x001600e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:39:22 = hWnd = 0x001d0112; ClassName:
dow.
x=0, y=0, width=1, height=1
13:39:22 = hWnd = 0x001900f6; ClassName:
x=0, y=0, width=0, height=0
13:39:22 = hWnd = 0x000c0120; ClassName:
x=0, y=0, width=0, height=0
13:40:52 = Process Attach
13:40:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:40:52 = * NULL == SampleProvider *

13:40:52 = ##### Begin waiting Mutex to release process #####
13:40:52 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:40:52 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:40:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:40:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:40:55 = Need to re-create objects.
13:40:55 = s1.
13:40:55 = s2.
13:40:58
13:40:58
13:41:37
13:41:37
13:41:38

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:41:38 = DLL_PROCESS_DETACH
16:6:38 = Process Attach
16:6:38 = end process attach
16:6:38 = ***** NULL == SampleProvider *****
16:6:38 = ##### Begin waiting Mutex to release process #####
16:6:38 = hWnd = 0x000705c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:6:38 = hWnd = 0x0004063c; ClassName:
ow.
x=0, y=0, width=1, height=1
16:6:38 = hWnd = 0x00020616; ClassName:
x=0, y=0, width=0, height=0
16:6:38 = hWnd = 0x000705c8; ClassName:
x=0, y=0, width=0, height=0
16:6:49 = Process Attach
16:6:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:6:49 = * NULL == SampleProvider *

16:6:49 = begin close Process
16:6:49 = end close Process
16:6:49 = ##### Get event and release process end #####
16:6:49 = hWnd = 0x00360054; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:6:49 = hWnd = 0x0005004a; ClassName:
ow.
x=0, y=0, width=1, height=1
16:6:49 = hWnd = 0x0003010a; ClassName:
x=0, y=0, width=0, height=0
16:6:49 = hWnd = 0x00030096; ClassName:
x=0, y=0, width=0, height=0
16:8:7 = Process Attach
16:8:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:8:7 = * NULL == SampleProvider *

16:8:7 = ##### Begin waiting Mutex to release process #####
16:8:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:8:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
16:8:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:8:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:8:11 = Need to re-create objects.
16:8:11 = s1.
16:8:11 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:8:13
16:8:13
16:8:51
16:8:51
16:8:53
16:8:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:15:41 = Process Attach

0:15:41 = end process attach
0:15:41 = ***** NULL == SampleProvider *****
0:15:41 = ##### Begin waiting Mutex to release process #####
0:15:41 = hWnd = 0x008603c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:15:41 = hWnd = 0x00020308; ClassName:
ow.
x=0, y=0, width=1, height=1
0:15:41 = hWnd = 0x00170412; ClassName:
x=0, y=0, width=0, height=0
0:15:41 = hWnd = 0x000b040a; ClassName:
x=0, y=0, width=0, height=0
0:15:48 = Process Attach
0:15:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:15:48 = * NULL == SampleProvider *

0:15:48 = begin close Process
0:15:48 = end close Process
0:15:48 = ##### Get event and release process end #####
0:15:48 = hWnd = 0x000f00ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1280, height=768
0:15:48 = hWnd = 0x000d00ac; ClassName:
ow.
x=0, y=0, width=1, height=1
0:15:48 = hWnd = 0x003200fa; ClassName:
x=0, y=0, width=0, height=0
0:15:48 = hWnd = 0x000300b0; ClassName:
x=0, y=0, width=0, height=0
14:19:6 = Process Attach
14:19:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:19:7 = * NULL == SampleProvider *

14:19:7 = ##### Begin waiting Mutex to release process #####
14:19:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:19:7 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:19:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:19:8 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

14:19:10 = Need to re-create objects.
14:19:10 = s1.
14:19:10 = s2.
14:19:13
14:19:13
14:19:51
14:19:51
14:19:52
14:19:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:35:37 = Process Attach

21:35:37 = end process attach
21:35:37 = ***** NULL == SampleProvider *****
21:35:37 = ##### Begin waiting Mutex to release process #####
21:35:37 = hWnd = 0x0008054a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:35:37 = hWnd = 0x000705d4; ClassName:
dow.
x=0, y=0, width=1, height=1
21:35:37 = hWnd = 0x00050742; ClassName:
x=0, y=0, width=0, height=0
21:35:37 = hWnd = 0x0006073a; ClassName:
x=0, y=0, width=0, height=0
21:35:45 = Process Attach
21:35:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:35:45 = * NULL == SampleProvider *

21:35:45 = begin close Process
21:35:45 = end close Process
21:35:45 = ##### Get event and release process end #####
21:35:45 = hWnd = 0x0004009c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:35:45 = hWnd = 0x0005002a; ClassName:
dow.
x=0, y=0, width=1, height=1
21:35:45 = hWnd = 0x000c005e; ClassName:
x=0, y=0, width=0, height=0
21:35:45 = hWnd = 0x00060090; ClassName:
x=0, y=0, width=0, height=0
7:2:28 = Process Attach
7:2:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:2:28 = * NULL == SampleProvider *

7:2:28 = ##### Begin waiting Mutex to release process #####
7:2:28 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

7:2:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:2:30 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:2:30 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:2:32 = Need to re-create objects.
7:2:32 = s1.
7:2:32 = s2.
7:2:36
7:2:36
7:3:15
7:3:15
7:3:16
7:3:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:8:30 = Process Attach

7:8:30 = end process attach
7:8:30 = ***** NULL == SampleProvider *****
7:8:30 = ##### Begin waiting Mutex to release process #####
7:8:30 = hWnd = 0x0003047c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:8:30 = hWnd = 0x00040476; ClassName:
w.
x=0, y=0, width=1, height=1
7:8:30 = hWnd = 0x000b0548; ClassName:
x=0, y=0, width=0, height=0
7:8:30 = hWnd = 0x0008033c; ClassName:
x=0, y=0, width=0, height=0
7:8:36 = Process Attach
7:8:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:8:36 = ##### Get event and release process #####

7:8:36 = begin close Process
7:8:36 = end close Process
7:8:36 = ##### Get event and release process end #####
7:8:36 = ***** NULL == SampleProvider *****
7:8:36 = hWnd = 0x0005011e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:8:36 = hWnd = 0x000300ee; ClassName:
w.
x=0, y=0, width=1, height=1
7:8:36 = hWnd = 0x00010122; ClassName:
x=0, y=0, width=0, height=0
7:8:36 = hWnd = 0x0007011c; ClassName:
x=0, y=0, width=0, height=0
7:46:59 = Process Attach
7:47:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:0 = * NULL == SampleProvider *

7:47:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:47:0 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:47:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:47:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:47:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:4 = s1.
7:47:4 = s2.
7:47:8 = Start show animate
7:47:8 = Shell Excutute VerifyHost
7:47:45 = begin close Process
7:47:45 = Terminate Process
7:47:46 = end close Process
7:47:46 = DLL_PROCESS_DETACH
8:1:16 = Process Attach
8:1:16 = end process attach
8:1:16 = ***** NULL == SampleProvider *****
8:1:16 = ##### Begin waiting Mutex to release process #####
8:1:16 = hWnd = 0x000405c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:1:16 = hWnd = 0x00020502; ClassName:
w.
x=0, y=0, width=1, height=1
8:1:16 = hWnd = 0x000204fc; ClassName:
x=0, y=0, width=0, height=0
8:1:16 = hWnd = 0x0002051e; ClassName:
x=0, y=0, width=0, height=0
8:1:20 = Process Attach
8:1:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:1:20 = ##### Get event and release process #####

8:1:20 = begin close Process
8:1:20 = end close Process
8:1:20 = ##### Get event and release process end #####
8:1:20 = ***** NULL == SampleProvider *****
8:1:20 = hWnd = 0x00020044; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:1:20 = hWnd = 0x000300f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

8:1:20 = hWnd = 0x0006008c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
8:1:20 = hWnd = 0x0006002a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:28:51 = Process Attach
15:28:51 = end process attach
15:28:51 = ##### Begin waiting Mutex to release process #####
15:28:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:28:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:28:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:28:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:28:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:28:58 = s1.
15:28:58 = s2.
15:28:58
15:28:58
15:29:25
15:29:25
15:29:26
15:29:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:30:3 = Process Attach

21:30:3 = end process attach
21:30:3 = ***** NULL == SampleProvider *****
21:30:3 = ##### Begin waiting Mutex to release process #####
21:30:3 = hWnd = 0x000704b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:30:3 = hWnd = 0x000604ba; ClassName:
ow.
x=0, y=0, width=1, height=1
21:30:3 = hWnd = 0x0018056e; ClassName:
x=0, y=0, width=0, height=0
21:30:3 = hWnd = 0x000604c0; ClassName:
x=0, y=0, width=0, height=0
21:30:9 = Process Attach
21:30:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:30:9 = * NULL == SampleProvider *

21:30:9 = begin close Process
21:30:9 = end close Process
21:30:9 = ##### Get event and release process end #####
21:30:9 = hWnd = 0x000300aa; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
21:30:9 =
ow.
x=0, y=0,
21:30:9 =
x=0, y=0,
21:30:9 =
x=0, y=0,
7:52:13 =
7:52:13 =

width=1280, height=768
hWnd = 0x00370100; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00280066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000300ae; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:52:13 = * NULL == SampleProvider *

7:52:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:52:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:52:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:52:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:52:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:52:17 = s1.
7:52:17 = s2.
7:52:20 = Start show animate
7:52:20 = Shell Excutute VerifyHost
7:52:59 = begin close Process
7:52:59 = Terminate Process
7:53:0 = end close Process
7:53:0 = DLL_PROCESS_DETACH
12:35:26 = Process Attach
12:35:26 = end process attach
12:35:26 = ***** NULL == SampleProvider *****
12:35:26 = ##### Begin waiting Mutex to release process #####
12:35:26 = hWnd = 0x00340448; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:35:26 = hWnd = 0x000a083c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:35:26 = hWnd = 0x00bc05fc; ClassName:
x=0, y=0, width=0, height=0
12:35:26 = hWnd = 0x001406c6; ClassName:
x=0, y=0, width=0, height=0
12:35:32 = Process Attach
12:35:32 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:35:32 = ##### Get event and release process #####

12:35:32 = begin close Process
12:35:32 = end close Process

12:35:32 = ##### Get event and release process end #####

12:35:32 = hWnd = 0x002700c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:35:32 = hWnd = 0x006a00bc; ClassName:
dow.
x=0, y=0, width=1, height=1
12:35:32 = hWnd = 0x002300d0; ClassName:
x=0, y=0, width=0, height=0
12:35:32 = hWnd = 0x002300c0; ClassName:
x=0, y=0, width=0, height=0
13:7:42 = Process Attach
13:7:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:7:42 = * NULL == SampleProvider *

13:7:42 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:7:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:7:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:7:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:7:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:7:45 = s1.
13:7:45 = s2.
13:7:49
13:7:49
13:8:27
13:8:27
13:8:28
13:8:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:43:20 = Process Attach

14:43:20 = end process attach
14:43:20 = ***** NULL == SampleProvider *****
14:43:20 = ##### Begin waiting Mutex to release process #####
14:43:20 = hWnd = 0x000704d0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:43:20 = hWnd = 0x000b076c; ClassName:
dow.
x=0, y=0, width=1, height=1
14:43:20 = hWnd = 0x0006063e; ClassName:
x=0, y=0, width=0, height=0
14:43:20 = hWnd = 0x0006063c; ClassName:
x=0, y=0, width=0, height=0
14:43:27 = Process Attach
14:43:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:43:27 = ##### Get event and release process #####

14:43:27 = begin close Process
14:43:27 = end close Process
14:43:27 = ##### Get event and release process end #####
14:43:27 = hWnd = 0x0003002c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:18:58 = Process Attach
16:18:59 = end process attach
16:18:59 = ***** NULL == SampleProvider *****
16:18:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:18:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:19:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:19:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:19:2 = Need to re-create objects.
16:19:2 = s1.
16:19:2 = s2.
16:19:5 = Start show animate
16:19:5 = Shell Excutute VerifyHost
16:19:43 = begin close Process
16:19:43 = Terminate Process
16:19:44 = end close Process
16:19:44 = DLL_PROCESS_DETACH
16:27:44 = Process Attach
16:27:44 = end process attach
16:27:44 = ***** NULL == SampleProvider *****
16:27:44 = ##### Begin waiting Mutex to release process #####
16:27:44 = hWnd = 0x00030536; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:27:44 = hWnd = 0x0003053a; ClassName:
dow.
x=0, y=0, width=1, height=1
16:27:44 = hWnd = 0x000d055c; ClassName:
x=0, y=0, width=0, height=0
16:27:44 = hWnd = 0x0003053e; ClassName:
x=0, y=0, width=0, height=0
16:27:59 = Process Attach
16:27:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:27:59 = ##### Get event and release process #####

16:27:59 = begin close Process
16:27:59 = end close Process

16:27:59 = ##### Get event and release process end #####

16:27:59 = ***** NULL == SampleProvider *****
16:27:59 = hWnd = 0x00040108; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:27:59 = hWnd = 0x0004004c; ClassName:
dow.
x=0, y=0, width=1, height=1
16:27:59 = hWnd = 0x0003007c; ClassName:
x=0, y=0, width=0, height=0
16:27:59 = hWnd = 0x0006008a; ClassName:
x=0, y=0, width=0, height=0
16:29:19 = Process Attach
16:29:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:29:19 = * NULL == SampleProvider *

16:29:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:29:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:29:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:29:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:29:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:29:22 = s1.
16:29:22 = s2.
16:29:26 = Start show animate
16:29:26 = Shell Excutute VerifyHost
16:30:5 = begin close Process
16:30:5 = Terminate Process
16:30:7 = end close Process
16:30:7 = DLL_PROCESS_DETACH
21:14:54 = Process Attach
21:14:54 = end process attach
21:14:54 = ***** NULL == SampleProvider *****
21:14:54 = hWnd = 0x00260e00; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:14:54 = hWnd = 0x005c0632; ClassName:
dow.
x=0, y=0, width=1, height=1
21:14:54 = hWnd = 0x0006102e; ClassName:
x=0, y=0, width=0, height=0
21:14:54 = hWnd = 0x001d035a; ClassName:
x=0, y=0, width=0, height=0
21:15:2 = Process Attach
21:15:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:15:2 = * NULL == SampleProvider *

21:15:2 = begin close Process
21:15:2 = end close Process
21:15:2 = ##### Get event and release process end #####
21:15:2 = hWnd = 0x0027010c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:15:2 = hWnd = 0x003a006c; ClassName:
ow.
x=0, y=0, width=1, height=1
21:15:2 = hWnd = 0x003b012c; ClassName:
x=0, y=0, width=0, height=0
21:15:2 = hWnd = 0x001e00f0; ClassName:
x=0, y=0, width=0, height=0
21:17:7 = Process Attach
21:17:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:17:7 = * NULL == SampleProvider *

21:17:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:17:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
21:17:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:17:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:17:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:17:11 = s1.
21:17:11 = s2.
21:17:14
21:17:14
21:17:52
21:17:52
21:17:53
21:17:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:0:50 = Process Attach

22:0:50 = end process attach
22:0:50 = ***** NULL == SampleProvider *****
22:0:50 = ##### Begin waiting Mutex to release process #####
22:0:50 = hWnd = 0x00040a16; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:0:50 = hWnd = 0x0008072a; ClassName:
ow.
x=0, y=0, width=1, height=1
22:0:50 = hWnd = 0x00030a2e; ClassName:
x=0, y=0, width=0, height=0
22:0:50 = hWnd = 0x00050b24; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

22:0:55 = Process Attach
22:0:55 = ## ERR ## Setevent
22:0:55 = ##### Get event and release process #####
22:0:55 = begin close Process
22:0:55 = end close Process
22:0:55 = ##### Get event and release process end #####
22:0:55 = ***** NULL == SampleProvider *****
22:0:55 = hWnd = 0x00060072; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:0:55 = hWnd = 0x00260090; ClassName:
ow.
x=0, y=0, width=1, height=1
22:0:55 = hWnd = 0x00020058; ClassName:
x=0, y=0, width=0, height=0
22:0:55 = hWnd = 0x0006004c; ClassName:
x=0, y=0, width=0, height=0
10:38:9 = Process Attach
10:38:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:38:9 = * NULL == SampleProvider *

10:38:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:38:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:38:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:38:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:38:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:38:14 = s1.
10:38:14 = s2.
10:38:16
10:38:16
10:38:54
10:38:54
10:38:56
10:38:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:0:16 = Process Attach

12:0:16 = end process attach
12:0:16 = ***** NULL == SampleProvider *****
12:0:16 = ##### Begin waiting Mutex to release process #####
12:0:16 = hWnd = 0x000a03a4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

12:0:16 =
ow.
x=0, y=0,
12:0:16 =
x=0, y=0,
12:0:16 =
x=0, y=0,
12:0:26 =
12:0:26 =

hWnd = 0x000c038c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000d04bc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0009036e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

12:0:26 = * NULL == SampleProvider *

12:0:26 = begin close Process
12:0:26 = end close Process
12:0:26 = ##### Get event and release process end #####
12:0:26 = hWnd = 0x001b006a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:0:26 = hWnd = 0x00030038; ClassName:
ow.
x=0, y=0, width=1, height=1
12:0:26 = hWnd = 0x000d0044; ClassName:
x=0, y=0, width=0, height=0
12:0:26 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
15:12:45 = Process Attach
15:12:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:12:45 = * NULL == SampleProvider *

15:12:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:12:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:12:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:12:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:12:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:12:51 = s1.
15:12:51 = s2.
15:12:55
15:12:55
15:13:32
15:13:33
15:13:34
15:13:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:13:29 = Process Attach

16:13:29 = end process attach
16:13:29 = ***** NULL == SampleProvider *****
16:13:29 = ##### Begin waiting Mutex to release process #####

16:13:29 = hWnd = 0x000c052a; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:13:29 = hWnd = 0x000b02a4; ClassName:
dow.
x=0, y=0, width=1, height=1
16:13:29 = hWnd = 0x000804f2; ClassName:
x=0, y=0, width=0, height=0
16:13:29 = hWnd = 0x0012034a; ClassName:
x=0, y=0, width=0, height=0
16:13:34 = Process Attach
16:13:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:13:34 = ##### Get event and release process #####

16:13:34 = begin close Process
16:13:34 = end close Process
16:13:34 = ##### Get event and release process end #####
16:13:34 = hWnd = 0x0009004c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:13:34 = hWnd = 0x0012004e; ClassName:
dow.
x=0, y=0, width=1, height=1
16:13:34 = hWnd = 0x000600b6; ClassName:
x=0, y=0, width=0, height=0
16:13:34 = hWnd = 0x0006011c; ClassName:
x=0, y=0, width=0, height=0
21:16:14 = Process Attach
21:16:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:16:14 = * NULL == SampleProvider *

21:16:14 = ##### Begin waiting Mutex to release process #####
21:16:14 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:16:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:16:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:16:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:16:19 = Need to re-create objects.
21:16:19 = s1.
21:16:19 = s2.
21:16:22 = Start show animate
21:16:22 = Shell Excutute VerifyHost
21:17:0 = begin close Process
21:17:0 = Terminate Process
21:17:1 = end close Process
21:17:1 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:12:33 = Process Attach

23:12:33 = end process attach
23:12:33 = ***** NULL == SampleProvider *****
23:12:33 = ##### Begin waiting Mutex to release process #####
23:12:33 = hWnd = 0x00050352; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:12:33 = hWnd = 0x000e044e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:12:33 = hWnd = 0x00060494; ClassName:
x=0, y=0, width=0, height=0
23:12:33 = hWnd = 0x0008048a; ClassName:
x=0, y=0, width=0, height=0
23:12:37 = Process Attach
23:12:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:12:37 = ##### Get event and release process #####

23:12:37 = begin close Process
23:12:37 = end close Process
23:12:37 = ##### Get event and release process end #####
23:12:37 = hWnd = 0x000500d0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:12:37 = hWnd = 0x001600d8; ClassName:
dow.
x=0, y=0, width=1, height=1
23:12:37 = hWnd = 0x000600c2; ClassName:
x=0, y=0, width=0, height=0
23:12:37 = hWnd = 0x0004007e; ClassName:
x=0, y=0, width=0, height=0
10:19:17 = Process Attach
10:19:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:19:17 = * NULL == SampleProvider *

10:19:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:19:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:19:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:19:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:19:22 = Need to re-create objects.
10:19:22 = s1.
10:19:22 = s2.
10:19:24 = Start show animate
10:19:24 = Shell Excutute VerifyHost
10:20:8 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:20:8 = Terminate Process

10:20:9 = end close Process
10:20:9 = DLL_PROCESS_DETACH
12:36:53 = Process Attach
12:36:53 = end process attach
12:36:53 = ***** NULL == SampleProvider *****
12:36:53 = ##### Begin waiting Mutex to release process #####
12:36:53 = hWnd = 0x0021055e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:36:53 = hWnd = 0x000f068e; ClassName:
dow.
x=0, y=0, width=1, height=1
12:36:53 = hWnd = 0x00110678; ClassName:
x=0, y=0, width=0, height=0
12:36:53 = hWnd = 0x0011067e; ClassName:
x=0, y=0, width=0, height=0
12:36:59 = Process Attach
12:36:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:36:59 = * NULL == SampleProvider *

12:36:59 = begin close Process
12:36:59 = end close Process
12:36:59 = ##### Get event and release process end #####
12:36:59 = hWnd = 0x001300fa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:36:59 = hWnd = 0x001500f0; ClassName:
dow.
x=0, y=0, width=1, height=1
12:36:59 = hWnd = 0x001100fc; ClassName:
x=0, y=0, width=0, height=0
12:36:59 = hWnd = 0x00090118; ClassName:
x=0, y=0, width=0, height=0
20:40:34 = Process Attach
20:40:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:40:34 = * NULL == SampleProvider *

20:40:34 = ##### Begin waiting Mutex to release process #####
20:40:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:40:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:40:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:40:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:40:41 = Need to re-create objects.
20:40:41 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:40:41 = s2.
20:40:45
20:40:45
20:41:22
20:41:22
20:41:23
20:41:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:57:42 = Process Attach

21:57:42 = end process attach
21:57:42 = ***** NULL == SampleProvider *****
21:57:42 = ##### Begin waiting Mutex to release process #####
21:57:42 = hWnd = 0x001003e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:57:42 = hWnd = 0x0008038c; ClassName:
dow.
x=0, y=0, width=1, height=1
21:57:42 = hWnd = 0x001a0542; ClassName:
x=0, y=0, width=0, height=0
21:57:42 = hWnd = 0x00060380; ClassName:
x=0, y=0, width=0, height=0
21:57:47 = Process Attach
21:57:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:57:47 = ##### Get event and release process #####

21:57:47 = begin close Process
21:57:47 = end close Process
21:57:47 = ##### Get event and release process end #####
21:57:47 = hWnd = 0x000a00b8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:57:47 = hWnd = 0x00030080; ClassName:
dow.
x=0, y=0, width=1, height=1
21:57:47 = hWnd = 0x00080090; ClassName:
x=0, y=0, width=0, height=0
21:57:47 = hWnd = 0x008c003a; ClassName:
x=0, y=0, width=0, height=0
23:4:55 = Process Attach
23:4:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:4:55 = * NULL == SampleProvider *

23:4:55 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:4:55 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
23:4:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:4:55 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

23:4:58 = Need to re-create objects.
23:4:58 = s1.
23:4:58 = s2.
23:4:58
23:4:58
23:5:32
23:5:32
23:5:33
23:5:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:22:44 = Process Attach

23:22:44 = end process attach
23:22:44 = ***** NULL == SampleProvider *****
23:22:44 = ##### Begin waiting Mutex to release process #####
23:22:44 = hWnd = 0x000404f2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:22:44 = hWnd = 0x000404da; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:44 = hWnd = 0x000304fa; ClassName:
x=0, y=0, width=0, height=0
23:22:44 = hWnd = 0x000304fe; ClassName:
x=0, y=0, width=0, height=0
23:22:48 = Process Attach
23:22:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:48 = * NULL == SampleProvider *

23:22:48 = begin close Process
23:22:48 = end close Process
23:22:48 = ##### Get event and release process end #####
23:22:48 = hWnd = 0x0003005a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:22:48 = hWnd = 0x0024007c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:48 = hWnd = 0x000200be; ClassName:
x=0, y=0, width=0, height=0
23:22:48 = hWnd = 0x00080088; ClassName:
x=0, y=0, width=0, height=0
9:20:54 = Process Attach
9:20:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:20:54 = * NULL == SampleProvider *

9:20:54 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:20:54 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
9:20:54 =
x=0, y=0,
9:20:54 =
x=0, y=0,
9:20:54 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

9:20:54 = s1.
9:20:54 = s2.
9:20:57
9:20:57
9:21:29
9:21:29
9:21:30
9:21:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:2:43 = Process Attach

11:2:43 = end process attach
11:2:43 = ***** NULL == SampleProvider *****
11:2:43 = ##### Begin waiting Mutex to release process #####
11:2:43 = hWnd = 0x00040490; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:2:43 = hWnd = 0x0003044e; ClassName:
ow.
x=0, y=0, width=1, height=1
11:2:43 = hWnd = 0x00040424; ClassName:
x=0, y=0, width=0, height=0
11:2:43 = hWnd = 0x00030444; ClassName:
x=0, y=0, width=0, height=0
11:2:52 = Process Attach
11:2:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:2:52 = * NULL == SampleProvider *

11:2:52 = begin close Process
11:2:52 = end close Process
11:2:52 = ##### Get event and release process end #####
11:2:52 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:2:52 = hWnd = 0x000300ac; ClassName:
ow.
x=0, y=0, width=1, height=1
11:2:52 = hWnd = 0x000800d0; ClassName:
x=0, y=0, width=0, height=0
11:2:52 = hWnd = 0x000300b4; ClassName:
x=0, y=0, width=0, height=0
11:22:48 = Process Attach
11:22:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:22:48 = * NULL == SampleProvider *

11:22:48 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
11:22:48 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:22:49 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:22:49 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:22:54 = Need to re-create objects.
11:22:54 = s1.
11:22:54 = s2.
11:22:58
11:22:58
11:23:34
11:23:34
11:23:35
11:23:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:38:49 = Process Attach

12:38:49 = end process attach
12:38:49 = ***** NULL == SampleProvider *****
12:38:49 = ##### Begin waiting Mutex to release process #####
12:38:49 = hWnd = 0x000502aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:38:49 = hWnd = 0x0012051e; ClassName:
dow.
x=0, y=0, width=1, height=1
12:38:49 = hWnd = 0x000404f2; ClassName:
x=0, y=0, width=0, height=0
12:38:49 = hWnd = 0x000504bc; ClassName:
x=0, y=0, width=0, height=0
12:38:53 = Process Attach
12:38:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:38:53 = ##### Get event and release process #####

12:38:53 = ***** NULL == SampleProvider *****
12:38:53 = hWnd = 0x000400ec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:38:53 = hWnd = 0x000300c2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:38:53 = hWnd = 0x00020104; ClassName:
x=0, y=0, width=0, height=0
12:38:53 = hWnd = 0x000800c4; ClassName:
x=0, y=0, width=0, height=0
13:3:39 = Process Attach
13:3:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:3:39 = * NULL == SampleProvider *

13:3:39 = ##### Begin waiting Mutex to release process #####

13:3:39 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:3:39 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:3:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:3:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:3:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:3:39 = s1.
13:3:39 = s2.
13:3:40 = Start show animate
13:3:40 = Shell Excutute VerifyHost
13:3:59 = begin close Process
13:3:59 = Terminate Process
13:4:0 = end close Process
13:4:0 = DLL_PROCESS_DETACH
13:52:34 = Process Attach
13:52:34 = end process attach
13:52:34 = ***** NULL == SampleProvider *****
13:52:34 = hWnd = 0x00040446; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:52:34 = hWnd = 0x00020368; ClassName:
dow.
x=0, y=0, width=1, height=1
13:52:34 = hWnd = 0x00030698; ClassName:
x=0, y=0, width=0, height=0
13:52:34 = hWnd = 0x0002036a; ClassName:
x=0, y=0, width=0, height=0
13:52:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:52:34 = s1.
13:52:34 = s2.
13:52:34
13:52:34
14:21:20
14:21:20
14:21:21
14:21:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:59:30 = Process Attach

16:59:30 = end process attach
16:59:30 = ***** NULL == SampleProvider *****
16:59:30 = ##### Begin waiting Mutex to release process #####

16:59:30 = hWnd = 0x000804e6; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:59:30 = hWnd = 0x000e01ec; ClassName:
dow.
x=0, y=0, width=1, height=1
16:59:30 = hWnd = 0x0019049e; ClassName:
x=0, y=0, width=0, height=0
16:59:30 = hWnd = 0x000904d8; ClassName:
x=0, y=0, width=0, height=0
16:59:35 = Process Attach
16:59:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:59:35 = ##### Get event and release process #####

16:59:35 = begin close Process
16:59:35 = end close Process
16:59:35 = ***** NULL == SampleProvider *****
16:59:35 = hWnd = 0x001500f4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:59:35 = hWnd = 0x000400be; ClassName:
dow.
x=0, y=0, width=1, height=1
16:59:35 = hWnd = 0x000e00ca; ClassName:
x=0, y=0, width=0, height=0
16:59:35 = hWnd = 0x000e0066; ClassName:
x=0, y=0, width=0, height=0
22:51:4 = Process Attach
22:51:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:51:4 = * NULL == SampleProvider *

22:51:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:51:5 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:51:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:51:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:51:8 = Need to re-create objects.
22:51:8 = s1.
22:51:8 = s2.
22:51:13
22:51:13
22:51:50
22:51:50
22:51:51
22:51:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:39:42 = Process Attach

0:39:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:39:42 = * NULL == SampleProvider *

0:39:42 = ##### Begin waiting Mutex to release process #####
0:39:42 = hWnd = 0x00070442; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:39:42 = hWnd = 0x00100530; ClassName:
ow.
x=0, y=0, width=1, height=1
0:39:42 = hWnd = 0x00060438; ClassName:
x=0, y=0, width=0, height=0
0:39:42 = hWnd = 0x00090460; ClassName:
x=0, y=0, width=0, height=0
0:39:47 = Process Attach
0:39:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:39:47 = * NULL == SampleProvider *

0:39:47 = begin close Process
0:39:47 = end close Process
0:39:47 = ##### Get event and release process end #####
0:39:47 = hWnd = 0x000800f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:39:47 = hWnd = 0x0005004c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:39:47 = hWnd = 0x000d00f2; ClassName:
x=0, y=0, width=0, height=0
0:39:47 = hWnd = 0x000300e2; ClassName:
x=0, y=0, width=0, height=0
8:10:22 = Process Attach
8:10:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:10:22 = * NULL == SampleProvider *

8:10:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:10:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:10:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:10:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:10:27 = Need to re-create objects.
8:10:27 = s1.
8:10:27 = s2.
8:10:27
8:10:27
8:10:56
8:10:56
8:10:57

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:10:57 = DLL_PROCESS_DETACH
9:42:49 = Process Attach
9:42:49 = end process attach
9:42:49 = ***** NULL == SampleProvider *****
9:42:49 = ##### Begin waiting Mutex to release process #####
9:42:49 = hWnd = 0x000b04d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:42:49 = hWnd = 0x000202f4; ClassName:
ow.
x=0, y=0, width=1, height=1
9:42:49 = hWnd = 0x001a0588; ClassName:
x=0, y=0, width=0, height=0
9:42:49 = hWnd = 0x00030466; ClassName:
x=0, y=0, width=0, height=0
9:42:49 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:42:49 = s1.
9:42:49 = s2.
9:42:49 = Start show animate
9:42:49 = Shell Excutute VerifyHost
19:5:9 = begin close Process
19:5:9 = Terminate Process
19:5:10 = end close Process
19:5:10 = DLL_PROCESS_DETACH
19:5:10 = Process Attach
19:5:10 = end process attach
19:5:10 = ##### Begin waiting Mutex to release process #####
19:5:10 = hWnd = 0x00040438; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:5:10 = hWnd = 0x0008058c; ClassName:
ow.
x=0, y=0, width=1, height=1
19:5:10 = hWnd = 0x002b0578; ClassName:
x=0, y=0, width=0, height=0
19:5:10 = hWnd = 0x0018056a; ClassName:
x=0, y=0, width=0, height=0
19:5:10 = Need to re-create objects.
19:5:10 = s1.
19:5:10 = s2.
19:5:10
19:5:10
19:5:25
19:5:25
19:5:26
19:5:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:57:38 = Process Attach

23:57:39 = end process attach
23:57:39 = ***** NULL == SampleProvider *****
23:57:39 = hWnd = 0x004b05bc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:57:39 = hWnd = 0x003f05e4; ClassName:
dow.
x=0, y=0, width=1, height=1
23:57:39 = hWnd = 0x00e9045c; ClassName:
x=0, y=0, width=0, height=0
23:57:39 = hWnd = 0x00220484; ClassName:
x=0, y=0, width=0, height=0
0:0:37 = Process Attach
0:0:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:0:37 = ##### Get event and release process #####

0:0:37 = ***** NULL == SampleProvider *****
0:0:37 = end close Process
0:0:37 = ##### Get event and release process end #####
0:0:37 = hWnd = 0x0016010c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:0:37 = hWnd = 0x000c00fe; ClassName:
w.
x=0, y=0, width=1, height=1
0:0:37 = hWnd = 0x00160074; ClassName:
x=0, y=0, width=0, height=0
0:0:37 = hWnd = 0x00050114; ClassName:
x=0, y=0, width=0, height=0
6:50:42 = Process Attach
6:50:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:50:42 = * NULL == SampleProvider *

6:50:42 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:50:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:50:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:50:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:50:46 = Need to re-create objects.
6:50:46 = s1.
6:50:46 = s2.
6:50:51
6:50:51
6:51:29
6:51:29

0:13:57 = begin close Process
0:13:57 = end close Process
0:13:57 = ##### Get event and release process end #####
0:13:57 = hWnd = 0x000e00a8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:13:57 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:13:57 = hWnd = 0x000e005e; ClassName:
x=0, y=0, width=0, height=0
0:13:57 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
7:36:13 = Process Attach
7:36:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:36:14 = * NULL == SampleProvider *

7:36:14 = ##### Begin waiting Mutex to release process #####
7:36:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:36:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:36:15 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:36:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:36:17 = Need to re-create objects.
7:36:17 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:36:17 = s2.
7:36:17
7:36:17
7:36:51
7:36:51
7:36:52
7:36:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:50:47 = Process Attach

8:50:47 = end process attach
8:50:47 = ***** NULL == SampleProvider *****
8:50:47 = ##### Begin waiting Mutex to release process #####
8:50:47 =
ow.
x=0, y=0,
8:50:47 =
x=0, y=0,
8:50:47 =
x=0, y=0,
8:51:18 =
8:51:18 =

hWnd = 0x000f04b4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000b04ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000204d0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

8:51:18 = ##### Get event and release process #####

8:51:18 = begin close Process
8:51:18 = end close Process
8:51:18 = ##### Get event and release process end #####
8:51:18 = hWnd = 0x0042010c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:51:18 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
8:51:18 = hWnd = 0x000900ea; ClassName:
x=0, y=0, width=0, height=0
8:51:18 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
12:12:1 = Process Attach
12:12:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:12:2 = * NULL == SampleProvider *

12:12:2 = ##### Begin waiting Mutex to release process #####
12:12:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:12:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:12:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:12:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:12:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:12:7 = s1.
12:12:7 = s2.
12:12:8 = Start show animate
12:12:8 = Shell Excutute VerifyHost
12:12:41 = begin close Process
12:12:41 = Terminate Process
12:12:42 = end close Process
12:12:42 = DLL_PROCESS_DETACH
15:56:15 = Process Attach
15:56:15 = end process attach
15:56:15 = ***** NULL == SampleProvider *****
15:56:15 = hWnd = 0x00020488; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:56:15 = hWnd = 0x0003046e; ClassName:
dow.
x=0, y=0, width=1, height=1
15:56:15 = hWnd = 0x00040474; ClassName:
x=0, y=0, width=0, height=0
15:56:15 = hWnd = 0x0002048a; ClassName:
x=0, y=0, width=0, height=0
15:56:46 = Process Attach
15:56:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:56:46 = * NULL == SampleProvider *

15:56:46 = begin close Process
15:56:46 = end close Process
15:56:46 = ##### Get event and release process end #####
15:56:46 = hWnd = 0x00100108; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:56:46 = hWnd = 0x000300a2; ClassName:
dow.
x=0, y=0, width=1, height=1
15:56:46 = hWnd = 0x00020158; ClassName:
x=0, y=0, width=0, height=0
15:56:46 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
17:32:35 = Process Attach
17:32:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:32:35 = ##### Begin waiting Mutex to release process #####

17:32:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:32:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:32:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:32:36 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

17:32:39 = Need to re-create objects.
17:32:39 = s1.
17:32:39 = s2.
17:32:41
17:32:41
17:33:13
17:33:13
17:33:15
17:33:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:38:33 = Process Attach

20:38:33 = end process attach
20:38:33 = ***** NULL == SampleProvider *****
20:38:33 = ##### Begin waiting Mutex to release process #####
20:38:33 = hWnd = 0x00200560; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:38:33 = hWnd = 0x00230724; ClassName:
dow.
x=0, y=0, width=1, height=1
20:38:33 = hWnd = 0x0021058e; ClassName:
x=0, y=0, width=0, height=0
20:38:33 = hWnd = 0x00060458; ClassName:
x=0, y=0, width=0, height=0
20:39:13 = Process Attach
20:39:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:39:13 = ##### Get event and release process #####

20:39:13 = begin close Process
20:39:13 = end close Process
20:39:13 = ##### Get event and release process end #####
20:39:13 = hWnd = 0x0027002e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:39:13 = hWnd = 0x000200ac; ClassName:
dow.
x=0, y=0, width=1, height=1
20:39:13 = hWnd = 0x0017010e; ClassName:
x=0, y=0, width=0, height=0
20:39:13 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
20:43:20 = Process Attach
20:43:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:43:20 = ##### Begin waiting Mutex to release process #####

20:43:20 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:43:20 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

20:43:20 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:43:20 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:43:20 = Need to re-create objects.
20:43:20 = s1.
20:43:20 = s2.
20:43:20
20:43:20
20:43:42
20:43:42
20:43:43
20:43:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:20:23 = Process Attach

0:20:23 = end process attach
0:20:23 = ***** NULL == SampleProvider *****
0:20:23 = ##### Begin waiting Mutex to release process #####
0:20:23 =
ow.
x=0, y=0,
0:20:23 =
x=0, y=0,
0:20:23 =
x=0, y=0,
0:20:55 =
0:20:55 =

hWnd = 0x000b0638; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00090bf4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001007e4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:20:55 = * NULL == SampleProvider *

0:20:55 = begin close Process
0:20:55 = end close Process
0:20:55 = ##### Get event and release process end #####
0:20:55 = hWnd = 0x002d0106; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:20:55 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
0:20:55 = hWnd = 0x0028006e; ClassName:
x=0, y=0, width=0, height=0
0:20:55 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
7:35:50 = Process Attach
7:35:50 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:35:50 = * NULL == SampleProvider *

7:35:50 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:35:51 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
7:35:51 =
x=0, y=0,
7:35:51 =
x=0, y=0,
7:35:54 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

7:35:54 = s1.
7:35:54 = s2.
7:35:59
7:35:59
7:36:36
7:36:36
7:36:37
7:36:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:7:11 = Process Attach

8:7:11 = end process attach
8:7:11 = ***** NULL == SampleProvider *****
8:7:11 = ##### Begin waiting Mutex to release process #####
8:7:11 = hWnd = 0x000405d6; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
8:7:11 = hWnd = 0x000305da; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:7:11 = hWnd = 0x000505d8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:8:9 = Process Attach
8:8:9 = ## ERR ## Setevent
8:8:9 = ***** NULL == SampleProvider *****
8:8:9 = begin close Process
8:8:9 = end close Process
8:8:9 = ##### Get event and release process end #####
8:8:9 = hWnd = 0x000600ca; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:8:9 = hWnd = 0x0003002c; ClassName:
.
x=0, y=0, width=1, height=1
8:8:9 = hWnd = 0x000400c8; ClassName:
x=0, y=0, width=0, height=0
8:8:9 = hWnd = 0x0004002a; ClassName:
x=0, y=0, width=0, height=0
15:28:14 = Process Attach
15:28:14 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:28:14 = * NULL == SampleProvider *

15:28:14 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

15:28:22 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:28:22 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:28:22 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:28:22 = Need to re-create objects.
15:28:22 = s1.
15:28:22 = s2.
15:28:24 = Start show animate
15:28:24 = Shell Excutute VerifyHost
15:29:2 = begin close Process
15:29:2 = Terminate Process
15:29:3 = end close Process
15:29:3 = DLL_PROCESS_DETACH
16:42:12 = Process Attach
16:42:12 = end process attach
16:42:12 = ***** NULL == SampleProvider *****
16:42:12 = ##### Begin waiting Mutex to release process #####
16:42:12 = hWnd = 0x000e056e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:42:12 = hWnd = 0x000504ae; ClassName:
dow.
x=0, y=0, width=1, height=1
16:42:12 = hWnd = 0x00130496; ClassName:
x=0, y=0, width=0, height=0
16:42:12 = hWnd = 0x0016051c; ClassName:
x=0, y=0, width=0, height=0
16:42:20 = Process Attach
16:42:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:42:20 = * NULL == SampleProvider *

16:42:20 = begin close Process
16:42:20 = end close Process
16:42:20 = ##### Get event and release process end #####
16:42:20 = hWnd = 0x000400ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:42:20 = hWnd = 0x000b007e; ClassName:
dow.
x=0, y=0, width=1, height=1
16:42:20 = hWnd = 0x002800c4; ClassName:
x=0, y=0, width=0, height=0
16:42:20 = hWnd = 0x001100f0; ClassName:
x=0, y=0, width=0, height=0
20:11:20 = Process Attach
20:11:20 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:11:20 = * NULL == SampleProvider *

20:11:20 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:11:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:11:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:11:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:11:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:11:21 = s1.
20:11:21 = s2.
20:11:27
20:11:27
20:12:11
20:12:11
20:12:12
20:12:12

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:2:5 = * NULL == SampleProvider *

0:2:5 = begin close Process
0:2:5 = end close Process
0:2:5 = ##### Get event and release process end #####
0:2:5 = hWnd = 0x000200ac; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:2:5 = hWnd = 0x000200a6; ClassName:
.
x=0, y=0, width=1, height=1
0:2:5 = hWnd = 0x002e00cc; ClassName:
x=0, y=0, width=0, height=0
0:2:5 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
4:27:55 = Process Attach
4:27:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:27:55 = * NULL == SampleProvider *

4:27:55 = ##### Begin waiting Mutex to release process #####
4:27:55 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:27:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

4:27:56 =
x=0, y=0,
4:27:56 =
x=0, y=0,
4:27:56 =

hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:32:9 = Process Attach

6:32:9 = end process attach
6:32:9 = ***** NULL == SampleProvider *****
6:32:9 = ##### Begin waiting Mutex to release process #####
6:32:9 = hWnd = 0x000404fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:32:9 = hWnd = 0x00020584; ClassName:
w.
x=0, y=0, width=1, height=1
6:32:9 = hWnd = 0x0004056a; ClassName:
x=0, y=0, width=0, height=0
6:32:9 = hWnd = 0x000504de; ClassName:
x=0, y=0, width=0, height=0
6:32:13 = Process Attach
6:32:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:32:13 = ##### Get event and release process #####

6:32:13 = begin close Process
6:32:13 = end close Process
6:32:13 = ##### Get event and release process end #####
6:32:13 = hWnd = 0x0004008e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
6:32:13 = hWnd = 0x0003005e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

6:32:13 =
x=0, y=0,
6:32:13 =
x=0, y=0,
13:5:35 =
13:5:35 =

hWnd = 0x00040092; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000200be; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

13:5:35 = * NULL == SampleProvider *

13:5:35 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:5:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:5:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:5:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:5:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:5:36 = s1.
13:5:36 = s2.
13:5:36 = Start show animate
13:5:36 = Shell Excutute VerifyHost
13:6:2 = begin close Process
13:6:2 = Terminate Process
13:6:3 = end close Process
13:6:3 = DLL_PROCESS_DETACH
14:20:42 = Process Attach
14:20:42 = end process attach
14:20:42 = ***** NULL == SampleProvider *****
14:20:42 = hWnd = 0x00c404e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:20:42 = hWnd = 0x000804a8; ClassName:
dow.
x=0, y=0, width=1, height=1
14:20:42 = hWnd = 0x001b04dc; ClassName:
x=0, y=0, width=0, height=0
14:20:42 = hWnd = 0x00040494; ClassName:
x=0, y=0, width=0, height=0
14:21:13 = Process Attach
14:21:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:21:13 = * NULL == SampleProvider *

14:21:13 = begin close Process
14:21:13 = end close Process
14:21:13 = ##### Get event and release process end #####
14:21:13 = hWnd = 0x000500c0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:21:13 = hWnd = 0x0005002a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
14:21:13 = hWnd = 0x000500c4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:21:13 = hWnd = 0x000200b6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:18:24 = Process Attach
19:18:24 = end process attach
19:18:24 = ***** NULL == SampleProvider *****
19:18:24 = ##### Begin waiting Mutex to release process #####
19:18:24 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:18:25 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:18:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:18:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:18:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:18:28 = s1.
19:18:28 = s2.
19:18:32
19:18:32
19:19:10
19:19:10
19:19:11
19:19:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:49:24 = Process Attach

22:49:24 = end process attach
22:49:24 = ***** NULL == SampleProvider *****
22:49:24 = ##### Begin waiting Mutex to release process #####
22:49:24 = hWnd = 0x000204ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:49:24 = hWnd = 0x000204bc; ClassName:
dow.
x=0, y=0, width=1, height=1
22:49:24 = hWnd = 0x00050504; ClassName:
x=0, y=0, width=0, height=0
22:49:24 = hWnd = 0x000204b4; ClassName:
x=0, y=0, width=0, height=0
22:50:1 = Process Attach
22:50:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:50:1 = * NULL == SampleProvider *

22:50:1 = begin close Process
22:50:1 = end close Process

22:50:1 = ##### Get event and release process end #####

22:50:1 = hWnd = 0x00060028; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:50:1 = hWnd = 0x00030042; ClassName:
ow.
x=0, y=0, width=1, height=1
22:50:1 = hWnd = 0x002e0110; ClassName:
x=0, y=0, width=0, height=0
22:50:1 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
13:20:16 = Process Attach
13:20:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:20:16 = ##### Begin waiting Mutex to release process #####

13:20:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:20:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:20:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:20:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:20:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:20:17 = s1.
13:20:17 = s2.
13:20:22
13:20:22
13:20:48
13:20:48
13:20:49
13:20:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:6:51 = Process Attach

14:6:51 = end process attach
14:6:51 = ***** NULL == SampleProvider *****
14:6:51 = ##### Begin waiting Mutex to release process #####
14:6:51 = hWnd = 0x00010476; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:6:51 = hWnd = 0x00010472; ClassName:
ow.
x=0, y=0, width=1, height=1
14:6:51 = hWnd = 0x0001047c; ClassName:
x=0, y=0, width=0, height=0
14:6:51 = hWnd = 0x00010474; ClassName:
x=0, y=0, width=0, height=0
14:6:57 = Process Attach
14:6:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:6:57 = * NULL == SampleProvider *

14:6:57 = begin close Process
14:6:57 = end close Process
14:6:57 = ##### Get event and release process end #####
14:6:57 = hWnd = 0x000200ae; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:6:57 = hWnd = 0x000200a6; ClassName:
ow.
x=0, y=0, width=1, height=1
14:6:57 = hWnd = 0x0008009e; ClassName:
x=0, y=0, width=0, height=0
14:6:57 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
17:51:7 = Process Attach
17:51:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:51:7 = ##### Begin waiting Mutex to release process #####

17:51:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:51:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
17:51:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:51:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:51:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:51:8 = s1.
17:51:8 = s2.
17:51:9 = Start show animate
17:51:9 = Shell Excutute VerifyHost
17:51:33 = begin close Process
17:51:33 = Terminate Process
17:51:34 = end close Process
17:51:34 = DLL_PROCESS_DETACH
23:4:50 = Process Attach
23:4:50 = end process attach
23:4:50 = ***** NULL == SampleProvider *****
23:4:50 = ##### Begin waiting Mutex to release process #####
23:4:59 = hWnd = 0x0005037c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:4:59 = hWnd = 0x000a052c; ClassName:
ow.
x=0, y=0, width=1, height=1
23:4:59 = hWnd = 0x0005025a; ClassName:
x=0, y=0, width=0, height=0
23:4:59 = hWnd = 0x00070350; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

23:6:15 = Process Attach
23:6:15 = ## ERR ## Setevent
23:6:15 = ***** NULL == SampleProvider *****
23:6:15 = begin close Process
23:6:15 = end close Process
23:6:15 = ##### Get event and release process end #####
23:6:15 = hWnd = 0x00030074; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:6:15 = hWnd = 0x000200b4; ClassName:
ow.
x=0, y=0, width=1, height=1
23:6:15 = hWnd = 0x00030100; ClassName:
x=0, y=0, width=0, height=0
23:6:15 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
7:11:53 = Process Attach
7:11:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:11:53 = * NULL == SampleProvider *

7:11:53 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:11:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:11:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:11:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:11:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:11:59 = s1.
7:11:59 = s2.
7:12:5 = Start show animate
7:12:5 = Shell Excutute VerifyHost
7:12:44 = begin close Process
7:12:44 = Terminate Process
7:12:45 = end close Process
7:12:45 = DLL_PROCESS_DETACH
7:25:54 = Process Attach
7:25:54 = end process attach
7:25:54 = ***** NULL == SampleProvider *****
7:25:54 = ##### Begin waiting Mutex to release process #####
7:25:55 = hWnd = 0x000604b4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:25:55 = hWnd = 0x000604bc; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
7:25:55 =
x=0, y=0,
7:25:55 =
x=0, y=0,
7:28:42 =
7:28:42 =

width=1, height=1
hWnd = 0x000404c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000e04da; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

7:28:42 = * NULL == SampleProvider *

7:28:42 =
7:28:42 =
ow.
x=0, y=0,
7:28:42 =

begin close Process

hWnd = 0x000500f4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

7:28:42 =
x=0, y=0,
8:12:28 =
8:12:28 =

hWnd = 0x000200be; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

width=1, height=1
##### Get event and release process end #####

8:12:28 = * NULL == SampleProvider *

8:12:28 = ##### Begin waiting Mutex to release process #####
8:12:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:12:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:12:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:12:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:12:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:12:31 = s1.
8:12:31 = s2.
8:12:33
8:12:33
8:13:10
8:13:10
8:13:11
8:13:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:44:31 = Process Attach

12:44:31 = end process attach
12:44:31 = ***** NULL == SampleProvider *****
12:44:31 = ##### Begin waiting Mutex to release process #####
12:44:31 = hWnd = 0x001c0576; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:44:31 = hWnd = 0x00070654; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

12:44:31 = hWnd = 0x000a0652; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:44:31 = hWnd = 0x000e0570; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:44:48 = Process Attach
12:44:48 = ## ERR ## Setevent
12:44:48 = ***** NULL == SampleProvider *****
12:44:48 = begin close Process
12:44:48 = end close Process
12:44:48 = ##### Get event and release process end #####
12:44:48 = hWnd = 0x000900d4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:44:48 = hWnd = 0x00040086; ClassName:
dow.
x=0, y=0, width=1, height=1
12:44:48 = hWnd = 0x000800da; ClassName:
x=0, y=0, width=0, height=0
12:44:48 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
13:26:28 = Process Attach
13:26:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:26:28 = * NULL == SampleProvider *

13:26:28 = ##### Begin waiting Mutex to release process #####
13:26:28 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:26:29 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:26:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:26:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:26:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:26:32 = s1.
13:26:32 = s2.
13:26:35
13:26:35
13:27:14
13:27:14
13:27:15
13:27:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:55:37 = Process Attach

13:55:38 = end process attach
13:55:38 = ***** NULL == SampleProvider *****
13:55:38 = ##### Begin waiting Mutex to release process #####

13:55:38 = hWnd = 0x000304aa; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:55:38 = hWnd = 0x000304be; ClassName:
dow.
x=0, y=0, width=1, height=1
13:55:38 = hWnd = 0x0004047a; ClassName:
x=0, y=0, width=0, height=0
13:55:38 = hWnd = 0x00040456; ClassName:
x=0, y=0, width=0, height=0
13:59:28 = Process Attach
13:59:28 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:59:28 = ##### Get event and release process #####

13:59:28 = begin close Process
13:59:28 = end close Process
13:59:28 = ##### Get event and release process end #####
13:59:28 = ***** NULL == SampleProvider *****
13:59:28 = hWnd = 0x000e0092; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:59:28 = hWnd = 0x0004003c; ClassName:
dow.
x=0, y=0, width=1, height=1
13:59:28 = hWnd = 0x000c0126; ClassName:
x=0, y=0, width=0, height=0
13:59:28 = hWnd = 0x0003003a; ClassName:
x=0, y=0, width=0, height=0
21:55:46 = Process Attach
21:55:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:55:46 = ##### Begin waiting Mutex to release process #####

21:55:46 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:55:46 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:55:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:55:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:55:52 = Need to re-create objects.
21:55:52 = s1.
21:55:52 = s2.
21:55:52 = Start show animate
21:55:52 = Shell Excutute VerifyHost
21:56:8 = begin close Process
21:56:8 = Terminate Process
21:56:9 = end close Process
21:56:9 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:26:22 = Process Attach

0:26:22 = end process attach
0:26:22 = ***** NULL == SampleProvider *****
0:26:22 = hWnd = 0x000d0512; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:26:22 = ##### Begin waiting Mutex to release process #####
0:26:22 =
ow.
x=0, y=0,
0:26:22 =
x=0, y=0,
0:26:22 =
x=0, y=0,
0:26:54 =
0:26:54 =

hWnd = 0x0005045a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00040464; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00040468; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:26:54 = * NULL == SampleProvider *

0:26:54 = begin close Process
0:26:54 = end close Process
0:26:54 = ##### Get event and release process end #####
0:26:54 =
x=0, y=0,
0:26:54 =
x=0, y=0,
7:28:43 =
7:28:43 =

hWnd = 0x000b00ec; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00030080; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:28:43 = * NULL == SampleProvider *

7:28:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:28:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:28:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:28:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:28:43 = Need to re-create objects.
7:28:43 = s1.
7:28:43 = s2.
7:28:44
7:28:44
7:29:21
7:29:21
7:29:22
7:29:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:30:1 = Process Attach

7:30:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:30:1 = * NULL == SampleProvider *

7:30:1 = ##### Begin waiting Mutex to release process #####
7:30:1 = hWnd = 0x00030364; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:30:1 = hWnd = 0x00020362; ClassName:
w.
x=0, y=0, width=1, height=1
7:30:1 = hWnd = 0x0001036c; ClassName:
x=0, y=0, width=0, height=0
7:30:1 = hWnd = 0x00040358; ClassName:
x=0, y=0, width=0, height=0
7:30:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:30:1 = s1.
7:30:1 = s2.
7:30:1 = Start show animate
7:30:1 = Shell Excutute VerifyHost
9:27:26 = begin close Process
9:27:26 = Terminate Process
9:27:27 = end close Process
9:27:27 = DLL_PROCESS_DETACH
11:54:58 = Process Attach
11:54:58 = end process attach
11:54:58 = ***** NULL == SampleProvider *****
11:54:58 = ##### Begin waiting Mutex to release process #####
11:54:58 = hWnd = 0x00a3054c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:54:58 = hWnd = 0x00030386; ClassName:
dow.
x=0, y=0, width=1, height=1
11:54:58 = hWnd = 0x000304b0; ClassName:
x=0, y=0, width=0, height=0
11:54:58 = hWnd = 0x000404ae; ClassName:
x=0, y=0, width=0, height=0
11:55:5 = Process Attach
11:55:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:55:5 = * NULL == SampleProvider *

11:55:5 = begin close Process
11:55:5 = end close Process
11:55:5 = ##### Get event and release process end #####
11:55:5 = hWnd = 0x00100062; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:55:5 = hWnd = 0x00030052; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

11:55:5 =
x=0, y=0,
11:55:5 =
x=0, y=0,
12:56:8 =
12:56:8 =

hWnd = 0x000a006a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000700b0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

12:56:8 = * NULL == SampleProvider *

12:56:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:56:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:56:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:56:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:56:9 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:56:9 = s1.
12:56:9 = s2.
12:56:9 = Start show animate
12:56:9 = Shell Excutute VerifyHost
12:56:46 = begin close Process
12:56:46 = Terminate Process
12:56:47 = end close Process
12:56:47 = DLL_PROCESS_DETACH
18:19:37 = Process Attach
18:19:37 = end process attach
18:19:37 = ***** NULL == SampleProvider *****
18:19:37 = ##### Begin waiting Mutex to release process #####
18:19:37 = hWnd = 0x000504aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:19:37 = hWnd = 0x001304d6; ClassName:
dow.
x=0, y=0, width=1, height=1
18:19:37 = hWnd = 0x00090500; ClassName:
x=0, y=0, width=0, height=0
18:19:37 = hWnd = 0x001105d0; ClassName:
x=0, y=0, width=0, height=0
18:20:2 = Process Attach
18:20:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:20:2 = * NULL == SampleProvider *

18:20:2 = begin close Process
18:20:2 = end close Process
18:20:2 = ##### Get event and release process end #####
18:20:2 = hWnd = 0x000a00b4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

18:20:2 = hWnd = 0x00060084; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:20:2 = hWnd = 0x000c0028; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:20:2 = hWnd = 0x000500ac; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:55:31 = Process Attach
20:55:31 = end process attach
20:55:31 = ***** NULL == SampleProvider *****
20:55:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:55:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:55:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:55:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:55:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:55:35 = s1.
20:55:35 = s2.
20:55:38
20:55:38
20:56:18
20:56:18
20:56:19
20:56:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:56:44 = Process Attach

0:56:44 = end process attach
0:56:44 = ***** NULL == SampleProvider *****
0:56:44 = ##### Begin waiting Mutex to release process #####
0:56:44 = hWnd = 0x000804ac; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:56:44 = hWnd = 0x00090470; ClassName:
ow.
x=0, y=0, width=1, height=1
0:56:44 = hWnd = 0x0008048c; ClassName:
x=0, y=0, width=0, height=0
0:56:44 = hWnd = 0x0012047e; ClassName:
x=0, y=0, width=0, height=0
0:56:53 = Process Attach
0:56:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:56:53 = * NULL == SampleProvider *

0:56:53 = hWnd = 0x000d00b8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

0:56:53 = hWnd = 0x0003003a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:56:53 = hWnd = 0x000400c0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:56:53 = hWnd = 0x0005009a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:26:3 = Process Attach
7:26:3 = end process attach
7:26:3 = ***** NULL == SampleProvider *****
7:26:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:26:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:26:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:26:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:26:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:26:11 = s1.
7:26:11 = s2.
7:26:11
7:26:11
7:26:40
7:26:40
7:26:41
7:26:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:58:19 = Process Attach

9:58:19 = end process attach
9:58:19 = ***** NULL == SampleProvider *****
9:58:19 = ##### Begin waiting Mutex to release process #####
9:58:19 = hWnd = 0x000304c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:58:19 = hWnd = 0x000b0528; ClassName:
ow.
x=0, y=0, width=1, height=1
9:58:19 = hWnd = 0x00020550; ClassName:
x=0, y=0, width=0, height=0
9:58:19 = hWnd = 0x000204e6; ClassName:
x=0, y=0, width=0, height=0
9:58:25 = Process Attach
9:58:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:58:25 = * NULL == SampleProvider *

9:58:25 = begin close Process
9:58:25 = end close Process

9:58:25 = ##### Get event and release process end #####

9:58:25 = hWnd = 0x000d00d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:58:25 = hWnd = 0x000300d2; ClassName:
ow.
x=0, y=0, width=1, height=1
9:58:25 = hWnd = 0x000200dc; ClassName:
x=0, y=0, width=0, height=0
9:58:25 = hWnd = 0x001300ba; ClassName:
x=0, y=0, width=0, height=0
10:41:15 = Process Attach
10:41:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:41:15 = * NULL == SampleProvider *

10:41:15 = ##### Begin waiting Mutex to release process #####
10:41:16 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:41:17 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:41:17 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:41:19 = Need to re-create objects.
10:41:19 = s1.
10:41:19 = s2.
10:41:23 = Start show animate
10:41:23 = Shell Excutute VerifyHost
10:42:2 = begin close Process
10:42:2 = Terminate Process
10:42:3 = end close Process
10:42:3 = DLL_PROCESS_DETACH
12:4:1 = Process Attach
12:4:1 = end process attach
12:4:1 = ***** NULL == SampleProvider *****
12:4:1 = ##### Begin waiting Mutex to release process #####
12:4:1 = hWnd = 0x000305a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:4:1 = hWnd = 0x00040592; ClassName:
w.
x=0, y=0, width=1, height=1
12:4:1 = hWnd = 0x000a0512; ClassName:
x=0, y=0, width=0, height=0
12:4:1 = hWnd = 0x000305fa; ClassName:
x=0, y=0, width=0, height=0
12:4:6 = Process Attach
12:4:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:4:6 = * NULL == SampleProvider *

12:4:6 = begin close Process

12:4:6 = end close Process
12:4:6 = ##### Get event and release process end #####
12:4:6 = hWnd = 0x000f003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:4:6 = hWnd = 0x000a0056; ClassName:
w.
x=0, y=0, width=1, height=1
12:4:6 = hWnd = 0x000500c0; ClassName:
x=0, y=0, width=0, height=0
12:4:6 = hWnd = 0x000b00b2; ClassName:
x=0, y=0, width=0, height=0
18:18:17 = Process Attach
18:18:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:18:17 = * NULL == SampleProvider *

18:18:17 = ##### Begin waiting Mutex to release process #####
18:18:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:18:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:18:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:18:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:18:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:18:25 = s1.
18:18:25 = s2.
18:18:25
18:18:25
18:18:49
18:18:49
18:18:50
18:18:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:46:27 = Process Attach

18:46:27 = end process attach
18:46:27 = ##### Begin waiting Mutex to release process #####
18:46:27 = ***** NULL == SampleProvider *****
18:46:27 = hWnd = 0x0006043a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:46:27 = hWnd = 0x00060448; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:46:27 = hWnd = 0x00030454; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

18:46:27 = hWnd = 0x00040456; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
18:46:31 = Process Attach
18:46:31 = ## ERR ## Setevent
18:46:31 = ##### Get event and release process #####
18:46:31 = begin close Process
18:46:31 = end close Process
18:46:31 = ##### Get event and release process end #####
18:46:31 = hWnd = 0x0003005a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:46:31 = hWnd = 0x00040070; ClassName:
dow.
x=0, y=0, width=1, height=1
18:46:31 = hWnd = 0x00030060; ClassName:
x=0, y=0, width=0, height=0
18:46:31 = hWnd = 0x00030076; ClassName:
x=0, y=0, width=0, height=0
21:45:13 = Process Attach
21:45:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:45:13 = * NULL == SampleProvider *

21:45:13 = ##### Begin waiting Mutex to release process #####
21:45:13 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:45:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:45:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:45:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:45:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:45:17 = s1.
21:45:17 = s2.
21:45:23
21:45:23
21:45:56
21:45:56
21:45:57
21:45:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:57:58 = Process Attach

23:57:58 = end process attach
23:57:58 = ##### Begin waiting Mutex to release process #####
23:57:58 = hWnd = 0x00030462; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:57:58 = hWnd = 0x00020486; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:57:58 = hWnd = 0x00140456; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:57:58 = hWnd = 0x00080474; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:58:9 = Process Attach
23:58:9 = ## ERR ## Setevent
23:58:9 = ***** NULL == SampleProvider *****
23:58:9 = begin close Process
23:58:9 = end close Process
23:58:9 = ##### Get event and release process end #####
23:58:9 = hWnd = 0x000700c8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:9 = hWnd = 0x000900f0; ClassName:
ow.
x=0, y=0, width=1, height=1
23:58:9 = hWnd = 0x000400de; ClassName:
x=0, y=0, width=0, height=0
23:58:9 = hWnd = 0x000b00f8; ClassName:
x=0, y=0, width=0, height=0
7:22:3 = Process Attach
7:22:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:22:3 = * NULL == SampleProvider *

7:22:3 = ##### Begin waiting Mutex to release process #####
7:22:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:22:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:22:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:22:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:22:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:22:5 = s1.
7:22:5 = s2.
7:22:8 = Start show animate
7:22:8 = Shell Excutute VerifyHost
7:23:39 = begin close Process
7:23:39 = Terminate Process
7:23:40 = end close Process
7:23:40 = DLL_PROCESS_DETACH
7:34:8 = Process Attach
7:34:8 = end process attach
7:34:8 = ***** NULL == SampleProvider *****

7:34:8 = ##### Begin waiting Mutex to release process #####

7:34:8 = hWnd = 0x000203e4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:34:25 = hWnd = 0x0003037a; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:34:25 = hWnd = 0x00040030; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:34:25 = hWnd = 0x0003043e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:34:26 = Need to re-create objects.
7:34:26 = s1.
7:34:26 = s2.
7:34:26
7:34:26
7:46:44
7:46:44
7:46:45
7:46:45

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:57:19 = Process Attach

7:57:19 = end process attach
7:57:19 = ***** NULL == SampleProvider *****
7:57:19 = ##### Begin waiting Mutex to release process #####
7:57:19 = hWnd = 0x00040454; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:57:19 = hWnd = 0x000b049c; ClassName:
ow.
x=0, y=0, width=1, height=1
7:57:19 = hWnd = 0x0006036e; ClassName:
x=0, y=0, width=0, height=0
7:57:19 = hWnd = 0x00050440; ClassName:
x=0, y=0, width=0, height=0
7:57:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:57:19 = s1.
7:57:19 = s2.
7:57:19 = Start show animate
7:57:19 = Shell Excutute VerifyHost
7:58:1 = begin close Process
7:58:1 = Terminate Process
7:58:2 = end close Process
7:58:2 = DLL_PROCESS_DETACH
8:5:5 = Process Attach
8:5:5 = end process attach
8:5:5 = ##### Begin waiting Mutex to release process #####

8:5:5 = * NULL == SampleProvider *

8:5:5 = hWnd = 0x002404a0; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:5:5 = hWnd = 0x000c0454; ClassName:
.
x=0, y=0, width=1, height=1
8:5:5 = hWnd = 0x000e0496; ClassName:
x=0, y=0, width=0, height=0
8:5:5 = hWnd = 0x000f04ac; ClassName:
x=0, y=0, width=0, height=0
8:5:10 = Process Attach
8:5:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:10 = ##### Get event and release process #####

8:5:10 = begin close Process
8:5:10 = end close Process
8:5:10 = ##### Get event and release process end #####
8:5:10 = hWnd = 0x0002003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:5:10 = hWnd = 0x0003003a; ClassName:
w.
x=0, y=0, width=1, height=1
8:5:10 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
8:5:10 = hWnd = 0x00030032; ClassName:
x=0, y=0, width=0, height=0
14:50:49 = Process Attach
14:50:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:50:49 = ##### Begin waiting Mutex to release process #####

14:50:49 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:50:49 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:50:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:50:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:50:50 = Need to re-create objects.
14:50:50 = s1.
14:50:50 = s2.
14:50:52
14:50:52
14:51:11
14:51:11
14:51:12
14:51:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:12:22 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:12:22 = end process attach

15:12:22 = ***** NULL == SampleProvider *****
15:12:22 = ##### Begin waiting Mutex to release process #####
15:12:22 = hWnd = 0x0004050c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:12:22 = hWnd = 0x00050536; ClassName:
dow.
x=0, y=0, width=1, height=1
15:12:22 = hWnd = 0x0008061e; ClassName:
x=0, y=0, width=0, height=0
15:12:22 = hWnd = 0x0004044c; ClassName:
x=0, y=0, width=0, height=0
15:12:26 = Process Attach
15:12:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:12:26 = * NULL == SampleProvider *

15:12:26 = begin close Process
15:12:26 = end close Process
15:12:26 = ##### Get event and release process end #####
15:12:26 = hWnd = 0x000800a6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:12:26 = hWnd = 0x000300b8; ClassName:
dow.
x=0, y=0, width=1, height=1
15:12:26 = hWnd = 0x000b005c; ClassName:
x=0, y=0, width=0, height=0
15:12:26 = hWnd = 0x0007003a; ClassName:
x=0, y=0, width=0, height=0
20:8:28 = Process Attach
20:8:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:8:29 = * NULL == SampleProvider *

20:8:29 = ##### Begin waiting Mutex to release process #####
20:8:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:8:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
20:8:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:8:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:8:30 = Need to re-create objects.
20:8:30 = s1.
20:8:30 = s2.
20:8:32 = Start show animate
20:8:32 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:8:40
20:8:40
20:8:41
20:8:41

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

1:35:57 = Process Attach

1:35:57 = end process attach
1:35:57 = ***** NULL == SampleProvider *****
1:35:57 = ##### Begin waiting Mutex to release process #####
1:35:57 =
ow.
x=0, y=0,
1:35:57 =
x=0, y=0,
1:35:57 =
x=0, y=0,
1:36:46 =
1:36:46 =

hWnd = 0x00170542; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x002805fe; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00040454; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:36:46 = * NULL == SampleProvider *

1:36:46 = begin close Process
1:36:46 = end close Process
1:36:46 = ##### Get event and release process end #####
1:36:46 = hWnd = 0x002300de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:36:46 = hWnd = 0x00040094; ClassName:
ow.
x=0, y=0, width=1, height=1
1:36:46 = hWnd = 0x00a4012c; ClassName:
x=0, y=0, width=0, height=0
1:36:46 = hWnd = 0x00030096; ClassName:
x=0, y=0, width=0, height=0
8:9:26 = Process Attach
8:9:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:9:26 = * NULL == SampleProvider *

8:9:26 = ##### Begin waiting Mutex to release process #####
8:9:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:9:26 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:9:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:9:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:9:28 = Need to re-create objects.
8:9:28 = s1.
8:9:28 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:9:28
8:9:28
8:10:2
8:10:2
8:10:3
8:10:3

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:1:24 = Process Attach

0:1:24 = end process attach
0:1:24 = ***** NULL == SampleProvider *****
0:1:24 = ##### Begin waiting Mutex to release process #####
0:1:24 = hWnd = 0x002607e8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:1:24 = hWnd = 0x001604ae; ClassName:
w.
x=0, y=0, width=1, height=1
0:1:24 = hWnd = 0x00390802; ClassName:
x=0, y=0, width=0, height=0
0:1:24 = hWnd = 0x0057057e; ClassName:
x=0, y=0, width=0, height=0
0:3:5 = Process Attach
0:3:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:3:5 = * NULL == SampleProvider *

0:3:5 = end close Process
0:3:5 = ##### Get event and release process end #####
0:3:5 = hWnd = 0x000200ac; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:3:5 = hWnd = 0x000400a4; ClassName:
.
x=0, y=0, width=1, height=1
0:3:5 = hWnd = 0x001700d4; ClassName:
x=0, y=0, width=0, height=0
0:3:5 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
7:27:7 = Process Attach
7:27:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:27:7 = * NULL == SampleProvider *

7:27:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:27:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:27:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:27:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:27:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:27:14 = s1.
7:27:14 = s2.
7:27:18
7:27:18
7:27:54
7:27:54
7:27:55
7:27:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:48:9 = Process Attach

7:48:9 = end process attach
7:48:9 = ***** NULL == SampleProvider *****
7:48:9 = ##### Begin waiting Mutex to release process #####
7:48:9 = hWnd = 0x000405e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:48:9 = hWnd = 0x000304b0; ClassName:
w.
x=0, y=0, width=1, height=1
7:48:9 = hWnd = 0x000406f6; ClassName:
x=0, y=0, width=0, height=0
7:48:9 = hWnd = 0x000605e0; ClassName:
x=0, y=0, width=0, height=0
7:48:14 = Process Attach
7:48:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:48:14 = ##### Get event and release process #####

7:48:14 = begin close Process
7:48:14 = end close Process
7:48:14 = ##### Get event and release process end #####
7:48:14 = ***** NULL == SampleProvider *****
7:48:14 = hWnd = 0x000200be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:48:14 = hWnd = 0x00050050; ClassName:
ow.
x=0, y=0, width=1, height=1
7:48:14 = hWnd = 0x00040058; ClassName:
x=0, y=0, width=0, height=0
7:48:14 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
22:21:58 = Process Attach
22:21:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:21:58 = * NULL == SampleProvider *

22:21:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:21:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

22:21:59 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
22:21:59 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:22:3 = Need to re-create objects.
22:22:3 = s1.
22:22:3 = s2.
22:22:7 = Start show animate
22:22:7 = Shell Excutute VerifyHost
22:22:44 = begin close Process
22:22:44 = Terminate Process
22:22:45 = end close Process
22:22:45 = DLL_PROCESS_DETACH
22:42:8 = Process Attach
22:42:8 = end process attach
22:42:8 = ***** NULL == SampleProvider *****
22:42:8 = ##### Begin waiting Mutex to release process #####
22:42:8 = hWnd = 0x000204f0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:42:8 = hWnd = 0x00060474; ClassName:
ow.
x=0, y=0, width=1, height=1
22:42:8 = hWnd = 0x00030532; ClassName:
x=0, y=0, width=0, height=0
22:42:8 = hWnd = 0x0004049a; ClassName:
x=0, y=0, width=0, height=0
22:42:12 = Process Attach
22:42:12 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:42:12 = ##### Get event and release process #####

22:42:12 = begin close Process
22:42:12 = end close Process
22:42:12 = ##### Get event and release process end #####
22:42:12 = ***** NULL == SampleProvider *****
22:42:12 = hWnd = 0x00040050; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:42:12 = hWnd = 0x0005007e; ClassName:
dow.
x=0, y=0, width=1, height=1
22:42:12 = hWnd = 0x000f0092; ClassName:
x=0, y=0, width=0, height=0
22:42:12 = hWnd = 0x000200a8; ClassName:
x=0, y=0, width=0, height=0
6:2:7 = Process Attach
6:2:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:2:7 = * NULL == SampleProvider *

6:2:7 = ##### Begin waiting Mutex to release process #####

6:2:7 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:2:7 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
6:2:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:2:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:2:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:2:12 = s1.
6:2:12 = s2.
6:2:13
6:2:13
6:2:49
6:2:49
6:2:50
6:2:50

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:14:37 = Process Attach

0:14:38 = end process attach
0:14:38 = ***** NULL == SampleProvider *****
0:14:38 = ##### Begin waiting Mutex to release process #####
0:14:38 = hWnd = 0x00070516; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:14:38 = hWnd = 0x000704b2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:14:38 = hWnd = 0x00140524; ClassName:
x=0, y=0, width=0, height=0
0:14:38 = hWnd = 0x001a0540; ClassName:
x=0, y=0, width=0, height=0
0:15:5 = Process Attach
0:15:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:15:5 = ##### Get event and release process #####

0:15:5 = begin close Process

0:15:5 = end close Process
0:15:5 = ##### Get event and release process end #####
0:15:5 = hWnd = 0x0005005e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:15:5 = hWnd = 0x000200ac; ClassName:
w.
x=0, y=0, width=1, height=1
0:15:5 = hWnd = 0x000400cc; ClassName:
x=0, y=0, width=0, height=0
0:15:5 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
7:23:58 = Process Attach
7:23:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:23:58 = * NULL == SampleProvider *

7:23:58 = ##### Begin waiting Mutex to release process #####
7:23:58 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:23:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:23:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:23:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:23:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:23:58 = s1.
7:23:58 = s2.
7:23:58
7:23:58
7:24:33
7:24:33
7:24:34
7:24:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:46:54 = Process Attach

7:46:54 = end process attach
7:46:54 = ***** NULL == SampleProvider *****
7:46:54 = ##### Begin waiting Mutex to release process #####
7:46:54 = hWnd = 0x000f0438; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:46:54 = hWnd = 0x001604a0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:46:54 = hWnd = 0x000b0460; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

7:46:54 =
x=0, y=0,
7:49:49 =
7:49:49 =

hWnd = 0x00100588; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

7:49:49 = ##### Get event and release process #####

7:49:49 = begin close Process
7:49:49 = end close Process
7:49:49 = ##### Get event and release process end #####
7:49:49 = ***** NULL == SampleProvider *****
7:49:49 = hWnd = 0x000400b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:49:49 = hWnd = 0x000200b2; ClassName:
ow.
x=0, y=0, width=1, height=1
7:49:49 = hWnd = 0x00060048; ClassName:
x=0, y=0, width=0, height=0
7:49:49 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
7:51:45 = Process Attach
7:51:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:51:45 = * NULL == SampleProvider *

7:51:45 = ##### Begin waiting Mutex to release process #####
7:51:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:51:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:51:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:51:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:51:46 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:51:46 = s1.
7:51:46 = s2.
7:51:48
7:51:48
7:52:25
7:52:25
7:52:26
7:52:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:49:58 = Process Attach

12:49:58 = end process attach
12:49:58 = ***** NULL == SampleProvider *****
12:49:58 = hWnd = 0x00180538; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

12:49:58 = hWnd = 0x001305a2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:49:58 = ##### Begin waiting Mutex to release process #####
12:49:58 = hWnd = 0x00150550; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:49:58 = hWnd = 0x000f05c6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:50:20 = Process Attach
12:50:20 = ## ERR ## Setevent
12:50:20 = ***** NULL == SampleProvider *****
12:50:20 = begin close Process
12:50:20 = end close Process
12:50:20 = ##### Get event and release process end #####
12:50:20 = hWnd = 0x000f0062; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:50:20 = hWnd = 0x00040088; ClassName:
dow.
x=0, y=0, width=1, height=1
12:50:20 = hWnd = 0x000b0052; ClassName:
x=0, y=0, width=0, height=0
12:50:20 = hWnd = 0x0003008a; ClassName:
x=0, y=0, width=0, height=0
20:49:26 = Process Attach
20:49:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:49:26 = * NULL == SampleProvider *

20:49:26 = ##### Begin waiting Mutex to release process #####
20:49:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:49:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:49:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:49:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:49:29 = Need to re-create objects.
20:49:29 = s1.
20:49:29 = s2.
20:49:33
20:49:33
20:50:12
20:50:12
20:50:13
20:50:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:12:6 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:12:6 = end process attach

23:12:6 = ***** NULL == SampleProvider *****
23:12:6 = ##### Begin waiting Mutex to release process #####
23:12:6 = hWnd = 0x0007051a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:12:6 = hWnd = 0x00050542; ClassName:
ow.
x=0, y=0, width=1, height=1
23:12:6 = hWnd = 0x00030566; ClassName:
x=0, y=0, width=0, height=0
23:12:6 = hWnd = 0x0004050e; ClassName:
x=0, y=0, width=0, height=0
23:12:10 = Process Attach
23:12:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:12:10 = * NULL == SampleProvider *

23:12:10 = end close Process
23:12:10 = ##### Get event and release process end #####
23:12:10 = hWnd = 0x0007005a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:12:10 = hWnd = 0x000400cc; ClassName:
dow.
x=0, y=0, width=1, height=1
23:12:10 = hWnd = 0x000200e2; ClassName:
x=0, y=0, width=0, height=0
23:12:10 = hWnd = 0x000500fe; ClassName:
x=0, y=0, width=0, height=0
23:31:11 = Process Attach
23:31:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:31:11 = * NULL == SampleProvider *

23:31:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:31:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:31:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:31:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:31:14 = Need to re-create objects.
23:31:14 = s1.
23:31:14 = s2.
23:31:17
23:31:17
23:31:56
23:31:56
23:31:57

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:31:57 = DLL_PROCESS_DETACH
23:50:37 = Process Attach
23:50:37 = end process attach
23:50:37 = ***** NULL == SampleProvider *****
23:50:37 = ##### Begin waiting Mutex to release process #####
23:50:37 = hWnd = 0x00020502; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:50:37 = hWnd = 0x000204fe; ClassName:
dow.
x=0, y=0, width=1, height=1
23:50:37 = hWnd = 0x00020522; ClassName:
x=0, y=0, width=0, height=0
23:50:37 = hWnd = 0x00020528; ClassName:
x=0, y=0, width=0, height=0
23:50:44 = Process Attach
23:50:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:50:44 = * NULL == SampleProvider *

23:50:44 = ##### Get event and release process end #####
23:50:44 = hWnd = 0x000500a4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:50:44 = hWnd = 0x0005004e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:50:44 = hWnd = 0x00040088; ClassName:
x=0, y=0, width=0, height=0
23:50:44 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
8:24:51 = Process Attach
8:24:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:24:51 = ##### Begin waiting Mutex to release process #####

8:24:51 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:24:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:24:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:24:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:24:52 = Need to re-create objects.
8:24:52 = s1.
8:24:52 = s2.
8:24:53 = Start show animate
8:24:53 = Shell Excutute VerifyHost
8:25:22 = begin close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:25:22 = Terminate Process

8:25:23 = end close Process
8:25:23 = DLL_PROCESS_DETACH
15:24:34 = Process Attach
15:24:34 = end process attach
15:24:34 = ***** NULL == SampleProvider *****
15:24:34 = ##### Begin waiting Mutex to release process #####
15:24:34 = hWnd = 0x0011047a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:24:34 = hWnd = 0x00060452; ClassName:
dow.
x=0, y=0, width=1, height=1
15:24:34 = hWnd = 0x00070454; ClassName:
x=0, y=0, width=0, height=0
15:24:34 = hWnd = 0x0019078a; ClassName:
x=0, y=0, width=0, height=0
15:25:3 = Process Attach
15:25:3 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:25:3 = * NULL == SampleProvider *

15:25:3 = begin close Process
15:25:3 = end close Process
15:25:3 = ##### Get event and release process end #####
15:25:3 = hWnd = 0x0012010c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:25:3 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
15:25:3 = hWnd = 0x001800e4; ClassName:
x=0, y=0, width=0, height=0
15:25:3 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
17:0:27 = Process Attach
17:0:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:0:27 = * NULL == SampleProvider *

17:0:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:0:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
17:0:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:0:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:0:31 = Need to re-create objects.
17:0:32 = s1.
17:0:32 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:0:36
17:0:36
17:1:12
17:1:12
17:1:13
17:1:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:34:45 = Process Attach

18:34:45 = end process attach
18:34:45 = ***** NULL == SampleProvider *****
18:34:45 = hWnd = 0x000304c0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:34:45 = ##### Begin waiting Mutex to release process #####
18:34:45 = hWnd = 0x000306e8; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:34:45 = hWnd = 0x00020688; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:34:45 = hWnd = 0x000304a6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:35:6 = Process Attach
18:35:6 = ## ERR ## Setevent
18:35:6 = ***** NULL == SampleProvider *****
18:35:6 = ##### Get event and release process #####
18:35:6 = begin close Process
18:35:6 = end close Process
18:35:6 = ##### Get event and release process end #####
18:35:6 = hWnd = 0x001000e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:35:6 = hWnd = 0x0003003a; ClassName:
ow.
x=0, y=0, width=1, height=1
18:35:6 = hWnd = 0x0004007a; ClassName:
x=0, y=0, width=0, height=0
18:35:6 = hWnd = 0x00050092; ClassName:
x=0, y=0, width=0, height=0
18:43:36 = Process Attach
18:43:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:43:36 = * NULL == SampleProvider *

18:43:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:43:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:43:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:43:37 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

18:43:40 = Need to re-create objects.
18:43:40 = s1.
18:43:40 = s2.
18:43:43
18:43:43
18:44:22
18:44:22
18:44:23
18:44:23

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:44:1 = Process Attach

22:44:1 = end process attach
22:44:1 = ##### Begin waiting Mutex to release process #####
22:44:1 = ***** NULL == SampleProvider *****
22:44:1 = hWnd = 0x001009b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:44:1 = hWnd = 0x0009055a; ClassName:
ow.
x=0, y=0, width=1, height=1
22:44:1 = hWnd = 0x001105cc; ClassName:
x=0, y=0, width=0, height=0
22:44:1 = hWnd = 0x000d070c; ClassName:
x=0, y=0, width=0, height=0
22:44:57 = Process Attach
22:44:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:44:57 = * NULL == SampleProvider *

22:44:57 = begin close Process
22:44:57 = end close Process
22:44:57 = ##### Get event and release process end #####
22:44:57 = hWnd = 0x00050094; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:44:57 = hWnd = 0x00040036; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
22:44:57 = hWnd = 0x0006002a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:44:57 = hWnd = 0x00030048; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:33:54 = Process Attach
13:33:54 = end process attach
13:33:54 = ***** NULL == SampleProvider *****
13:33:54 = ##### Begin waiting Mutex to release process #####
13:33:54 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:33:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:33:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:33:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:33:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:33:55 = s1.
13:33:55 = s2.
13:33:56
13:33:56
13:34:35
13:34:35
13:34:36
13:34:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:44:13 = Process Attach

13:44:14 = end process attach
13:44:14 = ***** NULL == SampleProvider *****
13:44:14 = ##### Begin waiting Mutex to release process #####
13:44:27 = hWnd = 0x0004045e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:44:27 = hWnd = 0x0002034a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:44:27 = hWnd = 0x0003046a; ClassName:
x=0, y=0, width=0, height=0
13:44:27 = hWnd = 0x000a0468; ClassName:
x=0, y=0, width=0, height=0
13:44:29 = Need to re-create objects.
13:44:29 = s1.
13:44:29 = s2.
13:44:30 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:44:30
13:47:17
13:47:17
13:47:18
13:47:18

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:8:28 = Process Attach

14:8:28 = end process attach
14:8:28 = ***** NULL == SampleProvider *****
14:8:28 = ##### Begin waiting Mutex to release process #####
14:8:28 = hWnd = 0x00060460; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:8:28 = hWnd = 0x0009045c; ClassName:
ow.
x=0, y=0, width=1, height=1
14:8:28 = hWnd = 0x00070470; ClassName:
x=0, y=0, width=0, height=0
14:8:28 = hWnd = 0x0005049a; ClassName:
x=0, y=0, width=0, height=0
14:8:38 = Process Attach
14:8:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:8:38 = * NULL == SampleProvider *

14:8:38 = begin close Process
14:8:38 = end close Process
14:8:38 = ##### Get event and release process end #####
14:8:38 = hWnd = 0x0014005e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:8:38 = hWnd = 0x0003008a; ClassName:
ow.
x=0, y=0, width=1, height=1
14:8:38 = hWnd = 0x0004002c; ClassName:
x=0, y=0, width=0, height=0
14:8:38 = hWnd = 0x000300ac; ClassName:
x=0, y=0, width=0, height=0
20:29:27 = Process Attach
20:29:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:29:27 = * NULL == SampleProvider *

20:29:27 = ##### Begin waiting Mutex to release process #####
20:29:27 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:29:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:29:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:29:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:29:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:29:28 = s1.
20:29:28 = s2.
20:29:29 = Start show animate
20:29:29 = Shell Excutute VerifyHost
20:30:1 = begin close Process
20:30:1 = Terminate Process
20:30:2 = end close Process
20:30:2 = DLL_PROCESS_DETACH
20:39:31 = Process Attach
20:39:31 = end process attach
20:39:31 = ***** NULL == SampleProvider *****
20:39:31 = hWnd = 0x0004042c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:39:31 = hWnd = 0x0002033a; ClassName:
dow.
x=0, y=0, width=1, height=1
20:39:31 = hWnd = 0x000402ba; ClassName:
x=0, y=0, width=0, height=0
20:39:31 = hWnd = 0x00050354; ClassName:
x=0, y=0, width=0, height=0
20:39:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:39:31 = s1.
20:39:31 = s2.
20:39:31
20:39:32
20:52:17
20:52:17
20:52:18
20:52:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:8:44 = Process Attach

21:8:44 = end process attach
21:8:44 = ***** NULL == SampleProvider *****
21:8:44 = ##### Begin waiting Mutex to release process #####
21:8:44 = hWnd = 0x000e057e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:8:44 = hWnd = 0x0007046a; ClassName:
ow.
x=0, y=0, width=1, height=1
21:8:44 = hWnd = 0x0004056c; ClassName:
x=0, y=0, width=0, height=0
21:8:44 = hWnd = 0x001204ee; ClassName:
x=0, y=0, width=0, height=0
21:10:9 = Process Attach
21:10:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:10:9 = ##### Get event and release process #####

21:10:9 = begin close Process
21:10:9 = end close Process
21:10:9 = ##### Get event and release process end #####
21:10:9 = hWnd = 0x0006003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:10:9 = hWnd = 0x000500ac; ClassName:
ow.
x=0, y=0, width=1, height=1
21:10:9 = hWnd = 0x00070062; ClassName:
x=0, y=0, width=0, height=0
21:10:9 = hWnd = 0x000300ae; ClassName:
x=0, y=0, width=0, height=0
21:12:29 = Process Attach
21:12:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:12:29 = * NULL == SampleProvider *

21:12:29 = ##### Begin waiting Mutex to release process #####
21:12:29 = hWnd = 0x00020016; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:12:29 = hWnd = 0x00020018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:12:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:12:29 = hWnd = 0x0002001a; ClassName:
x=0, y=0, width=0, height=0
21:12:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:12:34 = s1.
21:12:34 = s2.
21:12:35
21:12:35
21:14:44
21:14:44
21:14:45
21:14:45

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:58:22 = Process Attach

23:58:22 = end process attach
23:58:22 = ***** NULL == SampleProvider *****
23:58:22 = ##### Begin waiting Mutex to release process #####
23:58:22 = hWnd = 0x00030424; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:58:22 = hWnd = 0x00070460; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:58:22 = hWnd = 0x000c04c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0

23:58:51 = Process Attach

23:58:51 = ## ERR ## Setevent
23:58:51 = ***** NULL == SampleProvider *****
23:58:51 = begin close Process
23:58:51 = end close Process
23:58:51 = ##### Get event and release process end #####
23:58:51 = hWnd = 0x000e00c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:51 = hWnd = 0x000200ac; ClassName:
dow.
x=0, y=0, width=1, height=1
23:58:51 = hWnd = 0x000900da; ClassName:
x=0, y=0, width=0, height=0
23:58:51 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
7:5:51 = Process Attach
7:5:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:5:51 = * NULL == SampleProvider *

7:5:51 = ##### Begin waiting Mutex to release process #####
7:5:51 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:5:51 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:5:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:5:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:5:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:5:52 = s1.
7:5:52 = s2.
7:5:53
7:5:53
7:6:29
7:6:29
7:6:30
7:6:30

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:38:47 = Process Attach

7:38:47 = end process attach
7:38:47 = ***** NULL == SampleProvider *****
7:38:47 = ##### Begin waiting Mutex to release process #####
7:38:47 = hWnd = 0x0002051c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:38:47 = hWnd = 0x000404de; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
7:38:47 =
x=0, y=0,
7:38:47 =
x=0, y=0,
7:38:52 =
7:38:52 =

width=1, height=1
hWnd = 0x000404f0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000404ec; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

7:38:52 = ##### Get event and release process #####

7:38:52 = begin close Process
7:38:52 = end close Process
7:38:52 = ##### Get event and release process end #####
7:38:52 = hWnd = 0x0004003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:38:52 = hWnd = 0x0035004e; ClassName:
ow.
x=0, y=0, width=1, height=1
7:38:52 = hWnd = 0x000300ca; ClassName:
x=0, y=0, width=0, height=0
7:38:52 = hWnd = 0x007200b0; ClassName:
x=0, y=0, width=0, height=0
14:4:12 = Process Attach
14:4:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:4:12 = * NULL == SampleProvider *

14:4:12 = ##### Begin waiting Mutex to release process #####
14:4:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:4:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:4:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:4:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:4:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:4:12 = s1.
14:4:12 = s2.
14:4:13
14:4:13
14:4:34
14:4:34
14:4:35
14:4:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:21:59 = Process Attach

14:21:59 = end process attach
14:21:59 = ***** NULL == SampleProvider *****

14:21:59 = ##### Begin waiting Mutex to release process #####

14:21:59 = hWnd = 0x000404ae; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:21:59 = hWnd = 0x0004037e; ClassName:
dow.
x=0, y=0, width=1, height=1
14:21:59 = hWnd = 0x00070496; ClassName:
x=0, y=0, width=0, height=0
14:21:59 = hWnd = 0x000304b4; ClassName:
x=0, y=0, width=0, height=0
14:22:2 = Process Attach
14:22:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:22:2 = * NULL == SampleProvider *

14:22:2 = begin close Process
14:22:2 = end close Process
14:22:2 = ##### Get event and release process end #####
14:22:2 = hWnd = 0x0005004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:22:2 = hWnd = 0x000300cc; ClassName:
ow.
x=0, y=0, width=1, height=1
14:22:2 = hWnd = 0x00040060; ClassName:
x=0, y=0, width=0, height=0
14:22:2 = hWnd = 0x000200ce; ClassName:
x=0, y=0, width=0, height=0
20:31:44 = Process Attach
20:31:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:31:44 = * NULL == SampleProvider *

20:31:44 = ##### Begin waiting Mutex to release process #####
20:31:44 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:31:44 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:31:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:31:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:31:45 = Need to re-create objects.
20:31:45 = s1.
20:31:45 = s2.
20:31:45 = Start show animate
20:31:45 = Shell Excutute VerifyHost
20:32:6 = begin close Process
20:32:6 = Terminate Process
20:32:7 = end close Process
20:32:7 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:46:19 = Process Attach

1:46:19 = end process attach
1:46:19 = ***** NULL == SampleProvider *****
1:46:19 = ##### Begin waiting Mutex to release process #####
1:46:19 = hWnd = 0x000b081a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:46:19 = hWnd = 0x00021314; ClassName:
ow.
x=0, y=0, width=1, height=1
1:46:19 = hWnd = 0x000e0542; ClassName:
x=0, y=0, width=0, height=0
1:46:19 = hWnd = 0x00031308; ClassName:
x=0, y=0, width=0, height=0
1:47:39 = Process Attach
1:47:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:47:39 = * NULL == SampleProvider *

1:47:39 = begin close Process
1:47:39 = end close Process
1:47:39 = ##### Get event and release process end #####
1:47:39 = hWnd = 0x0004008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:47:39 = hWnd = 0x0004009c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:47:39 = hWnd = 0x00090074; ClassName:
x=0, y=0, width=0, height=0
1:47:39 = hWnd = 0x0003009e; ClassName:
x=0, y=0, width=0, height=0
6:38:45 = Process Attach
6:38:46 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:38:46 = * NULL == SampleProvider *

6:38:46 = ##### Begin waiting Mutex to release process #####
6:38:46 =
ow.
x=0, y=0,
6:38:46 =
x=0, y=0,
6:38:46 =
x=0, y=0,
6:38:47 =

6:38:47 = s1.
6:38:47 = s2.
6:38:48 = Start show animate
6:38:48 = Shell Excutute VerifyHost
6:39:25 = begin close Process

6:39:25 = Terminate Process

6:39:26 = end close Process
6:39:26 = DLL_PROCESS_DETACH
7:54:26 = Process Attach
7:54:26 = end process attach
7:54:26 = ##### Begin waiting Mutex to release process #####
7:54:26 = hWnd = 0x000609cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:54:26 = hWnd = 0x00040452; ClassName:
ow.
x=0, y=0, width=1, height=1
7:54:26 = hWnd = 0x00040466; ClassName:
x=0, y=0, width=0, height=0
7:54:26 = hWnd = 0x0004046a; ClassName:
x=0, y=0, width=0, height=0
7:54:59 = Process Attach
7:54:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:54:59 = * NULL == SampleProvider *

7:54:59 = ##### Get event and release process #####
7:54:59 = begin close Process
7:54:59 = end close Process
7:54:59 = ##### Get event and release process end #####
7:54:59 = hWnd = 0x00d80048; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:54:59 = hWnd = 0x00030094; ClassName:
ow.
x=0, y=0, width=1, height=1
7:54:59 = hWnd = 0x000700ba; ClassName:
x=0, y=0, width=0, height=0
7:54:59 = hWnd = 0x000400b0; ClassName:
x=0, y=0, width=0, height=0
14:11:26 = Process Attach
14:11:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:11:26 = * NULL == SampleProvider *

14:11:26 = ##### Begin waiting Mutex to release process #####
14:11:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:11:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:11:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:11:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:11:27 = Need to re-create objects.
14:11:27 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:11:27 = s2.
14:11:27 = Start show animate
14:11:27 = Shell Excutute VerifyHost
14:12:1 = begin close Process
14:12:1 = Terminate Process
14:12:2 = end close Process
14:12:2 = DLL_PROCESS_DETACH
14:27:34 = Process Attach
14:27:34 = end process attach
14:27:34 = ***** NULL == SampleProvider *****
14:27:34 = ##### Begin waiting Mutex to release process #####
14:27:34 = hWnd = 0x00040472; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:27:34 = hWnd = 0x00030494; ClassName:
dow.
x=0, y=0, width=1, height=1
14:27:34 = hWnd = 0x0004045e; ClassName:
x=0, y=0, width=0, height=0
14:27:34 = hWnd = 0x00070470; ClassName:
x=0, y=0, width=0, height=0
14:27:38 = Process Attach
14:27:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:27:38 = ##### Get event and release process #####

14:27:38 = begin close Process
14:27:38 = end close Process
14:27:38 = ##### Get event and release process end #####
14:27:38 = hWnd = 0x0002002e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:27:38 = hWnd = 0x00070062; ClassName:
dow.
x=0, y=0, width=1, height=1
14:27:38 = hWnd = 0x00030064; ClassName:
x=0, y=0, width=0, height=0
14:27:38 = hWnd = 0x00030038; ClassName:
x=0, y=0, width=0, height=0
22:29:32 = Process Attach
22:29:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:29:32 = * NULL == SampleProvider *

22:29:32 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:29:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:29:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:29:32 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

22:29:32 = Need to re-create objects.
22:29:32 = s1.
22:29:32 = s2.
22:29:33 = Start show animate
22:29:33 = Shell Excutute VerifyHost
22:30:9 = begin close Process
22:30:9 = Terminate Process
22:30:10 = end close Process
22:30:10 = DLL_PROCESS_DETACH
23:45:49 = Process Attach
23:45:49 = end process attach
23:45:49 = ***** NULL == SampleProvider *****
23:45:49 = ##### Begin waiting Mutex to release process #####
23:45:49 = hWnd = 0x000a0454; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:45:49 = hWnd = 0x00120450; ClassName:
dow.
x=0, y=0, width=1, height=1
23:45:49 = hWnd = 0x00180452; ClassName:
x=0, y=0, width=0, height=0
23:45:49 = hWnd = 0x000f0448; ClassName:
x=0, y=0, width=0, height=0
23:45:59 = Process Attach
23:45:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:45:59 = * NULL == SampleProvider *

23:45:59 = begin close Process
23:45:59 = end close Process
23:45:59 = hWnd = 0x0005009c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:45:59 = hWnd = 0x0008008e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:45:59 = hWnd = 0x0004004e; ClassName:
x=0, y=0, width=0, height=0
23:45:59 = hWnd = 0x0003008a; ClassName:
x=0, y=0, width=0, height=0
6:35:10 = Process Attach
6:35:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:35:10 = * NULL == SampleProvider *

6:35:10 = ##### Begin waiting Mutex to release process #####
6:35:10 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:35:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
6:35:10 =
x=0, y=0,
6:35:10 =
x=0, y=0,
6:35:11 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

6:35:11 = s1.
6:35:11 = s2.
6:35:14
6:35:14
6:35:54
6:35:54
6:35:55
6:35:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:41:0 = Process Attach

7:41:0 = end process attach
7:41:0 = ***** NULL == SampleProvider *****
7:41:0 = ##### Begin waiting Mutex to release process #####
7:41:0 = hWnd = 0x000704c8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:41:0 = hWnd = 0x0006048e; ClassName:
w.
x=0, y=0, width=1, height=1
7:41:0 = hWnd = 0x00110476; ClassName:
x=0, y=0, width=0, height=0
7:41:0 = hWnd = 0x0006044a; ClassName:
x=0, y=0, width=0, height=0
7:41:7 = Process Attach
7:41:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:41:7 = * NULL == SampleProvider *

7:41:7 = begin close Process
7:41:7 = end close Process
7:41:7 = ##### Get event and release process end #####
7:41:7 = hWnd = 0x00070030; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:41:7 = hWnd = 0x000200a8; ClassName:
w.
x=0, y=0, width=1, height=1
7:41:7 = hWnd = 0x000800ca; ClassName:
x=0, y=0, width=0, height=0
7:41:7 = hWnd = 0x000300aa; ClassName:
x=0, y=0, width=0, height=0
20:34:59 = Process Attach
20:34:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:34:59 = ##### Begin waiting Mutex to release process #####

20:34:59 = ***** NULL == SampleProvider *****

20:34:59 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:34:59 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:34:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:34:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:34:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:34:59 = s1.
20:34:59 = s2.
20:35:5 = Start show animate
20:35:5 = Shell Excutute VerifyHost
20:35:40 = begin close Process
20:35:40 = Terminate Process
20:35:41 = end close Process
20:35:41 = DLL_PROCESS_DETACH
20:52:41 = Process Attach
20:52:42 = end process attach
20:52:42 = ***** NULL == SampleProvider *****
20:52:42 = ##### Begin waiting Mutex to release process #####
20:52:42 = hWnd = 0x000d04be; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:52:42 = hWnd = 0x00020378; ClassName:
dow.
x=0, y=0, width=1, height=1
20:52:42 = hWnd = 0x00020318; ClassName:
x=0, y=0, width=0, height=0
20:52:42 = hWnd = 0x000c02a6; ClassName:
x=0, y=0, width=0, height=0
20:52:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:52:43 = s1.
20:52:43 = s2.
20:52:45
20:52:45
21:12:58
21:12:58
21:12:59
21:12:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:48:45 = Process Attach

0:48:45 = end process attach
0:48:45 = ***** NULL == SampleProvider *****
0:48:46 = hWnd = 0x0050154a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
0:48:46 = hWnd = 0x00a10516; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:48:46 = hWnd = 0x00020738; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:48:46 = hWnd = 0x006611b6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:50:52 = Process Attach
0:50:52 = ## ERR ## Setevent
0:50:52 = ***** NULL == SampleProvider *****
0:50:52 = ##### Get event and release process #####
0:50:52 =
ow.
x=0, y=0,
0:50:52 =
0:50:52 =
x=0, y=0,
6:47:21 =
6:47:21 =

hWnd = 0x000a00b0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
end close Process
hWnd = 0x000b00fa; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

6:47:21 = * NULL == SampleProvider *

6:47:21 = ##### Begin waiting Mutex to release process #####
6:47:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:47:21 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:47:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:47:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:47:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:47:33 = s1.
6:47:33 = s2.
6:47:34 = Start show animate
6:47:34 = Shell Excutute VerifyHost
6:48:5 = begin close Process
6:48:5 = Terminate Process
6:48:6 = end close Process
6:48:6 = DLL_PROCESS_DETACH
7:31:10 = Process Attach
7:31:10 = end process attach
7:31:10 = ***** NULL == SampleProvider *****
7:31:10 = ##### Begin waiting Mutex to release process #####
7:31:10 = hWnd = 0x0003056e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
7:31:10 =
x=0, y=0,
7:31:10 =
x=0, y=0,
7:31:36 =
7:31:36 =

width=1, height=1
hWnd = 0x000204f6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00040552; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

7:31:36 = * NULL == SampleProvider *

7:31:36 = begin close Process
7:31:36 = end close Process
7:31:36 = ##### Get event and release process end #####
7:31:36 = hWnd = 0x000f00f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:31:36 = hWnd = 0x000300b0; ClassName:
ow.
x=0, y=0, width=1, height=1
7:31:36 = hWnd = 0x001600fa; ClassName:
x=0, y=0, width=0, height=0
7:31:36 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
16:57:39 = Process Attach
16:57:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:57:39 = * NULL == SampleProvider *

16:57:39 = ##### Begin waiting Mutex to release process #####
16:57:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:57:40 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:57:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:57:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:57:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:57:43 = s1.
16:57:43 = s2.
16:57:46
16:57:46
16:58:24
16:58:24
16:58:25
16:58:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:19:31 = Process Attach

18:19:31 = end process attach
18:19:31 = ***** NULL == SampleProvider *****

18:19:31 = ##### Begin waiting Mutex to release process #####

18:19:31 = hWnd = 0x000204b4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:19:31 = hWnd = 0x00060444; ClassName:
dow.
x=0, y=0, width=1, height=1
18:19:31 = hWnd = 0x000204b0; ClassName:
x=0, y=0, width=0, height=0
18:19:31 = hWnd = 0x00050470; ClassName:
x=0, y=0, width=0, height=0
18:19:38 = Process Attach
18:19:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:19:38 = * NULL == SampleProvider *

18:19:38 = begin close Process
18:19:38 = end close Process
18:19:38 = ##### Get event and release process end #####
18:19:38 = hWnd = 0x000f0056; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:19:38 = hWnd = 0x000900c6; ClassName:
dow.
x=0, y=0, width=1, height=1
18:19:38 = hWnd = 0x000700ee; ClassName:
x=0, y=0, width=0, height=0
18:19:38 = hWnd = 0x000600c8; ClassName:
x=0, y=0, width=0, height=0
18:21:34 = Process Attach
18:21:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:21:34 = * NULL == SampleProvider *

18:21:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:21:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:21:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:21:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:21:40 = Need to re-create objects.
18:21:40 = s1.
18:21:40 = s2.
18:21:42
18:21:42
18:22:14
18:22:14
18:22:15
18:22:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:0:1 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:0:1 = end process attach

1:0:1 = ***** NULL == SampleProvider *****
1:0:1 = hWnd = 0x000406ae; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:0:1 = hWnd = 0x000405d4; ClassName:
.
x=0, y=0, width=1, height=1
1:0:1 = hWnd = 0x001a1236; ClassName:
x=0, y=0, width=0, height=0
1:0:1 = hWnd = 0x00030808; ClassName:
x=0, y=0, width=0, height=0
1:0:29 = Process Attach
1:0:29 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:0:29 = * NULL == SampleProvider *

1:0:29 = begin close Process
1:0:29 = end close Process
1:0:29 = ##### Get event and release process end #####
1:0:29 = hWnd = 0x00070052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:0:29 = hWnd = 0x0003003c; ClassName:
w.
x=0, y=0, width=1, height=1
1:0:29 = hWnd = 0x0011010c; ClassName:
x=0, y=0, width=0, height=0
1:0:29 = hWnd = 0x000500ac; ClassName:
x=0, y=0, width=0, height=0
8:0:38 = Process Attach
8:0:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:0:38 = * NULL == SampleProvider *

8:0:38 = ##### Begin waiting Mutex to release process #####
8:0:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:0:38 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:0:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:0:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:0:40 = Need to re-create objects.
8:0:40 = s1.
8:0:40 = s2.
8:0:43
8:0:43
8:1:24
8:1:24

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:1:25 = end close Process

8:1:25 = DLL_PROCESS_DETACH
12:32:44 = Process Attach
12:32:44 = end process attach
12:32:44 = ***** NULL == SampleProvider *****
12:32:44 = ##### Begin waiting Mutex to release process #####
12:32:44 = hWnd = 0x000218f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:32:44 = hWnd = 0x000c18d8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:32:44 = hWnd = 0x000518c0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:32:44 = Need to re-create objects.
12:32:44 = s1.
12:32:44 = s2.
12:32:45 = Start show animate
12:32:45 = Shell Excutute VerifyHost
14:7:48 = begin close Process
14:7:48 = Terminate Process
14:7:49 = end close Process
14:7:49 = DLL_PROCESS_DETACH
1:8:0 = Process Attach
1:8:0 = end process attach
1:8:0 = ***** NULL == SampleProvider *****
1:8:0 = ##### Begin waiting Mutex to release process #####
1:8:0 = hWnd = 0x001b14ac; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:8:0 = hWnd = 0x002604fa; ClassName:
.
x=0, y=0, width=1, height=1
1:8:0 = hWnd = 0x005c100e; ClassName:
x=0, y=0, width=0, height=0
1:8:0 = hWnd = 0x002304c8; ClassName:
x=0, y=0, width=0, height=0
1:9:8 = Process Attach
1:9:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:9:8 = * NULL == SampleProvider *

1:9:8 = begin close Process
1:9:8 = end close Process
1:9:8 = ##### Get event and release process end #####
1:9:8 = hWnd = 0x002000ce; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:9:8 = hWnd = 0x000600a6; ClassName: GDI+ Hook Window Class; Title: GDI+ Window

.
x=0, y=0, width=1, height=1
1:9:8 = hWnd = 0x000600c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:9:8 = hWnd = 0x001300c8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:26:3 = Process Attach
6:26:3 = end process attach
6:26:4 = ***** NULL == SampleProvider *****
6:26:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:26:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
6:26:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:26:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:26:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:26:9 = s1.
6:26:9 = s2.
6:26:14
6:26:14
6:26:52
6:26:52
6:26:53
6:26:53

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:22:39 = Process Attach

14:22:39 = end process attach
14:22:39 = ***** NULL == SampleProvider *****
14:22:39 = ##### Begin waiting Mutex to release process #####
14:22:39 = hWnd = 0x000204e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:22:39 = hWnd = 0x0002050e; ClassName:
dow.
x=0, y=0, width=1, height=1
14:22:39 = hWnd = 0x000604e0; ClassName:
x=0, y=0, width=0, height=0
14:22:39 = hWnd = 0x00060470; ClassName:
x=0, y=0, width=0, height=0
14:22:44 = Process Attach
14:22:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:22:44 = * NULL == SampleProvider *

14:22:44 = begin close Process
14:22:44 = end close Process
14:22:44 = ##### Get event and release process end #####
14:22:44 = hWnd = 0x00020080; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:22:44 = hWnd = 0x00090034; ClassName:
dow.
x=0, y=0, width=1, height=1
14:22:44 = hWnd = 0x000200e0; ClassName:
x=0, y=0, width=0, height=0
14:22:44 = hWnd = 0x0003003c; ClassName:
x=0, y=0, width=0, height=0
18:9:3 = Process Attach
18:9:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:9:3 = ##### Begin waiting Mutex to release process #####

18:9:3 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:9:3 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

18:9:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:9:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:9:4 = Need to re-create objects.
18:9:4 = s1.
18:9:4 = s2.
18:9:5 = Start show animate
18:9:5 = Shell Excutute VerifyHost
18:9:32 = begin close Process
18:9:32 = Terminate Process
18:9:33 = end close Process
18:9:33 = DLL_PROCESS_DETACH
23:28:54 = Process Attach
23:28:54 = end process attach
23:28:54 = ***** NULL == SampleProvider *****
23:28:54 = ##### Begin waiting Mutex to release process #####
23:28:54 = hWnd = 0x00020ace; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:28:54 = hWnd = 0x00020ad6; ClassName:
dow.
x=0, y=0, width=1, height=1
23:28:54 = hWnd = 0x00020ac2; ClassName:
x=0, y=0, width=0, height=0
23:28:54 = hWnd = 0x00020ad2; ClassName:
x=0, y=0, width=0, height=0
23:29:41 = Process Attach
23:29:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:29:41 = * NULL == SampleProvider *

23:29:41 = begin close Process
23:29:41 = end close Process
23:29:41 = ##### Get event and release process end #####
23:29:41 = hWnd = 0x000200aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:29:41 = hWnd = 0x0003003c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:29:41 = hWnd = 0x01620054; ClassName:
x=0, y=0, width=0, height=0
23:29:41 = hWnd = 0x0004003a; ClassName:
x=0, y=0, width=0, height=0
6:40:54 = Process Attach
6:40:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:40:54 = * NULL == SampleProvider *

6:40:54 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
6:40:55 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
6:40:55 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
6:40:55 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:40:58 = Need to re-create objects.
6:40:58 = s1.
6:40:58 = s2.
6:41:3 = Start show animate
6:41:3 = Shell Excutute VerifyHost
6:41:39 = begin close Process
6:41:39 = Terminate Process
6:41:40 = end close Process
6:41:40 = DLL_PROCESS_DETACH
7:45:29 = Process Attach
7:45:29 = end process attach
7:45:29 = ***** NULL == SampleProvider *****
7:45:29 = hWnd = 0x00030462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:45:29 = hWnd = 0x0004045e; ClassName:
ow.
x=0, y=0, width=1, height=1
7:45:29 = hWnd = 0x00020464; ClassName:
x=0, y=0, width=0, height=0
7:45:29 = hWnd = 0x00030460; ClassName:
x=0, y=0, width=0, height=0
7:46:1 = Process Attach
7:46:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:46:1 = * NULL == SampleProvider *

7:46:1 = begin close Process
7:46:1 = end close Process
7:46:1 = ##### Get event and release process end #####
7:46:1 = hWnd = 0x000900bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:46:1 = hWnd = 0x0003003a; ClassName:
w.
x=0, y=0, width=1, height=1
7:46:1 = hWnd = 0x000600c2; ClassName:
x=0, y=0, width=0, height=0
7:46:1 = hWnd = 0x0003002c; ClassName:
x=0, y=0, width=0, height=0
19:7:3 = Process Attach
19:7:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:7:4 = * NULL == SampleProvider *

19:7:4 = ##### Begin waiting Mutex to release process #####

19:7:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:7:4 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
19:7:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:7:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:7:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:7:6 = s1.
19:7:6 = s2.
19:7:7 = Start show animate
19:7:7 = Shell Excutute VerifyHost
19:7:41 = begin close Process
19:7:41 = Terminate Process
19:7:42 = end close Process
19:7:42 = DLL_PROCESS_DETACH
19:18:12 = Process Attach
19:18:12 = end process attach
19:18:12 = ***** NULL == SampleProvider *****
19:18:12 = ##### Begin waiting Mutex to release process #####
19:18:12 = hWnd = 0x0002018e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:18:12 = hWnd = 0x0002015a; ClassName:
dow.
x=0, y=0, width=1, height=1
19:18:12 = hWnd = 0x0004042a; ClassName:
x=0, y=0, width=0, height=0
19:18:12 = hWnd = 0x0002018c; ClassName:
x=0, y=0, width=0, height=0
19:18:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:18:12 = s1.
19:18:12 = s2.
19:18:12
19:18:13
20:28:34
20:28:34
20:28:35
20:28:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:6:3 = Process Attach

23:6:3 = end process attach
23:6:3 = ***** NULL == SampleProvider *****

23:6:3 = ##### Begin waiting Mutex to release process #####

23:6:3 = hWnd = 0x000504ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:6:3 = hWnd = 0x000404be; ClassName:
w.
x=0, y=0, width=1, height=1
23:6:3 = hWnd = 0x00070522; ClassName:
x=0, y=0, width=0, height=0
23:6:3 = hWnd = 0x0007043c; ClassName:
x=0, y=0, width=0, height=0
23:6:25 = Process Attach
23:6:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:6:25 = ##### Get event and release process #####

23:6:25 = hWnd = 0x00a600d2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:6:25 = end close Process
23:6:25 = ##### Get event and release process end #####
23:6:25 = hWnd = 0x00030084; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:40:5 = Process Attach
6:40:5 = end process attach
6:40:5 = ***** NULL == SampleProvider *****
6:40:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:40:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
6:40:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:40:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:40:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:40:8 = s1.
6:40:8 = s2.
6:40:11
6:40:11
6:40:51
6:40:51
6:40:52
6:40:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:17:38 = Process Attach

7:17:38 = end process attach
7:17:38 = ***** NULL == SampleProvider *****
7:17:38 = hWnd = 0x0003051c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
7:17:38 = hWnd = 0x000d0468; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:17:38 = hWnd = 0x000604b8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:17:38 = hWnd = 0x000604e8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:17:44 = Process Attach
7:17:44 = ## ERR ## Setevent
7:17:44 = ***** NULL == SampleProvider *****
7:17:44 = begin close Process
7:17:44 = end close Process
7:17:44 = ##### Get event and release process end #####
7:17:44 = hWnd = 0x0009003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:17:44 = hWnd = 0x000500a8; ClassName:
ow.
x=0, y=0, width=1, height=1
7:17:44 = hWnd = 0x000800d0; ClassName:
x=0, y=0, width=0, height=0
7:17:44 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
21:46:24 = Process Attach
21:46:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:46:24 = * NULL == SampleProvider *

21:46:24 = ##### Begin waiting Mutex to release process #####
21:46:24 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:46:25 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:46:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:46:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:46:28 = Need to re-create objects.
21:46:28 = s1.
21:46:28 = s2.
21:46:32
21:46:32
21:47:11
21:47:11
21:47:12
21:47:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:35:9 = Process Attach

22:35:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:35:9 = * NULL == SampleProvider *

22:35:9 = ##### Begin waiting Mutex to release process #####
22:35:9 = hWnd = 0x00050362; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:35:9 = hWnd = 0x0005037e; ClassName:
ow.
x=0, y=0, width=1, height=1
22:35:9 = hWnd = 0x00030374; ClassName:
x=0, y=0, width=0, height=0
22:35:9 = hWnd = 0x00060378; ClassName:
x=0, y=0, width=0, height=0
22:35:15 = Process Attach
22:35:15 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:35:15 = * NULL == SampleProvider *

22:35:15 = begin close Process
22:35:15 = hWnd = 0x0003002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:35:15 = ##### Get event and release process end #####
22:35:15 = hWnd = 0x0006003a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:39:56 = Process Attach
22:39:56 = end process attach
22:39:56 = ##### Begin waiting Mutex to release process #####
22:39:56 = ***** NULL == SampleProvider *****
22:39:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:39:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:39:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:39:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:40:1 = Need to re-create objects.
22:40:1 = s1.
22:40:1 = s2.
22:40:1 = Start show animate
22:40:1 = Shell Excutute VerifyHost
22:40:13 = begin close Process
22:40:13 = Terminate Process
22:40:14 = end close Process
22:40:14 = DLL_PROCESS_DETACH
23:1:23 = Process Attach
23:1:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:1:23 = * NULL == SampleProvider *

23:1:23 = ##### Begin waiting Mutex to release process #####
23:1:23 = hWnd = 0x00060420; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:1:23 = hWnd = 0x0002050a; ClassName:
ow.
x=0, y=0, width=1, height=1
23:1:23 = hWnd = 0x000304fe; ClassName:
x=0, y=0, width=0, height=0
23:1:23 = hWnd = 0x00020500; ClassName:
x=0, y=0, width=0, height=0
23:1:31 = Process Attach
23:1:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:1:31 = * NULL == SampleProvider *

23:1:31 = begin close Process
23:1:31 = end close Process
23:1:31 = ##### Get event and release process end #####
23:1:31 = hWnd = 0x000f005c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:1:31 = hWnd = 0x0003008a; ClassName:
ow.
x=0, y=0, width=1, height=1
23:1:31 = hWnd = 0x0005005e; ClassName:
x=0, y=0, width=0, height=0
23:1:31 = hWnd = 0x000300a0; ClassName:
x=0, y=0, width=0, height=0
17:11:19 = Process Attach
17:11:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:11:19 = ##### Begin waiting Mutex to release process #####

17:11:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:11:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:11:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:11:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:11:24 = Need to re-create objects.
17:11:24 = s1.
17:11:24 = s2.
17:11:29 = Start show animate
17:11:29 = Shell Excutute VerifyHost
17:12:9 = begin close Process
17:12:9 = Terminate Process
17:12:10 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:12:10 = DLL_PROCESS_DETACH
19:32:44 = Process Attach
19:32:44 = end process attach
19:32:44 = ***** NULL == SampleProvider *****
19:32:44 = ##### Begin waiting Mutex to release process #####
19:32:44 = hWnd = 0x0004045a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:32:44 = hWnd = 0x000504b4; ClassName:
dow.
x=0, y=0, width=1, height=1
19:32:44 = hWnd = 0x0004047a; ClassName:
x=0, y=0, width=0, height=0
19:32:44 = hWnd = 0x000c049c; ClassName:
x=0, y=0, width=0, height=0
19:32:48 = Process Attach
19:32:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:32:48 = ##### Get event and release process #####

19:32:48 = begin close Process
19:32:48 = end close Process
19:32:48 = ##### Get event and release process end #####
19:32:48 = hWnd = 0x000e0110; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:32:48 = hWnd = 0x000f00f2; ClassName:
dow.
x=0, y=0, width=1, height=1
19:32:48 = hWnd = 0x00070082; ClassName:
x=0, y=0, width=0, height=0
19:32:48 = hWnd = 0x00210050; ClassName:
x=0, y=0, width=0, height=0
23:18:39 = Process Attach
23:18:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:18:39 = * NULL == SampleProvider *

23:18:39 = ##### Begin waiting Mutex to release process #####
23:18:39 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:18:39 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:18:39 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:18:40 = Need to re-create objects.
23:18:40 = s1.
23:18:40 = s2.
23:18:47 = Start show animate
23:18:47 = Shell Excutute VerifyHost

23:19:18
23:19:18
23:19:19
23:19:19

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

0:47:57 = Process Attach

0:47:57 = end process attach
0:47:57 = ***** NULL == SampleProvider *****
0:47:57 = ##### Begin waiting Mutex to release process #####
0:47:57 = hWnd = 0x000504cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:47:57 = hWnd = 0x000704ce; ClassName:
ow.
x=0, y=0, width=1, height=1
0:47:57 = hWnd = 0x000f04b2; ClassName:
x=0, y=0, width=0, height=0
0:47:57 = hWnd = 0x00100448; ClassName:
x=0, y=0, width=0, height=0
0:48:8 = Process Attach
0:48:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:48:8 = * NULL == SampleProvider *

0:48:8 = begin close Process
0:48:8 = end close Process
0:48:8 = ##### Get event and release process end #####
0:48:8 = hWnd = 0x002d0062; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:48:8 = hWnd = 0x000300b0; ClassName:
w.
x=0, y=0, width=1, height=1
0:48:8 = hWnd = 0x001200a8; ClassName:
x=0, y=0, width=0, height=0
0:48:8 = hWnd = 0x000300ae; ClassName:
x=0, y=0, width=0, height=0
13:41:39 = Process Attach
13:41:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:41:39 = * NULL == SampleProvider *

13:41:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:41:40 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:41:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:41:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:41:43 = Need to re-create objects.
13:41:43 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:41:43 = s2.
13:41:47
13:41:47
13:42:26
13:42:26
13:42:27
13:42:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:29:36 = Process Attach

15:29:36 = end process attach
15:29:36 = ***** NULL == SampleProvider *****
15:29:36 = ##### Begin waiting Mutex to release process #####
15:29:36 = hWnd = 0x00060374; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:29:36 = hWnd = 0x000604e6; ClassName:
dow.
x=0, y=0, width=1, height=1
15:29:36 = hWnd = 0x000304fc; ClassName:
x=0, y=0, width=0, height=0
15:29:36 = hWnd = 0x0009010e; ClassName:
x=0, y=0, width=0, height=0
15:29:41 = Process Attach
15:29:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:29:41 = * NULL == SampleProvider *

15:29:41 = begin close Process
15:29:41 = end close Process
15:29:41 = ##### Get event and release process end #####
15:29:41 = hWnd = 0x000d0092; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:29:41 = hWnd = 0x0008002c; ClassName:
dow.
x=0, y=0, width=1, height=1
15:29:41 = hWnd = 0x0011002a; ClassName:
x=0, y=0, width=0, height=0
15:29:41 = hWnd = 0x000500a4; ClassName:
x=0, y=0, width=0, height=0
16:54:38 = Process Attach
16:54:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:54:38 = * NULL == SampleProvider *

16:54:38 = ##### Begin waiting Mutex to release process #####
16:54:38 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:54:39 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:54:40 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

16:54:40 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
16:54:43 = Need to re-create objects.
16:54:43 = s1.
16:54:43 = s2.
16:54:47
16:54:47
16:55:24
16:55:24
16:55:25
16:55:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:49:33 = Process Attach

17:49:33 = end process attach
17:49:33 = ***** NULL == SampleProvider *****
17:49:33 = ##### Begin waiting Mutex to release process #####
17:49:33 = hWnd = 0x0009036e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:49:33 = hWnd = 0x000e0646; ClassName:
dow.
x=0, y=0, width=1, height=1
17:49:33 = hWnd = 0x000c0682; ClassName:
x=0, y=0, width=0, height=0
17:49:33 = hWnd = 0x000704b4; ClassName:
x=0, y=0, width=0, height=0
17:49:40 = Process Attach
17:49:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:49:40 = * NULL == SampleProvider *

17:49:40 = begin close Process
17:49:40 = end close Process
17:49:40 = ##### Get event and release process end #####
17:49:40 = hWnd = 0x0007006c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:49:40 = hWnd = 0x00070110; ClassName:
dow.
x=0, y=0, width=1, height=1
17:49:40 = hWnd = 0x0004005a; ClassName:
x=0, y=0, width=0, height=0
17:49:40 = hWnd = 0x00070114; ClassName:
x=0, y=0, width=0, height=0
23:41:22 = Process Attach
23:41:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:41:23 = * NULL == SampleProvider *

23:41:23 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:41:23 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:41:24 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:41:24 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:41:26 = Need to re-create objects.
23:41:26 = s1.
23:41:26 = s2.
23:41:30 = Start show animate
23:41:30 = Shell Excutute VerifyHost
23:42:8 = begin close Process
23:42:8 = Terminate Process
23:42:9 = end close Process
23:42:9 = DLL_PROCESS_DETACH
0:9:37 = Process Attach
0:9:37 = end process attach
0:9:37 = ***** NULL == SampleProvider *****
0:9:37 = ##### Begin waiting Mutex to release process #####
0:9:37 = hWnd = 0x0006047c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:9:37 = hWnd = 0x0005058a; ClassName:
w.
x=0, y=0, width=1, height=1
0:9:37 = hWnd = 0x00040482; ClassName:
x=0, y=0, width=0, height=0
0:9:37 = hWnd = 0x00090628; ClassName:
x=0, y=0, width=0, height=0
0:12:14 = Process Attach
0:12:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:12:14 = ##### Get event and release process #####

0:12:14 =
0:12:14 =
0:12:14 =
x=0, y=0,
0:12:14 =
x=0, y=0,
0:13:58 =
0:13:58 =

begin close Process

end close Process
hWnd = 0x00040086; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00070038; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

0:13:58 = ##### Begin waiting Mutex to release process #####

0:13:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:13:58 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:13:58 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

0:13:58 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
0:14:4 = Need to re-create objects.
0:14:4 = s1.
0:14:4 = s2.
0:14:4 = Start show animate
0:14:4 = Shell Excutute VerifyHost
0:14:25 = begin close Process
0:14:25 = Terminate Process
0:14:26 = end close Process
0:14:26 = DLL_PROCESS_DETACH
0:53:31 = Process Attach
0:53:31 = end process attach
0:53:31 = ##### Begin waiting Mutex to release process #####
0:53:31 = hWnd = 0x0005077e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:53:31 = hWnd = 0x002a060e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:53:31 = hWnd = 0x00030610; ClassName:
x=0, y=0, width=0, height=0
0:53:31 = hWnd = 0x000507b8; ClassName:
x=0, y=0, width=0, height=0
0:54:58 = Process Attach
0:54:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:54:58 = ##### Get event and release process #####

0:54:58 = begin close Process
0:54:58 = end close Process
0:54:58 = ##### Get event and release process end #####
0:54:58 = hWnd = 0x000200e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:54:58 = hWnd = 0x00040042; ClassName:
ow.
x=0, y=0, width=1, height=1
0:54:58 = hWnd = 0x000200d2; ClassName:
x=0, y=0, width=0, height=0
0:54:58 = hWnd = 0x0004005c; ClassName:
x=0, y=0, width=0, height=0
0:56:29 = Process Attach
0:56:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:56:29 = * NULL == SampleProvider *

0:56:29 = ##### Begin waiting Mutex to release process #####
0:56:29 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:56:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
0:56:29 =
x=0, y=0,
0:56:29 =
x=0, y=0,
0:56:30 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

0:56:30 = s1.
0:56:30 = s2.
0:56:30
0:56:30
0:57:16
0:57:16
0:57:17
0:57:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:6:35 = Process Attach

1:6:35 = end process attach
1:6:35 = ***** NULL == SampleProvider *****
1:6:35 = ##### Begin waiting Mutex to release process #####
1:6:35 = hWnd = 0x0003052e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:6:35 = hWnd = 0x0003050c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:6:35 = hWnd = 0x00030524; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:7:41 = Process Attach
1:7:41 = ## ERR ## Setevent
1:7:41 = ***** NULL == SampleProvider *****
1:7:41 = begin close Process
1:7:41 = end close Process
1:7:41 = hWnd = 0x00050052; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:7:41 = hWnd = 0x0008005a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:37:47 = Process Attach
6:37:47 = end process attach
6:37:47 = ***** NULL == SampleProvider *****
6:37:47 = ##### Begin waiting Mutex to release process #####
6:37:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:37:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:37:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:37:48 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

6:37:49 = Need to re-create objects.
6:37:51 = s1.
6:37:51 = s2.
6:38:7 = Start show animate
6:38:7 = Shell Excutute VerifyHost
6:38:49 = begin close Process
6:38:49 = end close Process
6:38:49 = DLL_PROCESS_DETACH
7:18:7 = Process Attach
7:18:7 = end process attach
7:18:7 = ***** NULL == SampleProvider *****
7:18:7 = hWnd = 0x00101010; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:18:7 = ##### Begin waiting Mutex to release process #####
7:18:7 = hWnd = 0x001a01b8; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:18:7 = hWnd = 0x000c0fa8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:18:7 = hWnd = 0x00060eec; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:18:25 = Process Attach
7:18:25 = ## ERR ## Setevent
7:18:25 = ***** NULL == SampleProvider *****
7:18:25 = begin close Process
7:18:25 = end close Process
7:18:25 = ##### Get event and release process end #####
7:18:25 = hWnd = 0x000f00bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:18:25 = hWnd = 0x000300a2; ClassName:
ow.
x=0, y=0, width=1, height=1
7:18:25 = hWnd = 0x001a00cc; ClassName:
x=0, y=0, width=0, height=0
7:18:25 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
15:47:25 = Process Attach
15:47:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:47:25 = * NULL == SampleProvider *

15:47:25 = ##### Begin waiting Mutex to release process #####
15:47:25 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:47:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
15:47:29 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:47:29 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:47:30 = Need to re-create objects.
15:47:30 = s1.
15:47:30 = s2.
15:47:32 = Start show animate
15:47:32 = Shell Excutute VerifyHost
15:48:5 = begin close Process
15:48:5 = Terminate Process
15:48:6 = end close Process
15:48:6 = DLL_PROCESS_DETACH
19:16:24 = Process Attach
19:16:24 = end process attach
19:16:24 = ##### Begin waiting Mutex to release process #####
19:16:24 = hWnd = 0x000805f8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:16:24 = hWnd = 0x0005048e; ClassName:
dow.
x=0, y=0, width=1, height=1
19:16:24 = hWnd = 0x0007058c; ClassName:
x=0, y=0, width=0, height=0
19:16:24 = hWnd = 0x002205ec; ClassName:
x=0, y=0, width=0, height=0
19:16:45 = Process Attach
19:16:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:16:45 = ##### Get event and release process #####

19:16:45 = begin close Process
19:16:45 = end close Process
19:16:45 = ##### Get event and release process end #####
19:16:45 = hWnd = 0x00090038; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:16:45 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
19:16:45 = hWnd = 0x000e00c8; ClassName:
x=0, y=0, width=0, height=0
19:16:45 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
21:37:27 = Process Attach
21:37:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:37:27 = * NULL == SampleProvider *

21:37:27 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

21:37:27 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:37:28 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:37:28 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:37:30 = Need to re-create objects.
21:37:30 = s1.
21:37:30 = s2.
21:37:34
21:37:34
21:38:16
21:38:16
21:38:17
21:38:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:38:35 = Process Attach

22:38:35 = end process attach
22:38:35 = ***** NULL == SampleProvider *****
22:38:35 = ##### Begin waiting Mutex to release process #####
22:38:35 = hWnd = 0x0003033c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:38:35 = hWnd = 0x00020470; ClassName:
dow.
x=0, y=0, width=1, height=1
22:38:35 = hWnd = 0x0002028c; ClassName:
x=0, y=0, width=0, height=0
22:38:35 = hWnd = 0x0002046c; ClassName:
x=0, y=0, width=0, height=0
22:38:40 = Process Attach
22:38:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:38:40 = ##### Get event and release process #####

22:38:40 = begin close Process
22:38:40 = end close Process
22:38:40 = ##### Get event and release process end #####
22:38:40 = hWnd = 0x00030082; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:38:40 = hWnd = 0x00070090; ClassName:
dow.
x=0, y=0, width=1, height=1
22:38:40 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
22:38:40 = hWnd = 0x0005003a; ClassName:
x=0, y=0, width=0, height=0
22:3:35 = Process Attach
22:3:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:3:35 = * NULL == SampleProvider *

22:3:35 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:3:36 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:3:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:3:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:3:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:3:39 = s1.
22:3:39 = s2.
22:3:42
22:3:42
22:4:21
22:4:21
22:4:22
22:4:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:35:22 = Process Attach

23:35:22 = end process attach
23:35:22 = ***** NULL == SampleProvider *****
23:35:22 = ##### Begin waiting Mutex to release process #####
23:35:22 = hWnd = 0x000b05c0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:35:22 = hWnd = 0x000b0526; ClassName:
dow.
x=0, y=0, width=1, height=1
23:35:22 = hWnd = 0x00080376; ClassName:
x=0, y=0, width=0, height=0
23:35:22 = hWnd = 0x000d0522; ClassName:
x=0, y=0, width=0, height=0
23:36:21 = Process Attach
23:36:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:36:21 = * NULL == SampleProvider *

23:36:21 = begin close Process
23:36:21 = end close Process
23:36:21 = ##### Get event and release process end #####
23:36:21 = hWnd = 0x0006002a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:36:21 = hWnd = 0x000200b6; ClassName:
dow.
x=0, y=0, width=1, height=1
23:36:21 = hWnd = 0x000b003a; ClassName:
x=0, y=0, width=0, height=0
23:36:21 = hWnd = 0x0004003e; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

15:25:58 = Process Attach
15:25:58 = end process attach
15:25:58 = ***** NULL == SampleProvider *****
15:25:58 = ##### Begin waiting Mutex to release process #####
15:25:58 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:25:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:25:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:25:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:26:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:26:5 = s1.
15:26:5 = s2.
15:26:5 = Start show animate
15:26:5 = Shell Excutute VerifyHost
15:26:26 = begin close Process
15:26:26 = Terminate Process
15:26:27 = end close Process
15:26:27 = DLL_PROCESS_DETACH
18:32:44 = Process Attach
18:32:44 = end process attach
18:32:44 = ***** NULL == SampleProvider *****
18:32:44 = ##### Begin waiting Mutex to release process #####
18:32:44 = hWnd = 0x00020366; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:32:44 = hWnd = 0x0005035e; ClassName:
dow.
x=0, y=0, width=1, height=1
18:32:44 = hWnd = 0x0004044c; ClassName:
x=0, y=0, width=0, height=0
18:32:44 = hWnd = 0x00020364; ClassName:
x=0, y=0, width=0, height=0
18:32:51 = Process Attach
18:32:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:32:51 = ##### Get event and release process #####

18:32:51 = begin close Process
18:32:51 = end close Process
18:32:51 = ##### Get event and release process end #####
18:32:51 = hWnd = 0x00070082; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

18:32:51 = hWnd = 0x00140034; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:32:51 = hWnd = 0x000500d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:32:51 = hWnd = 0x00080066; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:39:12 = Process Attach
7:39:12 = end process attach
7:39:12 = ***** NULL == SampleProvider *****
7:39:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:39:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:39:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:39:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:39:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:39:16 = s1.
7:39:16 = s2.
7:39:20 = Start show animate
7:39:20 = Shell Excutute VerifyHost
7:40:0 = begin close Process
7:40:0 = Terminate Process
7:40:1 = end close Process
7:40:1 = DLL_PROCESS_DETACH
12:3:35 = Process Attach
12:3:35 = end process attach
12:3:35 = ***** NULL == SampleProvider *****
12:3:35 = ##### Begin waiting Mutex to release process #####
12:3:35 =
ow.
x=0, y=0,
12:3:35 =
x=0, y=0,
12:3:35 =
x=0, y=0,
12:4:22 =
12:4:22 =

hWnd = 0x05f70478; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x003b0496; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x07cb043a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

12:4:22 = * NULL == SampleProvider *

12:4:22 = begin close Process
12:4:22 = end close Process
12:4:22 = ##### Get event and release process end #####
12:4:22 = hWnd = 0x000200b6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

12:4:22 = hWnd = 0x000e0082; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:4:22 = hWnd = 0x000300be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:10:56 = Process Attach
16:10:56 = end process attach
16:10:56 = ##### Begin waiting Mutex to release process #####
16:10:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:10:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:10:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:10:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:11:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:11:2 = s1.
16:11:2 = s2.
16:11:3 = Start show animate
16:11:3 = Shell Excutute VerifyHost
16:11:32 = begin close Process
16:11:32 = Terminate Process
16:11:33 = end close Process
16:11:33 = DLL_PROCESS_DETACH
0:4:16 = Process Attach
0:4:16 = end process attach
0:4:16 = ***** NULL == SampleProvider *****
0:4:16 = ##### Begin waiting Mutex to release process #####
0:4:16 = hWnd = 0x0039057e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:4:16 = hWnd = 0x001805a6; ClassName:
w.
x=0, y=0, width=1, height=1
0:4:16 = hWnd = 0x00160618; ClassName:
x=0, y=0, width=0, height=0
0:4:16 = hWnd = 0x001d0510; ClassName:
x=0, y=0, width=0, height=0
0:4:22 = Process Attach
0:4:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:4:22 = * NULL == SampleProvider *

0:4:22 = begin close Process
0:4:22 = end close Process
0:4:22 = ##### Get event and release process end #####
0:4:22 = hWnd = 0x000f00dc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
0:4:22 = hWnd = 0x00080080; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:4:22 = hWnd = 0x000c00ce; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:4:22 = hWnd = 0x001200e6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:10:52 = Process Attach
9:10:52 = end process attach
9:10:52 = ***** NULL == SampleProvider *****
9:10:52 = ##### Begin waiting Mutex to release process #####
9:10:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:10:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:10:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:10:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:10:58 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:10:58 = s1.
9:10:58 = s2.
9:11:15
9:11:15
9:11:52
9:11:52
9:11:53
9:11:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:29:26 = Process Attach

23:29:27 = end process attach
23:29:27 = ***** NULL == SampleProvider *****
23:29:27 = ##### Begin waiting Mutex to release process #####
23:29:27 = hWnd = 0x00130752; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:29:27 = hWnd = 0x003208ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:29:27 = hWnd = 0x000c0950; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:29:55 = Process Attach
23:29:55 = ## ERR ## Setevent
23:29:55 = ***** NULL == SampleProvider *****
23:29:55 = hWnd = 0x000b0032; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

23:29:55 = hWnd = 0x000200b2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:29:55 = hWnd = 0x001400cc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:29:55 = hWnd = 0x000200b4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:8:26 = Process Attach
6:8:27 = end process attach
6:8:27 = ***** NULL == SampleProvider *****
6:8:27 = ##### Begin waiting Mutex to release process #####
6:8:27 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
6:8:28 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
6:8:28 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:8:30 = Need to re-create objects.
6:8:30 = s1.
6:8:30 = s2.
6:8:35
6:8:35
6:9:14
6:9:14
6:9:15
6:9:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:40:37 = Process Attach

6:40:37 = end process attach
6:40:37 = ***** NULL == SampleProvider *****
6:40:37 = ##### Begin waiting Mutex to release process #####
6:40:37 = hWnd = 0x000a0462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:40:37 = hWnd = 0x000704ea; ClassName:
ow.
x=0, y=0, width=1, height=1
6:40:37 = hWnd = 0x000b0460; ClassName:
x=0, y=0, width=0, height=0
6:40:37 = hWnd = 0x000a045e; ClassName:
x=0, y=0, width=0, height=0
6:40:43 = Process Attach
6:40:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:40:43 = ##### Get event and release process #####

6:40:43 = begin close Process
6:40:43 = end close Process
6:40:43 = ##### Get event and release process end #####

6:40:43 = * NULL == SampleProvider *

6:40:43 = hWnd = 0x00050056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
6:40:43 = hWnd = 0x00040096; ClassName:
ow.
x=0, y=0, width=1, height=1
6:40:43 = hWnd = 0x00060098; ClassName:
x=0, y=0, width=0, height=0
6:40:43 = hWnd = 0x000400c8; ClassName:
x=0, y=0, width=0, height=0
6:41:49 = Process Attach
6:41:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:41:49 = ##### Begin waiting Mutex to release process #####

6:41:49 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:41:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:41:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:41:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:41:55 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:41:55 = s1.
6:41:55 = s2.
6:41:57 = Start show animate
6:41:57 = Shell Excutute VerifyHost
6:42:7 = begin close Process
6:42:7 = Terminate Process
6:42:8 = end close Process
6:42:8 = DLL_PROCESS_DETACH
7:10:41 = Process Attach
7:10:41 = end process attach
7:10:41 = ***** NULL == SampleProvider *****
7:10:41 = hWnd = 0x000604aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:10:41 = hWnd = 0x000804a4; ClassName:
ow.
x=0, y=0, width=1, height=1
7:10:41 = hWnd = 0x00100594; ClassName:
x=0, y=0, width=0, height=0
7:10:41 = hWnd = 0x000704a0; ClassName:
x=0, y=0, width=0, height=0
7:10:46 = Process Attach
7:10:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:10:46 = ##### Get event and release process #####

7:10:46 = begin close Process

7:10:46 = end close Process
7:10:46 = ##### Get event and release process end #####
7:10:46 = hWnd = 0x000200d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:10:46 = hWnd = 0x00030068; ClassName:
ow.
x=0, y=0, width=1, height=1
7:10:46 = hWnd = 0x00040070; ClassName:
x=0, y=0, width=0, height=0
7:10:46 = hWnd = 0x000200d0; ClassName:
x=0, y=0, width=0, height=0
14:15:15 = Process Attach
14:15:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:15:15 = * NULL == SampleProvider *

14:15:15 = ##### Begin waiting Mutex to release process #####
14:15:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:15:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:15:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:15:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:15:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:15:16 = s1.
14:15:16 = s2.
14:15:17
14:15:17
14:15:49
14:15:49
14:15:50
14:15:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:14:33 = Process Attach

17:14:33 = end process attach
17:14:33 = ##### Begin waiting Mutex to release process #####
17:14:33 = hWnd = 0x000304c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:14:33 = hWnd = 0x009d04fc; ClassName:
dow.
x=0, y=0, width=1, height=1
17:14:33 = hWnd = 0x0037051a; ClassName:
x=0, y=0, width=0, height=0
17:14:33 = hWnd = 0x000304a6; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:14:52 = Process Attach

17:14:52 = ## ERR ## Setevent
17:14:52 = ***** NULL == SampleProvider *****
17:14:52 = begin close Process
17:14:52 = end close Process
17:14:52 = ##### Get event and release process end #####
17:14:52 = hWnd = 0x00050054; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:14:52 = hWnd = 0x000400b2; ClassName:
dow.
x=0, y=0, width=1, height=1
17:14:52 = hWnd = 0x00060084; ClassName:
x=0, y=0, width=0, height=0
17:14:52 = hWnd = 0x00050034; ClassName:
x=0, y=0, width=0, height=0
18:41:44 = Process Attach
18:41:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:41:44 = * NULL == SampleProvider *

18:41:44 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:41:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:41:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:41:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:41:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:41:47 = s1.
18:41:47 = s2.
18:41:49
18:41:49
18:42:27
18:42:27
18:42:28
18:42:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

5:13:22 = Process Attach

5:13:22 = end process attach
5:13:22 = ***** NULL == SampleProvider *****
5:13:22 = hWnd = 0x00240718; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:13:22 = hWnd = 0x00090742; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
5:13:22 = hWnd = 0x001007e6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

5:13:22 =
x=0, y=0,
5:13:37 =
5:13:37 =

hWnd = 0x00090778; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
## ERR ## Setevent

5:13:37 = ##### Get event and release process #####

5:13:37 = begin close Process
5:13:37 = end close Process
5:13:37 = ##### Get event and release process end #####
5:13:37 = ***** NULL == SampleProvider *****
5:13:37 = hWnd = 0x000900ec; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
5:13:37 = hWnd = 0x00250080; ClassName:
ow.
x=0, y=0, width=1, height=1
5:13:37 = hWnd = 0x000300d0; ClassName:
x=0, y=0, width=0, height=0
5:13:37 = hWnd = 0x0029007e; ClassName:
x=0, y=0, width=0, height=0
5:14:44 = Process Attach
5:14:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:14:44 = * NULL == SampleProvider *

5:14:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:14:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
5:14:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:14:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:16:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:16:33 = s1.
5:16:33 = s2.
5:16:34
5:16:34
5:17:11
5:17:11
5:17:12
5:17:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:8:56 = Process Attach

7:8:56 = end process attach
7:8:56 = ***** NULL == SampleProvider *****
7:8:56 = ##### Begin waiting Mutex to release process #####
7:8:56 = hWnd = 0x00040102; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

7:8:56 = hWnd = 0x0002038e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:8:56 = hWnd = 0x0002046c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:9:14 = Process Attach
7:9:14 = ## ERR ## Setevent
7:9:14 = ***** NULL == SampleProvider *****
7:9:14 = begin close Process
7:9:14 = end close Process
7:9:14 = ##### Get event and release process end #####
7:9:14 = hWnd = 0x000500c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:9:14 = hWnd = 0x000200b2; ClassName:
w.
x=0, y=0, width=1, height=1
7:9:14 = hWnd = 0x0006003a; ClassName:
x=0, y=0, width=0, height=0
7:9:14 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
14:48:25 = Process Attach
14:48:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:48:25 = * NULL == SampleProvider *

14:48:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:48:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:48:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:48:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:48:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:48:30 = s1.
14:48:30 = s2.
14:48:34
14:48:34
14:49:10
14:49:10
14:49:11
14:49:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:43:11 = Process Attach

22:43:11 = end process attach
22:43:11 = ##### Begin waiting Mutex to release process #####
22:43:11 = hWnd = 0x000705f4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

22:43:11 = hWnd = 0x001105e8; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:43:11 = hWnd = 0x000c05a8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:43:11 = hWnd = 0x00060530; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:44:9 = Process Attach
22:44:9 = ## ERR ## Setevent
22:44:9 = ***** NULL == SampleProvider *****
22:44:9 = begin close Process
22:44:9 = end close Process
22:44:9 = ##### Get event and release process end #####
22:44:9 = hWnd = 0x0006004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:44:9 = hWnd = 0x000500ca; ClassName:
ow.
x=0, y=0, width=1, height=1
22:44:9 = hWnd = 0x000900c6; ClassName:
x=0, y=0, width=0, height=0
22:44:9 = hWnd = 0x000b00a6; ClassName:
x=0, y=0, width=0, height=0
5:59:16 = Process Attach
5:59:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:59:16 = * NULL == SampleProvider *

5:59:16 = ##### Begin waiting Mutex to release process #####
5:59:17 =
ow.
x=0, y=0,
5:59:18 =
x=0, y=0,
5:59:18 =
x=0, y=0,
5:59:22 =

5:59:22 = s1.
5:59:22 = s2.
5:59:27
5:59:27
6:0:5 =
6:0:5 =
6:0:6 =
6:0:6 =

= Start show animate

= Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:14:1 = Process Attach

9:14:1 = end process attach
9:14:1 = ***** NULL == SampleProvider *****
9:14:1 = ##### Begin waiting Mutex to release process #####

9:14:1 = hWnd = 0x000605b6; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:14:1 = hWnd = 0x000605de; ClassName:
w.
x=0, y=0, width=1, height=1
9:14:1 = hWnd = 0x0005076a; ClassName:
x=0, y=0, width=0, height=0
9:14:1 = hWnd = 0x0005060e; ClassName:
x=0, y=0, width=0, height=0
9:14:9 = Process Attach
9:14:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:14:9 = * NULL == SampleProvider *

9:14:9 = begin close Process
9:14:9 = end close Process
9:14:9 = ##### Get event and release process end #####
9:14:9 = hWnd = 0x000c0082; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:14:9 = hWnd = 0x000d00ee; ClassName:
w.
x=0, y=0, width=1, height=1
9:14:9 = hWnd = 0x000800d0; ClassName:
x=0, y=0, width=0, height=0
9:14:9 = hWnd = 0x000600d8; ClassName:
x=0, y=0, width=0, height=0
12:58:8 = Process Attach
12:58:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:58:8 = ##### Begin waiting Mutex to release process #####

12:58:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:58:8 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:58:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:58:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:58:10 = Need to re-create objects.
12:58:10 = s1.
12:58:10 = s2.
12:58:13
12:58:13
12:58:45
12:58:45
12:58:46
12:58:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:5:27 = Process Attach

14:5:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:5:27 = * NULL == SampleProvider *

14:5:27 = hWnd = 0x0002046e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:5:27 = hWnd = 0x0002046a; ClassName:
ow.
x=0, y=0, width=1, height=1
14:5:27 = hWnd = 0x00020476; ClassName:
x=0, y=0, width=0, height=0
14:5:27 = hWnd = 0x0002046c; ClassName:
x=0, y=0, width=0, height=0
14:5:47 = Process Attach
14:5:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:5:47 = * NULL == SampleProvider *

14:5:47 = begin close Process
14:5:47 = end close Process
14:5:47 = ##### Get event and release process end #####
14:5:47 = hWnd = 0x000500a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:5:47 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
14:5:47 = hWnd = 0x00100102; ClassName:
x=0, y=0, width=0, height=0
14:5:47 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
17:6:27 = Process Attach
17:6:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:6:27 = * NULL == SampleProvider *

17:6:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:6:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
17:6:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:6:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:6:29 = Need to re-create objects.
17:6:29 = s1.
17:6:29 = s2.
17:6:31
17:6:31
17:6:50
17:6:50
17:6:51
17:6:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:0:21 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:0:23 = Process Attach

22:0:23 = end process attach
22:0:23 = ***** NULL == SampleProvider *****
22:0:23 = hWnd = 0x00020020; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:0:23 = hWnd = 0x00020022; ClassName:
ow.
x=0, y=0, width=1, height=1
22:0:23 = hWnd = 0x0002002c; ClassName:
x=0, y=0, width=0, height=0
22:0:23 = hWnd = 0x0002001e; ClassName:
x=0, y=0, width=0, height=0
22:0:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:0:27 = s1.
22:0:27 = s2.
22:0:27
22:0:27
22:3:49
22:3:49
22:3:50
22:3:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:4:17 = Process Attach

22:4:17 = end process attach
22:4:17 = ***** NULL == SampleProvider *****
22:4:17 = ##### Begin waiting Mutex to release process #####
22:4:17 = hWnd = 0x00020446; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:4:17 = hWnd = 0x00020442; ClassName:
ow.
x=0, y=0, width=1, height=1
22:4:17 = hWnd = 0x00010452; ClassName:
x=0, y=0, width=0, height=0
22:4:17 = hWnd = 0x00020444; ClassName:
x=0, y=0, width=0, height=0
22:4:45 = Process Attach
22:4:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:4:45 = ##### Get event and release process #####

22:4:45 = begin close Process
22:4:45 = end close Process
22:4:45 = ##### Get event and release process end #####
22:4:45 = hWnd = 0x000600ce; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:4:45 = hWnd = 0x000400e0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

22:4:45 =
x=0, y=0,
22:4:45 =
x=0, y=0,
22:5:48 =
22:5:48 =

hWnd = 0x000100ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x000300de; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

22:5:48 = * NULL == SampleProvider *

22:5:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:5:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:5:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:5:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:6:5 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:6:5 = s1.
22:6:5 = s2.
22:6:7 = Start show animate
22:6:7 = Shell Excutute VerifyHost
22:6:42 = begin close Process
22:6:42 = Terminate Process
22:6:43 = end close Process
22:6:43 = DLL_PROCESS_DETACH
23:43:6 = Process Attach
23:43:6 = end process attach
23:43:6 = ***** NULL == SampleProvider *****
23:43:6 = ##### Begin waiting Mutex to release process #####
23:43:6 = hWnd = 0x0002065c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:43:6 = hWnd = 0x00020628; ClassName:
ow.
x=0, y=0, width=1, height=1
23:43:6 = hWnd = 0x00020630; ClassName:
x=0, y=0, width=0, height=0
23:43:6 = hWnd = 0x000604fa; ClassName:
x=0, y=0, width=0, height=0
23:43:11 = Process Attach
23:43:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:43:11 = * NULL == SampleProvider *

23:43:11 = begin close Process
23:43:11 = end close Process
23:43:11 = ##### Get event and release process end #####
23:43:11 = hWnd = 0x0008005a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

23:43:11 = hWnd = 0x0005007e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:43:11 = hWnd = 0x00040078; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:43:11 = hWnd = 0x000a00e8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:26:35 = Process Attach
6:26:36 = end process attach
6:26:36 = ***** NULL == SampleProvider *****
6:26:36 = ##### Begin waiting Mutex to release process #####
6:26:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:26:36 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:26:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:26:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:26:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:26:41 = s1.
6:26:41 = s2.
6:26:42
6:26:42
6:27:16
6:27:16
6:27:17
6:27:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:47:40 = Process Attach

7:47:40 = end process attach
7:47:40 = ***** NULL == SampleProvider *****
7:47:40 = ##### Begin waiting Mutex to release process #####
7:47:40 = hWnd = 0x000604fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:47:40 = hWnd = 0x000d04f8; ClassName:
ow.
x=0, y=0, width=1, height=1
7:47:40 = hWnd = 0x000404f2; ClassName:
x=0, y=0, width=0, height=0
7:47:40 = hWnd = 0x000604e4; ClassName:
x=0, y=0, width=0, height=0
7:47:46 = Process Attach
7:47:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:46 = * NULL == SampleProvider *

7:47:46 = begin close Process

7:47:46 = end close Process
7:47:46 = ##### Get event and release process end #####
7:47:46 = hWnd = 0x000200d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:47:46 = hWnd = 0x000300d4; ClassName:
ow.
x=0, y=0, width=1, height=1
7:47:46 = hWnd = 0x000600f8; ClassName:
x=0, y=0, width=0, height=0
7:47:46 = hWnd = 0x000200d8; ClassName:
x=0, y=0, width=0, height=0
17:23:6 = Process Attach
17:23:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:23:6 = * NULL == SampleProvider *

17:23:6 = ##### Begin waiting Mutex to release process #####
17:23:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:23:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
17:23:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:23:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:23:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:23:10 = s1.
17:23:10 = s2.
17:23:13
17:23:13
17:23:50
17:23:50
17:23:51
17:23:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:0:59 = Process Attach

22:0:59 = end process attach
22:0:59 = ***** NULL == SampleProvider *****
22:0:59 = ##### Begin waiting Mutex to release process #####
22:0:59 = hWnd = 0x0002043e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:0:59 = hWnd = 0x00020446; ClassName:
ow.
x=0, y=0, width=1, height=1
22:0:59 = hWnd = 0x00030314; ClassName:
x=0, y=0, width=0, height=0
22:0:59 = hWnd = 0x0010047e; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

22:1:12 = Process Attach
22:1:12 = ## ERR ## Setevent
22:1:12 = ***** NULL == SampleProvider *****
22:1:12 = begin close Process
22:1:12 = end close Process
22:1:12 = ##### Get event and release process end #####
22:1:12 =
ow.
x=0, y=0,
22:1:12 =
x=0, y=0,
22:1:12 =
x=0, y=0,
6:28:25 =
6:28:25 =

hWnd = 0x0003004e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00020068; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0008002c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

6:28:25 = * NULL == SampleProvider *

6:28:25 = ##### Begin waiting Mutex to release process #####
6:28:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:28:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:28:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:28:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:28:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:28:29 = s1.
6:28:29 = s2.
6:28:33
6:28:33
6:29:12
6:29:12
6:29:13
6:29:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:41:6 = Process Attach

7:41:7 = end process attach
7:41:7 = ***** NULL == SampleProvider *****
7:41:7 = hWnd = 0x000604a0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:41:7 = hWnd = 0x00640482; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:41:7 = hWnd = 0x000c0508; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

7:41:7 = hWnd = 0x023f0464; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
7:41:13 = Process Attach
7:41:13 = ## ERR ## Setevent
7:41:13 = ***** NULL == SampleProvider *****
7:41:13 = begin close Process
7:41:13 = end close Process
7:41:13 = ##### Get event and release process end #####
7:41:13 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:41:13 = hWnd = 0x000500a2; ClassName:
ow.
x=0, y=0, width=1, height=1
7:41:13 = hWnd = 0x00070054; ClassName:
x=0, y=0, width=0, height=0
7:41:13 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
16:37:47 = Process Attach
16:37:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:37:47 = * NULL == SampleProvider *

16:37:47 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:37:47 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:37:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:37:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:37:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:37:50 = s1.
16:37:50 = s2.
16:37:53
16:37:53
16:38:32
16:38:32
16:38:33
16:38:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:58:54 = Process Attach

17:58:54 = end process attach
17:58:54 = ***** NULL == SampleProvider *****
17:58:54 = ##### Begin waiting Mutex to release process #####
17:58:54 = hWnd = 0x00020360; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:58:54 = hWnd = 0x00030492; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
17:58:54 = hWnd = 0x00020442; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:58:54 = hWnd = 0x00060354; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:59:9 = Process Attach
17:59:9 = ## ERR ## Setevent
17:59:9 = ***** NULL == SampleProvider *****
17:59:9 = begin close Process
17:59:9 = end close Process
17:59:9 = ##### Get event and release process end #####
17:59:9 = hWnd = 0x000500c8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:59:9 = hWnd = 0x000e0058; ClassName:
ow.
x=0, y=0, width=1, height=1
17:59:9 = hWnd = 0x00050046; ClassName:
x=0, y=0, width=0, height=0
17:59:9 = hWnd = 0x00040086; ClassName:
x=0, y=0, width=0, height=0
19:10:39 = Process Attach
19:10:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:10:39 = * NULL == SampleProvider *

19:10:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:10:39 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:10:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:10:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:10:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:10:42 = s1.
19:10:42 = s2.
19:10:46
19:10:46
19:11:24
19:11:24
19:11:25
19:11:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:4:7 = Process Attach

20:4:7 = end process attach
20:4:7 = ***** NULL == SampleProvider *****
20:4:7 = ##### Begin waiting Mutex to release process #####

20:4:7 = hWnd = 0x000d04b6; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:4:7 = hWnd = 0x000304e4; ClassName:
w.
x=0, y=0, width=1, height=1
20:4:7 = hWnd = 0x00050514; ClassName:
x=0, y=0, width=0, height=0
20:4:7 = hWnd = 0x00730510; ClassName:
x=0, y=0, width=0, height=0
20:4:14 = Process Attach
20:4:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:4:14 = ##### Get event and release process #####

20:4:14 = begin close Process
20:4:14 = end close Process
20:4:14 = ##### Get event and release process end #####
20:4:14 = hWnd = 0x000300ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:4:14 = hWnd = 0x000500e8; ClassName:
ow.
x=0, y=0, width=1, height=1
20:4:14 = hWnd = 0x0004008e; ClassName:
x=0, y=0, width=0, height=0
20:4:14 = hWnd = 0x000e0068; ClassName:
x=0, y=0, width=0, height=0
22:10:27 = Process Attach
22:10:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:10:27 = * NULL == SampleProvider *

22:10:27 = ##### Begin waiting Mutex to release process #####
22:10:27 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:10:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:10:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:10:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:10:27 = Need to re-create objects.
22:10:27 = s1.
22:10:27 = s2.
22:10:27
22:10:27
22:10:52
22:10:52
22:10:53
22:10:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:24:52 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:24:52 = end process attach

0:24:52 = ***** NULL == SampleProvider *****
0:24:52 = ##### Begin waiting Mutex to release process #####
0:24:52 = hWnd = 0x00060514; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:24:52 = hWnd = 0x0003057e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:24:52 = hWnd = 0x0004052e; ClassName:
x=0, y=0, width=0, height=0
0:24:52 = hWnd = 0x00030542; ClassName:
x=0, y=0, width=0, height=0
0:24:56 = Process Attach
0:24:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:24:56 = ##### Get event and release process #####

0:24:56 = begin close Process
0:24:56 = end close Process
0:24:56 = ##### Get event and release process end #####
0:24:56 = hWnd = 0x000800e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:24:56 = hWnd = 0x000300d2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:24:56 = hWnd = 0x00060034; ClassName:
x=0, y=0, width=0, height=0
0:24:56 = hWnd = 0x000a0094; ClassName:
x=0, y=0, width=0, height=0
6:17:24 = Process Attach
6:17:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:17:24 = * NULL == SampleProvider *

6:17:24 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:17:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:17:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:17:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:17:25 = Need to re-create objects.
6:17:25 = s1.
6:17:25 = s2.
6:17:52
6:17:52
6:18:30
6:18:30

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:18:31 = end close Process

6:18:31 = DLL_PROCESS_DETACH
11:51:9 = Process Attach
11:51:9 = end process attach
11:51:9 = ***** NULL == SampleProvider *****
11:51:9 = ##### Begin waiting Mutex to release process #####
11:51:9 = hWnd = 0x000201da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:51:9 = hWnd = 0x000401ce; ClassName:
ow.
x=0, y=0, width=1, height=1
11:51:9 = hWnd = 0x0002022c; ClassName:
x=0, y=0, width=0, height=0
11:51:9 = hWnd = 0x000201d8; ClassName:
x=0, y=0, width=0, height=0
11:51:13 = Process Attach
11:51:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:51:13 = * NULL == SampleProvider *

11:51:13 = ##### Get event and release process #####
11:51:13 = begin close Process
11:51:13 = end close Process
11:51:13 = ##### Get event and release process end #####
11:51:13 = hWnd = 0x001000f8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:51:13 = hWnd = 0x000a00c0; ClassName:
dow.
x=0, y=0, width=1, height=1
11:51:13 = hWnd = 0x000800d4; ClassName:
x=0, y=0, width=0, height=0
11:51:13 = hWnd = 0x001700ca; ClassName:
x=0, y=0, width=0, height=0
14:22:35 = Process Attach
14:22:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:22:35 = * NULL == SampleProvider *

14:22:35 = ##### Begin waiting Mutex to release process #####
14:22:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:22:36 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:22:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:22:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:22:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:22:38 = s1.
14:22:38 = s2.
14:22:38
14:22:38
14:23:13
14:23:13
14:23:14
14:23:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:8:22 = Process Attach

23:8:22 = end process attach
23:8:22 = ***** NULL == SampleProvider *****
23:8:22 = hWnd = 0x00240672; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:8:22 = hWnd = 0x00650a08; ClassName:
ow.
x=0, y=0, width=1, height=1
23:8:22 = hWnd = 0x00050692; ClassName:
x=0, y=0, width=0, height=0
23:8:22 = hWnd = 0x001c0624; ClassName:
x=0, y=0, width=0, height=0
23:9:7 = Process Attach
23:9:7 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:9:7 = ##### Get event and release process #####

23:9:7 = begin close Process
23:9:7 = end close Process
23:9:7 = ##### Get event and release process end #####
23:9:7 = ***** NULL == SampleProvider *****
23:9:7 = hWnd = 0x00140122; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:9:7 = hWnd = 0x0003003c; ClassName:
w.
x=0, y=0, width=1, height=1
23:9:7 = hWnd = 0x00650112; ClassName:
x=0, y=0, width=0, height=0
23:9:7 = hWnd = 0x0004004c; ClassName:
x=0, y=0, width=0, height=0
2:40:27 = Process Attach
2:40:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:40:27 = ##### Begin waiting Mutex to release process #####

2:40:27 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:40:28 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
2:40:28 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

2:40:28 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
2:40:30 = Need to re-create objects.
2:40:30 = s1.
2:40:30 = s2.
2:40:30 = Start show animate
2:40:30 = Shell Excutute VerifyHost
2:41:3 = begin close Process
2:41:3 = Terminate Process
2:41:4 = end close Process
2:41:4 = DLL_PROCESS_DETACH
4:8:58 = Process Attach
4:8:58 = end process attach
4:8:58 = ***** NULL == SampleProvider *****
4:8:58 = ##### Begin waiting Mutex to release process #####
4:8:58 = hWnd = 0x0004032c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:8:58 = hWnd = 0x000900fc; ClassName:
w.
x=0, y=0, width=1, height=1
4:8:58 = hWnd = 0x0002035a; ClassName:
x=0, y=0, width=0, height=0
4:8:58 = hWnd = 0x00020446; ClassName:
x=0, y=0, width=0, height=0
4:9:2 = Process Attach
4:9:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:9:2 = * NULL == SampleProvider *

4:9:2 = begin close Process
4:9:2 = end close Process
4:9:2 = ##### Get event and release process end #####
4:9:2 = hWnd = 0x0003005e; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:9:2 = hWnd = 0x000200ce; ClassName:
.
x=0, y=0, width=1, height=1
4:9:2 = hWnd = 0x000600d4; ClassName:
x=0, y=0, width=0, height=0
4:9:2 = hWnd = 0x000200d0; ClassName:
x=0, y=0, width=0, height=0
7:18:2 = Process Attach
7:18:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:18:2 = ##### Begin waiting Mutex to release process #####

7:18:2 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:18:2 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
7:18:2 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:18:2 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:18:2 = Need to re-create objects.
7:18:2 = s1.
7:18:2 = s2.
7:18:4 = Start show animate
7:18:4 = Shell Excutute VerifyHost
7:18:51 = begin close Process
7:18:51 = Terminate Process
7:18:52 = end close Process
7:18:52 = DLL_PROCESS_DETACH
21:41:16 = Process Attach
21:41:16 = end process attach
21:41:16 = ***** NULL == SampleProvider *****
21:41:16 = hWnd = 0x00050036; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:41:16 = hWnd = 0x00020422; ClassName:
dow.
x=0, y=0, width=1, height=1
21:41:16 = hWnd = 0x000203a2; ClassName:
x=0, y=0, width=0, height=0
21:41:16 = hWnd = 0x0004003a; ClassName:
x=0, y=0, width=0, height=0
21:41:35 = Process Attach
21:41:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:41:35 = * NULL == SampleProvider *

21:41:35 = hWnd = 0x001c00c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:41:35 = hWnd = 0x0003009a; ClassName:
dow.
x=0, y=0, width=1, height=1
21:41:35 = hWnd = 0x00140092; ClassName:
x=0, y=0, width=0, height=0
21:41:35 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
23:24:45 = Process Attach
23:24:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:24:45 = * NULL == SampleProvider *

23:24:45 = ##### Begin waiting Mutex to release process #####
23:24:45 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:24:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:24:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:24:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:24:47 = Need to re-create objects.
23:24:47 = s1.
23:24:47 = s2.
23:24:48
23:24:48
23:25:21
23:25:21
23:25:22
23:25:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:23:57 = Process Attach

0:23:57 = end process attach
0:23:57 = ***** NULL == SampleProvider *****
0:23:57 = ##### Begin waiting Mutex to release process #####
0:23:57 = hWnd = 0x0005036a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:23:57 = hWnd = 0x00050372; ClassName:
ow.
x=0, y=0, width=1, height=1
0:23:57 = hWnd = 0x00040368; ClassName:
x=0, y=0, width=0, height=0
0:23:57 = hWnd = 0x00050358; ClassName:
x=0, y=0, width=0, height=0
0:24:1 = Process Attach
0:24:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:24:1 = ##### Get event and release process #####

0:24:1 = begin close Process
0:24:1 = end close Process
0:24:1 = ##### Get event and release process end #####
0:24:1 = ***** NULL == SampleProvider *****
0:24:1 = hWnd = 0x000900f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:24:1 = hWnd = 0x000600dc; ClassName:
w.
x=0, y=0, width=1, height=1
0:24:1 = hWnd = 0x000300de; ClassName:
x=0, y=0, width=0, height=0
0:24:1 = hWnd = 0x000800be; ClassName:
x=0, y=0, width=0, height=0
6:11:48 = Process Attach
6:11:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:11:48 = * NULL == SampleProvider *

6:11:48 = ##### Begin waiting Mutex to release process #####
6:11:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:11:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:11:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:11:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:11:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:11:52 = s1.
6:11:52 = s2.
6:11:56
6:11:56
6:12:34
6:12:34
6:12:35
6:12:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:13:3 = Process Attach

8:13:4 = end process attach
8:13:4 = ##### Begin waiting Mutex to release process #####
8:13:4 = hWnd = 0x00290536; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:13:4 = hWnd = 0x000b0598; ClassName:
w.
x=0, y=0, width=1, height=1
8:13:4 = hWnd = 0x0008045e; ClassName:
x=0, y=0, width=0, height=0
8:13:4 = hWnd = 0x00190568; ClassName:
x=0, y=0, width=0, height=0
8:13:37 = Process Attach
8:13:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:13:37 = * NULL == SampleProvider *

8:13:37 = begin close Process
8:13:37 = end close Process
8:13:37 = ##### Get event and release process end #####
8:13:37 = hWnd = 0x0006009c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:13:37 = hWnd = 0x000300ae; ClassName:
ow.
x=0, y=0, width=1, height=1
8:13:37 = hWnd = 0x0005003e; ClassName:
x=0, y=0, width=0, height=0
8:13:37 = hWnd = 0x000200b4; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

8:14:56 = Process Attach
8:14:56 = end process attach
8:14:56 = ***** NULL == SampleProvider *****
8:14:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:14:56 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:14:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:14:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:14:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:14:57 = s1.
8:14:57 = s2.
8:15:1 = Start show animate
8:15:1 = Shell Excutute VerifyHost
8:15:34 = begin close Process
8:15:34 = Terminate Process
8:15:35 = end close Process
8:15:35 = DLL_PROCESS_DETACH
8:20:44 = Process Attach
8:20:44 = end process attach
8:20:44 = ***** NULL == SampleProvider *****
8:20:44 = ##### Begin waiting Mutex to release process #####
8:20:44 = hWnd = 0x000202e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:20:44 = hWnd = 0x000b030c; ClassName:
ow.
x=0, y=0, width=1, height=1
8:20:44 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
8:20:44 = hWnd = 0x000202de; ClassName:
x=0, y=0, width=0, height=0
8:20:49 = Process Attach
8:20:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:20:49 = ##### Get event and release process #####

8:20:49 = begin close Process
8:20:49 = end close Process
8:20:49 = ##### Get event and release process end #####
8:20:49 = hWnd = 0x000800bc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:20:49 = hWnd = 0x000300c6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

8:20:49 = hWnd = 0x000500e8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:20:49 = hWnd = 0x000200ca; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:59:16 = Process Attach
12:59:16 = end process attach
12:59:16 = ***** NULL == SampleProvider *****
12:59:16 = ##### Begin waiting Mutex to release process #####
12:59:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:59:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:59:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:59:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:59:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:59:17 = s1.
12:59:17 = s2.
12:59:18
12:59:18
13:0:2 =
13:0:2 =
13:0:3 =
13:0:3 =

= Start show animate

= Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:33:38 = Process Attach

22:33:38 = end process attach
22:33:38 = ***** NULL == SampleProvider *****
22:33:38 = hWnd = 0x001504de; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:33:38 = hWnd = 0x00790420; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:33:38 = ##### Begin waiting Mutex to release process #####
22:33:38 = hWnd = 0x000e0514; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:33:38 = hWnd = 0x004905a0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:33:45 = Process Attach
22:33:45 = ## ERR ## Setevent
22:33:45 = ***** NULL == SampleProvider *****
22:33:45 = begin close Process
22:33:45 = end close Process
22:33:45 = ##### Get event and release process end #####

22:33:45 = hWnd = 0x001a00c2; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:33:45 = hWnd = 0x000c00f6; ClassName:
dow.
x=0, y=0, width=1, height=1
22:33:45 = hWnd = 0x001200c8; ClassName:
x=0, y=0, width=0, height=0
22:33:45 = hWnd = 0x000e00fa; ClassName:
x=0, y=0, width=0, height=0
6:37:3 = Process Attach
6:37:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:37:3 = * NULL == SampleProvider *

6:37:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:37:4 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
6:37:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:37:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:37:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:37:6 = s1.
6:37:6 = s2.
6:37:10
6:37:10
6:37:48
6:37:48
6:37:49
6:37:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:34:48 = Process Attach

7:34:48 = end process attach
7:34:48 = ***** NULL == SampleProvider *****
7:34:48 = ##### Begin waiting Mutex to release process #####
7:34:48 = hWnd = 0x000b04a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:34:48 = hWnd = 0x000300fc; ClassName:
ow.
x=0, y=0, width=1, height=1
7:34:48 = hWnd = 0x000504d6; ClassName:
x=0, y=0, width=0, height=0
7:34:48 = hWnd = 0x0003011a; ClassName:
x=0, y=0, width=0, height=0
7:34:54 = Process Attach
7:34:54 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:34:54 = ##### Get event and release process #####

7:34:54 = begin close Process

7:34:54 = end close Process
7:34:54 = ##### Get event and release process end #####
7:34:54 = hWnd = 0x000600c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:34:54 = hWnd = 0x00060064; ClassName:
ow.
x=0, y=0, width=1, height=1
7:34:54 = hWnd = 0x000300f2; ClassName:
x=0, y=0, width=0, height=0
7:34:54 = hWnd = 0x000300f0; ClassName:
x=0, y=0, width=0, height=0
11:1:15 = Process Attach
11:1:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:1:15 = * NULL == SampleProvider *

11:1:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:1:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:1:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:1:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:1:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:1:19 = s1.
11:1:19 = s2.
11:1:23 = Start show animate
11:1:23 = Shell Excutute VerifyHost
11:2:0 = begin close Process
11:2:0 = Terminate Process
11:2:1 = end close Process
11:2:1 = DLL_PROCESS_DETACH
20:48:55 = Process Attach
20:48:55 = end process attach
20:48:55 = ***** NULL == SampleProvider *****
20:48:55 = ##### Begin waiting Mutex to release process #####
20:48:55 = hWnd = 0x003b04a2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:48:55 = hWnd = 0x000804aa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:48:55 = hWnd = 0x00120336; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:49:15 = Process Attach
20:49:15 = ## ERR ## Setevent

20:49:15 = * NULL == SampleProvider *

20:49:15 = hWnd = 0x002200ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:49:15 = hWnd = 0x00030090; ClassName:
dow.
x=0, y=0, width=1, height=1
20:49:15 = hWnd = 0x000c0068; ClassName:
x=0, y=0, width=0, height=0
20:49:15 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
21:49:0 = Process Attach
21:49:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:49:0 = * NULL == SampleProvider *

21:49:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:49:0 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
21:49:0 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:49:0 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:49:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:49:3 = s1.
21:49:3 = s2.
21:49:6 = Start show animate
21:49:6 = Shell Excutute VerifyHost
21:49:34 = begin close Process
21:49:34 = Terminate Process
21:49:35 = end close Process
21:49:35 = DLL_PROCESS_DETACH
0:32:11 = Process Attach
0:32:11 = end process attach
0:32:11 = ##### Begin waiting Mutex to release process #####
0:32:11 = hWnd = 0x000304a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:32:11 = hWnd = 0x000304ac; ClassName:
ow.
x=0, y=0, width=1, height=1
0:32:11 = hWnd = 0x000204e6; ClassName:
x=0, y=0, width=0, height=0
0:32:11 = hWnd = 0x000204ea; ClassName:
x=0, y=0, width=0, height=0
0:32:16 = Process Attach
0:32:16 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:32:16 = * NULL == SampleProvider *

0:32:16 = begin close Process

0:32:16 = end close Process
0:32:16 = ##### Get event and release process end #####
0:32:16 = hWnd = 0x000500f4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:32:16 = hWnd = 0x000900d2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:32:16 = hWnd = 0x000400e0; ClassName:
x=0, y=0, width=0, height=0
0:32:16 = hWnd = 0x000a004a; ClassName:
x=0, y=0, width=0, height=0
7:47:22 = Process Attach
7:47:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:22 = ##### Begin waiting Mutex to release process #####

7:47:22 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:47:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:47:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:47:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:47:23 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:23 = s1.
7:47:23 = s2.
7:47:23
7:47:23
7:47:44
7:47:44
7:47:46
7:47:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:8:4 = Process Attach

14:8:4 = end process attach
14:8:4 = ***** NULL == SampleProvider *****
14:8:4 = hWnd = 0x00030324; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:8:4 = hWnd = 0x0010026c; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
14:8:4 = hWnd = 0x000203d4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:8:4 = hWnd = 0x0003031c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:8:4 = ##### Begin waiting Mutex to release process #####
14:8:33 = Process Attach

14:8:33 = ## ERR ## Setevent

14:8:33 = ***** NULL == SampleProvider *****
14:8:33 = begin close Process
14:8:33 = end close Process
14:8:33 = ##### Get event and release process end #####
14:8:33 = hWnd = 0x000a00c8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:8:33 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
14:8:33 = hWnd = 0x00060062; ClassName:
x=0, y=0, width=0, height=0
14:8:33 = hWnd = 0x000300ba; ClassName:
x=0, y=0, width=0, height=0
16:39:21 = Process Attach
16:39:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:39:21 = * NULL == SampleProvider *

16:39:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:39:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:39:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:39:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:39:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:39:22 = s1.
16:39:22 = s2.
16:39:22
16:39:22
16:39:41
16:39:41
16:39:42
16:39:42

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:34:42 = Process Attach

21:34:42 = end process attach
21:34:42 = ***** NULL == SampleProvider *****
21:34:42 = ##### Begin waiting Mutex to release process #####
21:34:42 = hWnd = 0x0004031c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:34:42 = hWnd = 0x00050340; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:34:42 = hWnd = 0x0007046c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

21:34:42 = hWnd = 0x00030360; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:34:53 = Process Attach
21:34:53 = ## ERR ## Setevent
21:34:53 = ***** NULL == SampleProvider *****
21:34:53 = begin close Process
21:34:53 = end close Process
21:34:53 = ##### Get event and release process end #####
21:34:53 = hWnd = 0x001300e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:34:53 = hWnd = 0x000500aa; ClassName:
dow.
x=0, y=0, width=1, height=1
21:34:53 = hWnd = 0x000a009c; ClassName:
x=0, y=0, width=0, height=0
21:34:53 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
21:48:19 = Process Attach
21:48:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:48:19 = * NULL == SampleProvider *

21:48:19 = ##### Begin waiting Mutex to release process #####
21:48:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:48:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:48:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:48:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:48:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:48:22 = s1.
21:48:22 = s2.
21:48:26 = Start show animate
21:48:26 = Shell Excutute VerifyHost
21:49:4 = begin close Process
21:49:4 = Terminate Process
21:49:5 = end close Process
21:49:5 = DLL_PROCESS_DETACH
22:20:44 = Process Attach
22:20:44 = end process attach
22:20:44 = ***** NULL == SampleProvider *****
22:20:44 = ##### Begin waiting Mutex to release process #####
22:20:44 = hWnd = 0x0002048e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
22:20:44 = hWnd = 0x00020492; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:20:44 = hWnd = 0x0009047a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:20:44 = hWnd = 0x00020490; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:20:51 = Process Attach
22:20:51 = ## ERR ## Setevent
22:20:51 = ##### Get event and release process #####
22:20:51 = begin close Process
22:20:51 = ***** NULL == SampleProvider *****
22:20:51 = ##### Get event and release process end #####
22:20:51 = hWnd = 0x000300d8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:20:51 = hWnd = 0x000200a6; ClassName:
dow.
x=0, y=0, width=1, height=1
22:20:51 = hWnd = 0x0003009e; ClassName:
x=0, y=0, width=0, height=0
22:20:51 = hWnd = 0x00040084; ClassName:
x=0, y=0, width=0, height=0
5:47:3 = Process Attach
5:47:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:47:3 = ##### Begin waiting Mutex to release process #####

5:47:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:47:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
5:47:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:47:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:47:11 = Need to re-create objects.
5:47:11 = s1.
5:47:11 = s2.
5:47:11
5:47:11
5:47:44
5:47:44
5:47:45
5:47:45

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:49:0 = Process Attach

6:49:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:49:0 = * NULL == SampleProvider *

6:49:0 = ##### Begin waiting Mutex to release process #####
6:49:0 = hWnd = 0x00030488; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:49:0 = hWnd = 0x00030480; ClassName:
w.
x=0, y=0, width=1, height=1
6:49:0 = hWnd = 0x00030042; ClassName:
x=0, y=0, width=0, height=0
6:49:0 = hWnd = 0x00070470; ClassName:
x=0, y=0, width=0, height=0
6:49:6 = Process Attach
6:49:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:49:6 = ##### Get event and release process #####

6:49:6 = begin close Process
6:49:6 = end close Process
6:49:6 = ##### Get event and release process end #####
6:49:6 = hWnd = 0x000300e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
6:49:6 = hWnd = 0x000300dc; ClassName:
w.
x=0, y=0, width=1, height=1
6:49:6 = hWnd = 0x000300e6; ClassName:
x=0, y=0, width=0, height=0
6:49:6 = hWnd = 0x000300e0; ClassName:
x=0, y=0, width=0, height=0
7:0:8 = Process Attach
7:0:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:0:8 = ##### Begin waiting Mutex to release process #####

7:0:8 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:0:8 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
7:0:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:0:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:0:9 = Need to re-create objects.
7:0:9 = s1.
7:0:9 = s2.
7:0:9 = Start show animate
7:0:9 = Shell Excutute VerifyHost
7:0:15 = begin close Process
7:0:15 = Terminate Process
7:0:16 = end close Process
7:0:16 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:41:34 = Process Attach

7:41:34 = end process attach
7:41:34 = ***** NULL == SampleProvider *****
7:41:34 = ##### Begin waiting Mutex to release process #####
7:41:34 = hWnd = 0x00020478; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:41:34 = hWnd = 0x000a0454; ClassName:
ow.
x=0, y=0, width=1, height=1
7:41:34 = hWnd = 0x00020464; ClassName:
x=0, y=0, width=0, height=0
7:41:34 = hWnd = 0x0002047a; ClassName:
x=0, y=0, width=0, height=0
7:41:42 = Process Attach
7:41:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:41:42 = * NULL == SampleProvider *

7:41:42 = end close Process
7:41:42 = ##### Get event and release process end #####
7:41:42 = hWnd = 0x000400ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:41:42 = hWnd = 0x000400cc; ClassName:
ow.
x=0, y=0, width=1, height=1
7:41:42 = hWnd = 0x00040092; ClassName:
x=0, y=0, width=0, height=0
7:41:42 = hWnd = 0x0009006c; ClassName:
x=0, y=0, width=0, height=0
7:50:39 = Process Attach
7:50:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:50:39 = * NULL == SampleProvider *

7:50:39 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:50:49 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:51:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:51:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:51:6 = Need to re-create objects.
7:51:6 = s1.
7:51:6 = s2.
7:51:8 = Start show animate
7:51:8 = Shell Excutute VerifyHost
7:51:32 = begin close Process

7:51:32 = Terminate Process

7:51:33 = end close Process
7:51:33 = DLL_PROCESS_DETACH
7:54:4 = Process Attach
7:54:4 = end process attach
7:54:4 = ***** NULL == SampleProvider *****
7:54:4 = ##### Begin waiting Mutex to release process #####
7:54:4 = hWnd = 0x00030398; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:54:4 = hWnd = 0x0007030c; ClassName:
w.
x=0, y=0, width=1, height=1
7:54:4 = hWnd = 0x0004039a; ClassName:
x=0, y=0, width=0, height=0
7:54:4 = hWnd = 0x00050028; ClassName:
x=0, y=0, width=0, height=0
7:54:14 = Process Attach
7:54:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:54:14 = ##### Get event and release process #####

7:54:14 = begin close Process
7:54:14 = end close Process
7:54:14 = ##### Get event and release process end #####
7:54:14 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:54:14 = hWnd = 0x000d005a; ClassName:
ow.
x=0, y=0, width=1, height=1
7:54:14 = hWnd = 0x000700f4; ClassName:
x=0, y=0, width=0, height=0
7:54:14 = hWnd = 0x000d00b4; ClassName:
x=0, y=0, width=0, height=0
14:21:20 = Process Attach
14:21:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:21:21 = * NULL == SampleProvider *

14:21:21 = ##### Begin waiting Mutex to release process #####
14:21:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:21:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:21:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:21:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:21:47 = Need to re-create objects.
14:21:47 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:21:47 = s2.
14:21:49
14:21:49
14:22:36
14:22:36
14:22:37
14:22:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:19:38 = Process Attach

15:19:38 = end process attach
15:19:38 = ##### Begin waiting Mutex to release process #####
15:19:38 = ***** NULL == SampleProvider *****
15:19:38 = hWnd = 0x000f046a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:19:38 = hWnd = 0x00050310; ClassName:
dow.
x=0, y=0, width=1, height=1
15:19:38 = hWnd = 0x00050448; ClassName:
x=0, y=0, width=0, height=0
15:19:38 = hWnd = 0x00070446; ClassName:
x=0, y=0, width=0, height=0
15:19:43 = Process Attach
15:19:43 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:19:43 = ##### Get event and release process #####

15:19:43 = begin close Process
15:19:43 = end close Process
15:19:43 = ##### Get event and release process end #####
15:19:43 = ***** NULL == SampleProvider *****
15:19:43 = hWnd = 0x000500ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:19:43 = hWnd = 0x0003004a; ClassName:
dow.
x=0, y=0, width=1, height=1
15:19:43 = hWnd = 0x000300c0; ClassName:
x=0, y=0, width=0, height=0
15:19:43 = hWnd = 0x00040058; ClassName:
x=0, y=0, width=0, height=0
7:40:29 = Process Attach
7:40:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:40:29 = * NULL == SampleProvider *

7:40:29 = ##### Begin waiting Mutex to release process #####
7:40:29 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:40:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
7:40:29 =
x=0, y=0,
7:40:29 =
x=0, y=0,
7:40:46 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

7:40:46 = s1.
7:40:46 = s2.
7:40:46 = Start show animate
7:40:46 = Shell Excutute VerifyHost
7:41:8 = begin close Process
7:41:8 = Terminate Process
7:41:9 = end close Process
7:41:9 = DLL_PROCESS_DETACH
7:50:8 = Process Attach
7:50:8 = end process attach
7:50:8 = ##### Begin waiting Mutex to release process #####
7:50:8 = ***** NULL == SampleProvider *****
7:50:8 = hWnd = 0x0002042e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:50:8 = hWnd = 0x000304a4; ClassName:
w.
x=0, y=0, width=1, height=1
7:50:8 = hWnd = 0x0002044a; ClassName:
x=0, y=0, width=0, height=0
7:50:8 = hWnd = 0x0002042c; ClassName:
x=0, y=0, width=0, height=0
7:50:41 = Process Attach
7:50:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:50:41 = * NULL == SampleProvider *

7:50:41 = begin close Process
7:50:41 = end close Process
7:50:41 = ##### Get event and release process end #####
7:50:41 = hWnd = 0x00030090; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:50:41 = hWnd = 0x00070084; ClassName:
ow.
x=0, y=0, width=1, height=1
7:50:41 = hWnd = 0x0007007c; ClassName:
x=0, y=0, width=0, height=0
7:50:41 = hWnd = 0x000900bc; ClassName:
x=0, y=0, width=0, height=0
11:27:58 = Process Attach
11:27:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:58 = * NULL == SampleProvider *

11:27:58 = ##### Begin waiting Mutex to release process #####

11:27:58 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:27:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:27:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:27:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:27:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:27:59 = s1.
11:27:59 = s2.
11:28:0 = Start show animate
11:28:0 = Shell Excutute VerifyHost
11:28:25 = begin close Process
11:28:25 = Terminate Process
11:28:26 = end close Process
11:28:26 = DLL_PROCESS_DETACH
14:55:28 = Process Attach
14:55:28 = end process attach
14:55:28 = ***** NULL == SampleProvider *****
14:55:28 = ##### Begin waiting Mutex to release process #####
14:55:28 = hWnd = 0x00060598; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:55:28 = hWnd = 0x0010044c; ClassName:
dow.
x=0, y=0, width=1, height=1
14:55:28 = hWnd = 0x0006043a; ClassName:
x=0, y=0, width=0, height=0
14:55:28 = hWnd = 0x000b0412; ClassName:
x=0, y=0, width=0, height=0
14:55:34 = Process Attach
14:55:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:55:34 = * NULL == SampleProvider *

14:55:34 = ##### Get event and release process #####
14:55:34 = begin close Process
14:55:34 = end close Process
14:55:34 = ##### Get event and release process end #####
14:55:34 = hWnd = 0x007000cc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:55:34 = hWnd = 0x00060090; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
14:55:34 = hWnd = 0x001500c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

14:55:34 = hWnd = 0x000500ae; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
7:54:41 = Process Attach
7:54:41 = end process attach
7:54:41 = ***** NULL == SampleProvider *****
7:54:41 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:54:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:54:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:54:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:54:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:54:45 = s1.
7:54:45 = s2.
7:54:49
7:54:49
7:55:28
7:55:28
7:55:30
7:55:30

20:58:13 = end process attach
20:58:13 = ##### Begin waiting Mutex to release process #####
20:58:13 = hWnd = 0x000904ae; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:58:13 = hWnd = 0x000804b4; ClassName:
dow.
x=0, y=0, width=1, height=1
20:58:13 = hWnd = 0x000c04e6; ClassName:
x=0, y=0, width=0, height=0
20:58:13 = hWnd = 0x000704f6; ClassName:
x=0, y=0, width=0, height=0
20:58:25 = Process Attach
20:58:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:58:25 = * NULL == SampleProvider *

20:58:25 = begin close Process
20:58:25 = end close Process
20:58:25 = ##### Get event and release process end #####
20:58:25 = hWnd = 0x00040036; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:58:25 = hWnd = 0x000b00c4; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:58:25 = hWnd = 0x00060062; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

20:58:25 = hWnd = 0x00030034; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
21:58:10 = Process Attach
21:58:10 = end process attach
21:58:10 = ***** NULL == SampleProvider *****
21:58:10 = ##### Begin waiting Mutex to release process #####
21:58:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:58:11 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:58:11 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:58:13 = Need to re-create objects.
21:58:13 = s1.
21:58:13 = s2.
21:58:17
21:58:17
21:58:55
21:58:55
21:58:56
21:58:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:35:46 = Process Attach

23:35:46 = end process attach
23:35:46 = ***** NULL == SampleProvider *****
23:35:46 = ##### Begin waiting Mutex to release process #####
23:35:46 = hWnd = 0x0003050e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:35:46 = hWnd = 0x00530482; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:35:46 = hWnd = 0x0196056e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:36:12 = Process Attach
23:36:12 = ## ERR ## Setevent
23:36:12 = ##### Get event and release process #####
23:36:12 = begin close Process
23:36:12 = end close Process
23:36:12 = ##### Get event and release process end #####
23:36:12 = hWnd = 0x000600b6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:36:12 = hWnd = 0x0003003c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:36:12 = hWnd = 0x00070050; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

23:36:12 = hWnd = 0x000500ac; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
5:30:26 = Process Attach
5:30:26 = end process attach
5:30:26 = ***** NULL == SampleProvider *****
5:30:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:30:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
5:30:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:30:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:30:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:30:30 = s1.
5:30:30 = s2.
5:30:32
5:30:32
5:31:12
5:31:12
5:31:13
5:31:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:12:40 = Process Attach

16:12:40 = end process attach
16:12:40 = ***** NULL == SampleProvider *****
16:12:41 = hWnd = 0x000312c6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:12:41 = hWnd = 0x000411fa; ClassName:
dow.
x=0, y=0, width=1, height=1
16:12:41 = hWnd = 0x00020c14; ClassName:
x=0, y=0, width=0, height=0
16:12:41 = hWnd = 0x000212d2; ClassName:
x=0, y=0, width=0, height=0
16:15:44 = Process Attach
16:15:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:15:44 = ##### Get event and release process #####

16:15:44 = begin close Process
16:15:44 = end close Process
16:15:44 = ##### Get event and release process end #####
16:15:44 = ***** NULL == SampleProvider *****
16:15:44 = hWnd = 0x0005002a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:15:44 = hWnd = 0x001300d6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
16:15:44 = hWnd = 0x00060098; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:15:44 = hWnd = 0x001200c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:18:48 = Process Attach
16:18:48 = end process attach
16:18:48 = ***** NULL == SampleProvider *****
16:18:48 = ##### Begin waiting Mutex to release process #####
16:18:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:18:49 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:18:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:18:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:18:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:18:53 = s1.
16:18:53 = s2.
16:18:57
16:18:57
16:19:35
16:19:35
16:19:36
16:19:36

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:25:12 = Process Attach

10:25:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:12 = * NULL == SampleProvider *

10:25:12 = hWnd = 0x003305e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:25:12 = hWnd = 0x000904f8; ClassName:
dow.
x=0, y=0, width=1, height=1
10:25:12 = hWnd = 0x005004fc; ClassName:
x=0, y=0, width=0, height=0
10:25:12 = hWnd = 0x000f05d0; ClassName:
x=0, y=0, width=0, height=0
10:25:50 = Process Attach
10:25:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:25:50 = * NULL == SampleProvider *

10:25:50 = begin close Process
10:25:50 = end close Process
10:25:50 = ##### Get event and release process end #####
10:25:50 = hWnd = 0x000200b0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:25:50 = hWnd = 0x00100106; ClassName:
dow.
x=0, y=0, width=1, height=1
10:25:50 = hWnd = 0x000300f2; ClassName:
x=0, y=0, width=0, height=0
10:25:50 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
10:27:18 = Process Attach
10:27:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:27:19 = * NULL == SampleProvider *

10:27:19 = ##### Begin waiting Mutex to release process #####
10:27:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:27:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:27:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:27:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:27:23 = Need to re-create objects.
10:27:23 = s1.
10:27:23 = s2.
10:27:25
10:27:25
10:27:57
10:27:57
10:27:58

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:27:58 = DLL_PROCESS_DETACH
16:7:10 = Process Attach
16:7:10 = end process attach
16:7:10 = ***** NULL == SampleProvider *****
16:7:10 = ##### Begin waiting Mutex to release process #####
16:7:10 =
ow.
x=0, y=0,
16:7:10 =
x=0, y=0,
16:7:10 =
x=0, y=0,
16:7:28 =
16:7:28 =

hWnd = 0x000b0482; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00020528; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0003049a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

16:7:28 = * NULL == SampleProvider *

16:7:28 = begin close Process
16:7:28 = end close Process
16:7:28 = ##### Get event and release process end #####
16:7:28 = hWnd = 0x000200b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:7:28 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
16:7:28 = hWnd = 0x000e0030; ClassName:
x=0, y=0, width=0, height=0
16:7:28 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
16:18:55 = Process Attach
16:18:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:18:55 = * NULL == SampleProvider *

16:18:55 = ##### Begin waiting Mutex to release process #####
16:18:55 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:19:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
16:19:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:19:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:19:0 = Need to re-create objects.
16:19:0 = s1.
16:19:0 = s2.
16:19:1 = Start show animate
16:19:1 = Shell Excutute VerifyHost

16:19:12
16:19:12
16:19:13
16:19:13

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

18:6:35 = Process Attach

18:6:35 = end process attach
18:6:35 = ***** NULL == SampleProvider *****
18:6:35 = ##### Begin waiting Mutex to release process #####
18:6:35 = hWnd = 0x000d12a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:6:35 = hWnd = 0x0003030a; ClassName:
ow.
x=0, y=0, width=1, height=1
18:6:35 = hWnd = 0x00040304; ClassName:
x=0, y=0, width=0, height=0
18:6:35 = hWnd = 0x00050310; ClassName:
x=0, y=0, width=0, height=0
18:7:19 = Process Attach
18:7:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:7:19 = * NULL == SampleProvider *

18:7:19 = begin close Process
18:7:19 = end close Process
18:7:19 = ##### Get event and release process end #####
18:7:19 = hWnd = 0x00050070; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:7:19 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
18:7:19 = hWnd = 0x000700dc; ClassName:
x=0, y=0, width=0, height=0
18:7:19 = hWnd = 0x000500b4; ClassName:
x=0, y=0, width=0, height=0
19:22:30 = Process Attach
19:22:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:22:30 = * NULL == SampleProvider *

19:22:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:22:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:22:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:22:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:22:36 = Need to re-create objects.
19:22:37 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:22:37 = s2.
19:22:40
19:22:40
19:23:16
19:23:16
19:23:17
19:23:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:57:29 = Process Attach

23:57:29 = end process attach
23:57:29 = ***** NULL == SampleProvider *****
23:57:29 = hWnd = 0x000704f8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:57:29 = hWnd = 0x000302c2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:57:29 = ##### Begin waiting Mutex to release process #####
23:57:29 = hWnd = 0x0014050a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:57:29 = hWnd = 0x0038047e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:58:35 = Process Attach
23:58:35 = ## ERR ## Setevent
23:58:35 = ***** NULL == SampleProvider *****
23:58:35 = end close Process
23:58:35 = ##### Get event and release process end #####
23:58:35 = hWnd = 0x00b20060; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:35 = hWnd = 0x0003003c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:58:35 = hWnd = 0x003e0076; ClassName:
x=0, y=0, width=0, height=0
23:58:35 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
0:59:57 = Process Attach
0:59:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:59:57 = * NULL == SampleProvider *

0:59:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:59:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:59:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:0:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:0:3 = s1.
1:0:3 = s2.
1:0:4 = Start show animate
1:0:4 = Shell Excutute VerifyHost
1:0:28 = begin close Process
1:0:28 = Terminate Process
1:0:29 = end close Process
1:0:29 = DLL_PROCESS_DETACH
1:26:4 = Process Attach
1:26:4 = end process attach
1:26:4 = ***** NULL == SampleProvider *****
1:26:4 = ##### Begin waiting Mutex to release process #####
1:26:4 = hWnd = 0x0002019a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:26:4 = hWnd = 0x00020192; ClassName:
w.
x=0, y=0, width=1, height=1
1:26:4 = hWnd = 0x0002028c; ClassName:
x=0, y=0, width=0, height=0
1:26:4 = hWnd = 0x00020194; ClassName:
x=0, y=0, width=0, height=0
1:26:8 = Process Attach
1:26:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:26:8 = ##### Get event and release process #####

1:26:8 = ***** NULL == SampleProvider *****
1:26:8 = end close Process
1:26:8 = ##### Get event and release process end #####
1:26:8 = hWnd = 0x000200de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:26:8 = hWnd = 0x000200d8; ClassName:
w.
x=0, y=0, width=1, height=1
1:26:8 = hWnd = 0x0007007a; ClassName:
x=0, y=0, width=0, height=0
1:26:8 = hWnd = 0x000200dc; ClassName:
x=0, y=0, width=0, height=0
7:58:13 = Process Attach
7:58:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:58:13 = * NULL == SampleProvider *

7:58:13 = ##### Begin waiting Mutex to release process #####
7:58:13 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:58:13 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
7:58:13 =
x=0, y=0,
7:58:13 =
x=0, y=0,
7:58:13 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

7:58:13 = s1.
7:58:13 = s2.
7:58:13
7:58:13
7:58:48
7:58:48
7:58:49
7:58:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:16:34 = Process Attach

8:16:34 = end process attach
8:16:34 = ***** NULL == SampleProvider *****
8:16:34 = ##### Begin waiting Mutex to release process #####
8:16:34 = hWnd = 0x00040462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:16:34 = hWnd = 0x0004049a; ClassName:
ow.
x=0, y=0, width=1, height=1
8:16:34 = hWnd = 0x000704ba; ClassName:
x=0, y=0, width=0, height=0
8:16:34 = hWnd = 0x00040464; ClassName:
x=0, y=0, width=0, height=0
8:18:30 = Process Attach
8:18:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:18:30 = ##### Get event and release process #####

8:18:30 = ***** NULL == SampleProvider *****
8:18:30 = end close Process
8:18:30 = ##### Get event and release process end #####
8:18:30 =
ow.
x=0, y=0,
8:18:30 =
x=0, y=0,
8:18:30 =
x=0, y=0,
8:20:51 =
8:20:51 =

hWnd = 0x00030060; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0002005e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000200b0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:20:51 = * NULL == SampleProvider *

8:20:51 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
8:20:51 =
ow.
x=0, y=0,
8:20:51 =
x=0, y=0,
8:20:51 =
x=0, y=0,
8:20:55 =

8:20:55 = s1.
8:20:55 = s2.
8:20:55
8:20:55
8:21:34
8:21:34
8:21:35
8:21:35

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:26:51 = s1.
6:26:51 = s2.
6:26:52
6:26:52
6:27:13
6:27:13
6:27:14
6:27:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:8:28 = Process Attach

9:8:28 = end process attach
9:8:28 = ***** NULL == SampleProvider *****
9:8:28 = ##### Begin waiting Mutex to release process #####
9:8:28 = hWnd = 0x000705c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:8:28 = hWnd = 0x00060154; ClassName:
w.
x=0, y=0, width=1, height=1
9:8:28 = hWnd = 0x001a0518; ClassName:
x=0, y=0, width=0, height=0
9:8:28 = hWnd = 0x00060532; ClassName:
x=0, y=0, width=0, height=0
9:9:5 = Process Attach
9:9:5 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:9:5 = ##### Get event and release process #####

9:9:5 = begin close Process

9:9:5 = end close Process
9:9:5 = ##### Get event and release process end #####
9:9:5 = hWnd = 0x000500c2; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:9:5 = hWnd = 0x00030046; ClassName:
.
x=0, y=0, width=1, height=1
9:9:5 = hWnd = 0x000c0100; ClassName:
x=0, y=0, width=0, height=0
9:9:5 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
14:13:27 = Process Attach
14:13:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:13:27 = * NULL == SampleProvider *

14:13:28 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:13:28 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:13:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:13:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:13:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:13:30 = s1.
14:13:30 = s2.
14:13:32 = Start show animate
14:13:32 = Shell Excutute VerifyHost
14:14:8 = begin close Process
14:14:8 = Terminate Process
14:14:9 = end close Process
14:14:9 = DLL_PROCESS_DETACH
15:9:54 = Process Attach
15:9:54 = end process attach
15:9:54 = ##### Begin waiting Mutex to release process #####
15:9:54 = hWnd = 0x001d060a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:9:54 = hWnd = 0x0008004c; ClassName:
ow.
x=0, y=0, width=1, height=1
15:9:54 = hWnd = 0x00110502; ClassName:
x=0, y=0, width=0, height=0
15:9:54 = hWnd = 0x000b045e; ClassName:
x=0, y=0, width=0, height=0
15:9:59 = Process Attach
15:9:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:9:59 = ##### Get event and release process #####

15:9:59 = begin close Process
15:9:59 = end close Process
15:9:59 = ##### Get event and release process end #####
15:9:59 = ***** NULL == SampleProvider *****
15:9:59 = hWnd = 0x000700f8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:9:59 = hWnd = 0x000500a0; ClassName:
ow.
x=0, y=0, width=1, height=1
15:9:59 = hWnd = 0x00090084; ClassName:
x=0, y=0, width=0, height=0
15:9:59 = hWnd = 0x00080066; ClassName:
x=0, y=0, width=0, height=0
16:17:26 = Process Attach
16:17:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:17:26 = * NULL == SampleProvider *

16:17:26 = ##### Begin waiting Mutex to release process #####
16:17:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:17:27 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:17:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:17:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:17:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:17:28 = s1.
16:17:28 = s2.
16:17:30 = Start show animate
16:17:30 = Shell Excutute VerifyHost
16:18:5 = begin close Process
16:18:5 = Terminate Process
16:18:6 = end close Process
16:18:6 = DLL_PROCESS_DETACH
22:7:2 = Process Attach
22:7:2 = end process attach
22:7:2 = ***** NULL == SampleProvider *****
22:7:2 = ##### Begin waiting Mutex to release process #####
22:7:2 = hWnd = 0x0008054a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:7:2 = hWnd = 0x000e053e; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo

w.
x=0, y=0, width=1, height=1
22:7:2 = hWnd = 0x000d0546; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:7:2 = hWnd = 0x00080584; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:7:7 = Process Attach
22:7:7 = ## ERR ## Setevent
22:7:7 = ***** NULL == SampleProvider *****
22:7:7 = begin close Process
22:7:7 = end close Process
22:7:7 = ##### Get event and release process end #####
22:7:7 = hWnd = 0x00030072; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:7:7 = hWnd = 0x0005004c; ClassName:
w.
x=0, y=0, width=1, height=1
22:7:7 = hWnd = 0x0005007a; ClassName:
x=0, y=0, width=0, height=0
22:7:7 = hWnd = 0x0002005c; ClassName:
x=0, y=0, width=0, height=0
5:42:23 = Process Attach
5:42:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:42:23 = * NULL == SampleProvider *

5:42:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:42:23 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
5:42:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
5:42:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
5:42:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:42:24 = s1.
5:42:24 = s2.
5:42:24
5:42:24
5:42:42
5:42:42
5:42:43
5:42:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:33:22 = Process Attach

11:33:22 = end process attach
11:33:22 = ***** NULL == SampleProvider *****
11:33:22 = hWnd = 0x008404e2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

11:33:22 = hWnd = 0x0013145c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
11:33:22 = hWnd = 0x00090c98; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
11:33:22 = hWnd = 0x00070c70; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
11:33:56 = Process Attach
11:33:56 = ## ERR ## Setevent
11:33:56 = ***** NULL == SampleProvider *****
11:33:56 = begin close Process
11:33:56 = end close Process
11:33:56 = ##### Get event and release process end #####
11:33:56 = hWnd = 0x000600a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:33:56 = hWnd = 0x000500a4; ClassName:
dow.
x=0, y=0, width=1, height=1
11:33:56 = hWnd = 0x000d00f4; ClassName:
x=0, y=0, width=0, height=0
11:33:56 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
12:2:42 = Process Attach
12:2:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:2:43 = * NULL == SampleProvider *

12:2:43 = ##### Begin waiting Mutex to release process #####
12:2:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:2:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:2:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:2:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:2:43 = Need to re-create objects.
12:2:43 = s1.
12:2:43 = s2.
12:2:44
12:2:44
12:3:18
12:3:18
12:3:19
12:3:19

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:54:44 = Process Attach

23:54:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:54:44 = ##### Begin waiting Mutex to release process #####

23:54:44 = hWnd = 0x00040460; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:54:44 = hWnd = 0x0009048e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:54:44 = hWnd = 0x00070482; ClassName:
x=0, y=0, width=0, height=0
23:54:44 = hWnd = 0x000404a4; ClassName:
x=0, y=0, width=0, height=0
23:54:55 = Process Attach
23:54:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:54:55 = * NULL == SampleProvider *

23:54:55 = begin close Process
23:54:55 = end close Process
23:54:55 = ##### Get event and release process end #####
23:54:55 = hWnd = 0x000b00c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:54:55 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
23:54:55 = hWnd = 0x001800ec; ClassName:
x=0, y=0, width=0, height=0
23:54:55 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
6:36:30 = Process Attach
6:36:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:36:30 = * NULL == SampleProvider *

6:36:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:36:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:36:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:36:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:36:34 = Need to re-create objects.
6:36:34 = s1.
6:36:34 = s2.
6:36:39
6:36:39
6:37:17
6:37:17
6:37:18
6:37:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:48:52 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:48:52 = end process attach

11:48:52 = ***** NULL == SampleProvider *****
11:48:52 = ##### Begin waiting Mutex to release process #####
11:48:52 = hWnd = 0x0002032e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:48:52 = hWnd = 0x000802ea; ClassName:
dow.
x=0, y=0, width=1, height=1
11:48:52 = hWnd = 0x000504b4; ClassName:
x=0, y=0, width=0, height=0
11:48:52 = hWnd = 0x0003032c; ClassName:
x=0, y=0, width=0, height=0
11:49:4 = Process Attach
11:49:4 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:49:4 = ##### Get event and release process #####

11:49:4 = begin close Process
11:49:4 = end close Process
11:49:4 = ##### Get event and release process end #####
11:49:4 = hWnd = 0x000c00d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:49:4 = hWnd = 0x0004002a; ClassName:
ow.
x=0, y=0, width=1, height=1
11:49:4 = hWnd = 0x0005003a; ClassName:
x=0, y=0, width=0, height=0
11:49:4 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
12:30:42 = Process Attach
12:30:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:30:42 = ##### Begin waiting Mutex to release process #####

12:30:42 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:30:42 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:30:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:30:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:30:42 = Need to re-create objects.
12:30:42 = s1.
12:30:42 = s2.
12:30:46 = Start show animate
12:30:46 = Shell Excutute VerifyHost
12:31:5 = begin close Process
12:31:5 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:31:6 = end close Process

12:31:6 = DLL_PROCESS_DETACH
18:0:36 = Process Attach
18:0:36 = end process attach
18:0:36 = ***** NULL == SampleProvider *****
18:0:36 = hWnd = 0x000202fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:0:36 = hWnd = 0x000202f6; ClassName:
ow.
x=0, y=0, width=1, height=1
18:0:36 = hWnd = 0x000b02f0; ClassName:
x=0, y=0, width=0, height=0
18:0:36 = hWnd = 0x000202f8; ClassName:
x=0, y=0, width=0, height=0
18:0:42 = Process Attach
18:0:42 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:0:42 = ##### Get event and release process #####

18:0:42 = begin close Process
18:0:42 = end close Process
18:0:42 = ***** NULL == SampleProvider *****
18:0:42 = hWnd = 0x000e00ee; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:0:42 = hWnd = 0x000e00a6; ClassName:
ow.
x=0, y=0, width=1, height=1
18:0:42 = hWnd = 0x00050092; ClassName:
x=0, y=0, width=0, height=0
18:0:42 = hWnd = 0x001700c8; ClassName:
x=0, y=0, width=0, height=0
18:56:42 = Process Attach
18:56:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:56:42 = * NULL == SampleProvider *

18:56:42 = ##### Begin waiting Mutex to release process #####
18:56:42 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:56:42 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:56:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:56:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:56:44 = Need to re-create objects.
18:56:44 = s1.
18:56:44 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:56:45
18:56:45
18:57:29
18:57:29
18:57:31
18:57:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:53:36 = Process Attach

21:53:36 = end process attach
21:53:36 = ***** NULL == SampleProvider *****
21:53:36 = ##### Begin waiting Mutex to release process #####
21:53:36 = hWnd = 0x002b05ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:53:36 = hWnd = 0x002104d4; ClassName:
dow.
x=0, y=0, width=1, height=1
21:53:36 = hWnd = 0x002304be; ClassName:
x=0, y=0, width=0, height=0
21:53:36 = hWnd = 0x002704b4; ClassName:
x=0, y=0, width=0, height=0
21:54:27 = Process Attach
21:54:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:54:27 = * NULL == SampleProvider *

21:54:27 = begin close Process
21:54:27 = end close Process
21:54:27 = ##### Get event and release process end #####
21:54:27 = hWnd = 0x0022003c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:54:27 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
21:54:27 = hWnd = 0x002c00e4; ClassName:
x=0, y=0, width=0, height=0
21:54:27 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
6:48:0 = Process Attach
6:48:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:48:0 = * NULL == SampleProvider *

6:48:0 = ##### Begin waiting Mutex to release process #####
6:48:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:48:0 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
6:48:0 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:48:0 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:48:1 = Need to re-create objects.

6:48:1 = s1.
6:48:1 = s2.
6:48:1 = Start show animate
6:48:1 = Shell Excutute VerifyHost
6:48:31 = begin close Process
6:48:31 = Terminate Process
6:48:32 = end close Process
6:48:32 = DLL_PROCESS_DETACH
12:38:12 = Process Attach
12:38:12 = end process attach
12:38:12 = ##### Begin waiting Mutex to release process #####
12:38:12 = hWnd = 0x000f04a0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:38:12 = hWnd = 0x001b04fe; ClassName:
dow.
x=0, y=0, width=1, height=1
12:38:12 = hWnd = 0x000e05f2; ClassName:
x=0, y=0, width=0, height=0
12:38:12 = hWnd = 0x0010055c; ClassName:
x=0, y=0, width=0, height=0
12:38:51 = Process Attach
12:38:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:38:51 = * NULL == SampleProvider *

12:38:51 = begin close Process
12:38:51 = end close Process
12:38:51 = ##### Get event and release process end #####
12:38:51 = hWnd = 0x000200bc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:38:51 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
12:38:51 = hWnd = 0x00170112; ClassName:
x=0, y=0, width=0, height=0
12:38:51 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
20:13:34 = Process Attach
20:13:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:13:34 = * NULL == SampleProvider *

20:13:34 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:13:35 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:13:35 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

20:13:35 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
20:13:37 = Need to re-create objects.
20:13:37 = s1.
20:13:37 = s2.
20:13:42
20:13:42
20:14:19
20:14:19
20:14:20
20:14:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:18:50 = Process Attach

22:18:50 = end process attach
22:18:50 = ***** NULL == SampleProvider *****
22:18:50 = ##### Begin waiting Mutex to release process #####
22:18:50 = hWnd = 0x002c0454; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:18:50 = hWnd = 0x000e0468; ClassName:
dow.
x=0, y=0, width=1, height=1
22:18:51 = hWnd = 0x0004047a; ClassName:
x=0, y=0, width=0, height=0
22:18:51 = hWnd = 0x00060490; ClassName:
x=0, y=0, width=0, height=0
22:18:56 = Process Attach
22:18:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:18:56 = * NULL == SampleProvider *

22:18:56 = begin close Process
22:18:56 = end close Process
22:18:56 = ##### Get event and release process end #####
22:18:56 = hWnd = 0x00050060; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:18:56 = hWnd = 0x000c00ea; ClassName:
dow.
x=0, y=0, width=1, height=1
22:18:56 = hWnd = 0x00030090; ClassName:
x=0, y=0, width=0, height=0
22:18:56 = hWnd = 0x000b007c; ClassName:
x=0, y=0, width=0, height=0
5:3:24 = Process Attach
5:3:24 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:3:24 = * NULL == SampleProvider *

5:3:24 = ##### Begin waiting Mutex to release process #####
5:3:24 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

5:3:24 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
5:3:24 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
5:3:24 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
5:3:31 = Need to re-create objects.
5:3:31 = s1.
5:3:31 = s2.
5:3:31
5:3:31
5:3:50
5:3:50
5:3:51
5:3:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:23:17 = Process Attach

7:23:17 = end process attach
7:23:17 = ***** NULL == SampleProvider *****
7:23:17 = hWnd = 0x0004048c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:23:17 = ##### Begin waiting Mutex to release process #####
7:23:17 = hWnd = 0x00020492; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:23:17 = hWnd = 0x0003046c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:23:17 = hWnd = 0x00020484; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:24:7 = Process Attach
7:24:7 = ## ERR ## Setevent
7:24:7 = ***** NULL == SampleProvider *****
7:24:7 = ##### Get event and release process #####
7:24:7 = begin close Process
7:24:7 = end close Process
7:24:7 = ##### Get event and release process end #####
7:24:7 = hWnd = 0x000a006c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:24:7 = hWnd = 0x000600e0; ClassName:
w.
x=0, y=0, width=1, height=1
7:24:7 = hWnd = 0x000900c2; ClassName:
x=0, y=0, width=0, height=0
7:24:7 = hWnd = 0x00060064; ClassName:
x=0, y=0, width=0, height=0
17:46:58 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:46:58 = end process attach

17:46:58 = ***** NULL == SampleProvider *****
17:46:58 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:47:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
17:47:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
17:47:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:47:24 = Need to re-create objects.
17:47:24 = s1.
17:47:24 = s2.
17:47:26 = Start show animate
17:47:26 = Shell Excutute VerifyHost
17:48:0 = begin close Process
17:48:0 = Terminate Process
17:48:1 = end close Process
17:48:1 = DLL_PROCESS_DETACH
19:20:7 = Process Attach
19:20:7 = end process attach
19:20:7 = ***** NULL == SampleProvider *****
19:20:7 = ##### Begin waiting Mutex to release process #####
19:20:7 = hWnd = 0x00060438; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:20:7 = hWnd = 0x00080446; ClassName:
ow.
x=0, y=0, width=1, height=1
19:20:7 = hWnd = 0x001004a4; ClassName:
x=0, y=0, width=0, height=0
19:20:7 = hWnd = 0x00060436; ClassName:
x=0, y=0, width=0, height=0
19:20:31 = Process Attach
19:20:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:20:31 = * NULL == SampleProvider *

19:20:31 = ##### Get event and release process #####
19:20:31 = begin close Process
19:20:31 = end close Process
19:20:31 = ##### Get event and release process end #####
19:20:31 = hWnd = 0x0002005a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:20:31 = hWnd = 0x000a0114; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

19:20:31 = hWnd = 0x00060080; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:20:31 = hWnd = 0x0007011e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:13:11 = Process Attach
20:13:11 = end process attach
20:13:11 = ##### Begin waiting Mutex to release process #####
20:13:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:13:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:13:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:13:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:13:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:13:13 = s1.
20:13:13 = s2.
20:13:13
20:13:13
20:13:36
20:13:36
20:13:37
20:13:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:24:27 = Process Attach

20:24:27 = end process attach
20:24:27 = ***** NULL == SampleProvider *****
20:24:27 = ##### Begin waiting Mutex to release process #####
20:24:27 = hWnd = 0x00020352; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:24:27 = hWnd = 0x000f038c; ClassName:
dow.
x=0, y=0, width=1, height=1
20:24:27 = hWnd = 0x000903cc; ClassName:
x=0, y=0, width=0, height=0
20:24:27 = hWnd = 0x00020426; ClassName:
x=0, y=0, width=0, height=0
20:24:27 = Need to re-create objects.
20:24:27 = s1.
20:24:27 = s2.
20:24:27
20:24:27
20:35:11
20:35:11

=
=
=
=

Start show animate

Shell Excutute VerifyHost
Process Attach
## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:35:11 = ##### Get event and release process #####

20:35:11 = begin close Process
20:35:11 = Terminate Process
20:35:11 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:35:11 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:35:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:35:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:35:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:35:11 = s1.
20:35:11 = s2.
20:35:11
20:35:11
20:35:12
20:35:12

=
=
=
=

Start show animate

Shell Excutute VerifyHost
end close Process
##### Get event and release process end #####

20:35:18
20:35:18
20:35:19
20:35:19
20:35:19

=
=
=
=
=

begin close Process

Terminate Process
begin close Process
end close Process
DLL_PROCESS_DETACH

20:35:19 = end close Process

20:35:19 = DLL_PROCESS_DETACH
20:56:40 = Process Attach
20:56:40 = end process attach
20:56:40 = ***** NULL == SampleProvider *****
20:56:40 = hWnd = 0x00320392; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:56:40 = hWnd = 0x00130408; ClassName:
dow.
x=0, y=0, width=1, height=1
20:56:40 = hWnd = 0x000902f8; ClassName:
x=0, y=0, width=0, height=0
20:56:40 = hWnd = 0x00050352; ClassName:
x=0, y=0, width=0, height=0
20:56:46 = Process Attach
20:56:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:56:46 = * NULL == SampleProvider *

20:56:46 = ##### Get event and release process #####
20:56:46 = begin close Process
20:56:46 = hWnd = 0x002d0078; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

20:56:46 = ##### Get event and release process end #####

9:36:9 = Process Attach
9:36:9 = end process attach
9:36:9 = ***** NULL == SampleProvider *****
9:36:9 = ##### Begin waiting Mutex to release process #####
9:36:9 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:36:9 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:36:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:36:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:36:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:36:10 = s1.
9:36:10 = s2.
9:36:10
9:36:10
9:36:42
9:36:42
9:36:43
9:36:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:34:55 = Process Attach

12:34:55 = end process attach
12:34:55 = ##### Begin waiting Mutex to release process #####
12:34:55 = ***** NULL == SampleProvider *****
12:34:55 = hWnd = 0x002204e0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:34:55 = hWnd = 0x001904a0; ClassName:
dow.
x=0, y=0, width=1, height=1
12:34:55 = hWnd = 0x001405a8; ClassName:
x=0, y=0, width=0, height=0
12:34:55 = hWnd = 0x001704a8; ClassName:
x=0, y=0, width=0, height=0
12:35:11 = Process Attach
12:35:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:35:11 = * NULL == SampleProvider *

12:35:11 = begin close Process
12:35:11 = end close Process
12:35:11 = ##### Get event and release process end #####
12:35:11 = hWnd = 0x000d0070; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

12:35:11 = hWnd = 0x000400bc; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:35:11 = hWnd = 0x000800d4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:35:11 = hWnd = 0x00080052; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:54:9 = Process Attach
12:54:9 = end process attach
12:54:9 = ##### Begin waiting Mutex to release process #####
12:54:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:54:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:54:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:54:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:54:10 = Need to re-create objects.
12:54:10 = s1.
12:54:10 = s2.
12:54:11
12:54:11
12:54:28
12:54:28
12:54:29
12:54:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:24:38 = Process Attach

15:24:38 = end process attach
15:24:38 = ##### Begin waiting Mutex to release process #####
15:24:38 = hWnd = 0x000302ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:24:38 = hWnd = 0x000d05e0; ClassName:
dow.
x=0, y=0, width=1, height=1
15:24:38 = hWnd = 0x00030300; ClassName:
x=0, y=0, width=0, height=0
15:24:38 = hWnd = 0x0010059c; ClassName:
x=0, y=0, width=0, height=0
15:24:41 = Process Attach
15:24:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:24:41 = * NULL == SampleProvider *

15:24:41 = begin close Process
15:24:41 = end close Process
15:24:41 = ##### Get event and release process end #####

15:24:41 = hWnd = 0x000500cc; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:24:41 = hWnd = 0x00180096; ClassName:
dow.
x=0, y=0, width=1, height=1
15:24:41 = hWnd = 0x000600b8; ClassName:
x=0, y=0, width=0, height=0
15:24:41 = hWnd = 0x000a0048; ClassName:
x=0, y=0, width=0, height=0
15:45:6 = Process Attach
15:45:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:45:6 = * NULL == SampleProvider *

15:45:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:45:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:45:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:45:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:45:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:45:8 = s1.
15:45:8 = s2.
15:45:8 = Start show animate
15:45:8 = Shell Excutute VerifyHost
15:45:40 = begin close Process
15:45:40 = Terminate Process
15:45:41 = end close Process
15:45:41 = DLL_PROCESS_DETACH
17:26:28 = Process Attach
17:26:28 = end process attach
17:26:28 = ***** NULL == SampleProvider *****
17:26:28 = hWnd = 0x000802ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:26:28 = hWnd = 0x000303a0; ClassName:
dow.
x=0, y=0, width=1, height=1
17:26:28 = hWnd = 0x0002034c; ClassName:
x=0, y=0, width=0, height=0
17:26:28 = hWnd = 0x0004033e; ClassName:
x=0, y=0, width=0, height=0
17:26:33 = Process Attach
17:26:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:26:33 = ##### Get event and release process #####

17:26:33 = begin close Process
17:26:33 = end close Process

17:26:33 = ##### Get event and release process end #####

17:26:33 = hWnd = 0x00020060; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:26:33 = hWnd = 0x000a00c4; ClassName:
dow.
x=0, y=0, width=1, height=1
17:26:33 = hWnd = 0x00050088; ClassName:
x=0, y=0, width=0, height=0
17:26:33 = hWnd = 0x000500a8; ClassName:
x=0, y=0, width=0, height=0
18:43:9 = Process Attach
18:43:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:43:9 = * NULL == SampleProvider *

18:43:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:43:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:43:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:43:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:43:10 = Need to re-create objects.
18:43:10 = s1.
18:43:10 = s2.
18:43:10
18:43:10
18:43:40
18:43:40
18:43:41
18:43:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:58:11 = Process Attach

18:58:11 = end process attach
18:58:11 = ***** NULL == SampleProvider *****
18:58:11 = ##### Begin waiting Mutex to release process #####
18:58:11 = hWnd = 0x0002033c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:58:11 = hWnd = 0x00040430; ClassName:
dow.
x=0, y=0, width=1, height=1
18:58:11 = hWnd = 0x00020424; ClassName:
x=0, y=0, width=0, height=0
18:58:11 = hWnd = 0x00020336; ClassName:
x=0, y=0, width=0, height=0
18:59:19 = Process Attach
18:59:19 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:59:19 = * NULL == SampleProvider *

18:59:19 = ##### Get event and release process #####
18:59:19 = begin close Process
18:59:19 = end close Process
18:59:19 = hWnd = 0x0005004e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:59:19 = hWnd = 0x00040054; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:6:30 = Process Attach
20:6:31 = end process attach
20:6:31 = ***** NULL == SampleProvider *****
20:6:31 = ##### Begin waiting Mutex to release process #####
20:6:31 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:6:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
20:6:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:6:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:6:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:6:32 = s1.
20:6:32 = s2.
20:6:32
20:6:32
20:7:47
20:7:47
20:7:48
20:7:48

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:3:52 = Process Attach

0:3:52 = end process attach
0:3:52 = ***** NULL == SampleProvider *****
0:3:52 = ##### Begin waiting Mutex to release process #####
0:3:52 = hWnd = 0x000200c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:3:52 = hWnd = 0x000200c0; ClassName:
w.
x=0, y=0, width=1, height=1
0:3:52 = hWnd = 0x0004046c; ClassName:
x=0, y=0, width=0, height=0
0:3:52 = hWnd = 0x000200c2; ClassName:
x=0, y=0, width=0, height=0
0:3:59 = Process Attach
0:3:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:3:59 = * NULL == SampleProvider *

0:3:59 = begin close Process
0:3:59 = end close Process
0:3:59 = ##### Get event and release process end #####
0:3:59 = hWnd = 0x000300b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:3:59 = hWnd = 0x000300c0; ClassName:
w.
x=0, y=0, width=1, height=1
0:3:59 = hWnd = 0x0007008c; ClassName:
x=0, y=0, width=0, height=0
0:3:59 = hWnd = 0x000300d0; ClassName:
x=0, y=0, width=0, height=0
9:46:57 = Process Attach
9:46:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:46:57 = * NULL == SampleProvider *

9:46:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:46:57 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:46:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:46:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:47:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:47:2 = s1.
9:47:2 = s2.
9:47:3 = Start show animate
9:47:3 = Shell Excutute VerifyHost
9:47:27 = begin close Process
9:47:27 = Terminate Process
9:47:28 = end close Process
9:47:28 = DLL_PROCESS_DETACH
16:10:53 = Process Attach
16:10:53 = end process attach
16:10:53 = ***** NULL == SampleProvider *****
16:10:53 = ##### Begin waiting Mutex to release process #####
16:10:53 = hWnd = 0x0003051e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:10:53 = hWnd = 0x001306a0; ClassName:
dow.
x=0, y=0, width=1, height=1
16:10:53 = hWnd = 0x00040522; ClassName:
x=0, y=0, width=0, height=0
16:10:53 = hWnd = 0x0003051c; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

16:11:1 = Process Attach
16:11:1 = ## ERR ## Setevent
16:11:1 = ***** NULL == SampleProvider *****
16:11:1 = begin close Process
16:11:1 = end close Process
16:11:1 = ##### Get event and release process end #####
16:11:1 = hWnd = 0x000200b4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:11:1 = hWnd = 0x00030096; ClassName:
ow.
x=0, y=0, width=1, height=1
16:11:1 = hWnd = 0x00170058; ClassName:
x=0, y=0, width=0, height=0
16:11:1 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
16:51:33 = Process Attach
16:51:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:51:34 = * NULL == SampleProvider *

16:51:34 = ##### Begin waiting Mutex to release process #####
16:51:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:51:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:51:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:51:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:51:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:51:34 = s1.
16:51:34 = s2.
16:51:34
16:51:34
16:51:38
16:51:38
16:51:39
16:51:39

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

19:16:53 = Process Attach

19:16:53 = end process attach
19:16:53 = ***** NULL == SampleProvider *****
19:16:53 = ##### Begin waiting Mutex to release process #####
19:16:53 = hWnd = 0x001504bc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

19:16:53 = hWnd = 0x00530502; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:16:53 = hWnd = 0x002104e0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:16:53 = hWnd = 0x004104aa; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:16:57 = Process Attach
19:16:57 = ## ERR ## Setevent
19:16:57 = ##### Get event and release process #####
19:16:57 = begin close Process
19:16:57 = end close Process
19:16:57 = ##### Get event and release process end #####
19:16:57 = ***** NULL == SampleProvider *****
19:16:57 = hWnd = 0x00020048; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:16:57 = hWnd = 0x026d00e2; ClassName:
dow.
x=0, y=0, width=1, height=1
19:16:57 = hWnd = 0x00030096; ClassName:
x=0, y=0, width=0, height=0
19:16:57 = hWnd = 0x002800da; ClassName:
x=0, y=0, width=0, height=0
8:20:38 = Process Attach
8:20:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:20:38 = * NULL == SampleProvider *

8:20:38 = ##### Begin waiting Mutex to release process #####
8:20:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:20:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:20:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:20:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:21:1 = Need to re-create objects.
8:21:1 = s1.
8:21:1 = s2.
8:21:5 = Start show animate
8:21:5 = Shell Excutute VerifyHost
8:21:18 = begin close Process
8:21:18 = Terminate Process
8:21:19 = end close Process
8:21:19 = DLL_PROCESS_DETACH
8:43:47 = Process Attach
8:43:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:47 = * NULL == SampleProvider *

8:43:47 = ##### Begin waiting Mutex to release process #####
8:43:47 = hWnd = 0x00060504; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:43:47 = hWnd = 0x000a052c; ClassName:
ow.
x=0, y=0, width=1, height=1
8:43:47 = hWnd = 0x000b0532; ClassName:
x=0, y=0, width=0, height=0
8:43:47 = hWnd = 0x001a0472; ClassName:
x=0, y=0, width=0, height=0
8:43:56 = Process Attach
8:43:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:56 = ##### Get event and release process #####

8:43:56 = begin close Process
8:43:56 = end close Process
8:43:56 = ##### Get event and release process end #####
8:43:56 = ***** NULL == SampleProvider *****
8:43:56 = hWnd = 0x001a00ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:43:56 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
8:43:56 = hWnd = 0x000900c0; ClassName:
x=0, y=0, width=0, height=0
8:43:56 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
9:56:57 = Process Attach
9:56:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:56:57 = * NULL == SampleProvider *

9:56:57 = ##### Begin waiting Mutex to release process #####
9:56:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:56:59 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:56:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:56:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:57:0 = Need to re-create objects.
9:57:0 = s1.
9:57:0 = s2.
9:57:1 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:57:1 = Shell Excutute VerifyHost

9:57:35 = begin close Process
9:57:35 = Terminate Process
9:57:36 = end close Process
9:57:36 = DLL_PROCESS_DETACH
11:14:55 = Process Attach
11:14:55 = end process attach
11:14:55 = ***** NULL == SampleProvider *****
11:14:55 = ##### Begin waiting Mutex to release process #####
11:14:55 = hWnd = 0x00020456; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:14:55 = hWnd = 0x0002042c; ClassName:
dow.
x=0, y=0, width=1, height=1
11:14:55 = hWnd = 0x00020434; ClassName:
x=0, y=0, width=0, height=0
11:14:55 = hWnd = 0x00020432; ClassName:
x=0, y=0, width=0, height=0
11:15:3 = Process Attach
11:15:3 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:15:3 = ##### Get event and release process #####

11:15:3 = begin close Process
11:15:3 = end close Process
11:15:3 = ##### Get event and release process end #####
11:15:3 = hWnd = 0x0003006c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:15:3 = hWnd = 0x0003007c; ClassName:
ow.
x=0, y=0, width=1, height=1
11:15:3 = hWnd = 0x000200c8; ClassName:
x=0, y=0, width=0, height=0
11:15:3 = hWnd = 0x0005006e; ClassName:
x=0, y=0, width=0, height=0
13:23:15 = Process Attach
13:23:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:23:15 = * NULL == SampleProvider *

13:23:15 = ##### Begin waiting Mutex to release process #####
13:23:15 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:23:15 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:23:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:23:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:23:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:23:16 = s1.
13:23:16 = s2.
13:23:16
13:23:16
13:23:38
13:23:38
13:23:39
13:23:39

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:52:23 = Process Attach

16:52:23 = end process attach
16:52:23 = ***** NULL == SampleProvider *****
16:52:23 = hWnd = 0x000509fc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:52:23 = hWnd = 0x000c1796; ClassName:
dow.
x=0, y=0, width=1, height=1
16:52:23 = hWnd = 0x002012fc; ClassName:
x=0, y=0, width=0, height=0
16:52:23 = hWnd = 0x00050ddc; ClassName:
x=0, y=0, width=0, height=0
16:52:32 = Process Attach
16:52:32 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:52:32 = * NULL == SampleProvider *

16:52:32 = begin close Process
16:52:32 = end close Process
16:52:32 = ##### Get event and release process end #####
16:52:32 = hWnd = 0x000f00e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:52:32 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
16:52:32 = hWnd = 0x000600d0; ClassName:
x=0, y=0, width=0, height=0
16:52:32 = hWnd = 0x001e00c6; ClassName:
x=0, y=0, width=0, height=0
21:51:47 = Process Attach
21:51:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:51:47 = * NULL == SampleProvider *

21:51:47 = ##### Begin waiting Mutex to release process #####
21:51:47 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:51:47 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:51:48 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

21:51:48 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:51:49 = Need to re-create objects.
21:51:49 = s1.
21:51:49 = s2.
21:51:49
21:51:49
21:52:13
21:52:13
21:52:14
21:52:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:58:22 = Process Attach

21:58:22 = end process attach
21:58:22 = ***** NULL == SampleProvider *****
21:58:22 = ##### Begin waiting Mutex to release process #####
21:58:22 = hWnd = 0x00070344; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:58:22 = hWnd = 0x00060332; ClassName:
dow.
x=0, y=0, width=1, height=1
21:58:22 = hWnd = 0x000a0370; ClassName:
x=0, y=0, width=0, height=0
21:58:22 = hWnd = 0x000804f8; ClassName:
x=0, y=0, width=0, height=0
21:58:26 = Process Attach
21:58:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:58:26 = * NULL == SampleProvider *

21:58:26 = begin close Process
21:58:26 = end close Process
21:58:26 = ##### Get event and release process end #####
21:58:26 = hWnd = 0x000b0058; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:58:26 = hWnd = 0x0003003c; ClassName:
dow.
x=0, y=0, width=1, height=1
21:58:26 = hWnd = 0x000100d6; ClassName:
x=0, y=0, width=0, height=0
21:58:26 = hWnd = 0x002e0036; ClassName:
x=0, y=0, width=0, height=0
21:59:37 = Process Attach
21:59:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:59:37 = * NULL == SampleProvider *

21:59:37 = ##### Begin waiting Mutex to release process #####
21:59:37 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
21:59:38 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
21:59:40 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:59:40 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:59:49 = Need to re-create objects.
21:59:49 = s1.
21:59:49 = s2.
21:59:52 = Start show animate
21:59:52 = Shell Excutute VerifyHost
22:0:26 = begin close Process
22:0:26 = Terminate Process
22:0:27 = end close Process
22:0:27 = DLL_PROCESS_DETACH
23:4:47 = Process Attach
23:4:47 = end process attach
23:4:47 = ##### Begin waiting Mutex to release process #####
23:4:47 = ***** NULL == SampleProvider *****
23:4:47 = hWnd = 0x000504ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:4:47 = hWnd = 0x00060520; ClassName:
ow.
x=0, y=0, width=1, height=1
23:4:47 = hWnd = 0x000b05ce; ClassName:
x=0, y=0, width=0, height=0
23:4:47 = hWnd = 0x000b0524; ClassName:
x=0, y=0, width=0, height=0
23:4:53 = Process Attach
23:4:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:4:53 = * NULL == SampleProvider *

23:4:53 = begin close Process
23:4:53 = end close Process
23:4:53 = ##### Get event and release process end #####
23:4:53 = hWnd = 0x000300d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:4:53 = hWnd = 0x000d0068; ClassName:
ow.
x=0, y=0, width=1, height=1
23:4:53 = hWnd = 0x000300d2; ClassName:
x=0, y=0, width=0, height=0
23:4:53 = hWnd = 0x000900c0; ClassName:
x=0, y=0, width=0, height=0
11:6:16 = Process Attach
11:6:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:16 = * NULL == SampleProvider *

11:6:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:6:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:6:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:6:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:6:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:6:19 = s1.
11:6:19 = s2.
11:6:23 = Start show animate
11:6:23 = Shell Excutute VerifyHost
11:7:1 = begin close Process
11:7:1 = Terminate Process
11:7:2 = end close Process
11:7:2 = DLL_PROCESS_DETACH
23:1:53 = Process Attach
23:1:53 = end process attach
23:1:53 = ***** NULL == SampleProvider *****
23:1:53 = hWnd = 0x00760552; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:1:53 = hWnd = 0x000c043c; ClassName:
ow.
x=0, y=0, width=1, height=1
23:1:53 = hWnd = 0x001d0656; ClassName:
x=0, y=0, width=0, height=0
23:1:53 = hWnd = 0x006204ea; ClassName:
x=0, y=0, width=0, height=0
23:2:17 = Process Attach
23:2:17 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:2:17 = * NULL == SampleProvider *

23:2:17 = begin close Process
23:2:17 = end close Process
23:2:17 = ##### Get event and release process end #####
23:2:17 = hWnd = 0x00060076; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:2:17 = hWnd = 0x0005009a; ClassName:
ow.
x=0, y=0, width=1, height=1
23:2:17 = hWnd = 0x001300c4; ClassName:
x=0, y=0, width=0, height=0
23:2:17 = hWnd = 0x0005009c; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:20:44 = Process Attach

9:20:45 = end process attach
9:20:45 = ***** NULL == SampleProvider *****
9:20:45 = ##### Begin waiting Mutex to release process #####
9:20:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:20:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:20:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:20:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:20:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:20:49 = s1.
9:20:49 = s2.
9:20:52
9:20:52
9:21:31
9:21:31
9:21:32
9:21:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:33:59 = Process Attach

16:33:59 = end process attach
16:33:59 = ***** NULL == SampleProvider *****
16:33:59 = hWnd = 0x0028053a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:33:59 = hWnd = 0x005f055a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:33:59 = hWnd = 0x00190450; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:33:59 = hWnd = 0x014e053c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:33:59 = ##### Begin waiting Mutex to release process #####
16:34:44 = Process Attach
16:34:44 = ## ERR ## Setevent
16:34:44 = ##### Get event and release process #####
16:34:44 = begin close Process
16:34:44 = end close Process
16:34:44 = ##### Get event and release process end #####
16:34:44 = ***** NULL == SampleProvider *****
16:34:44 = hWnd = 0x000a002e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

16:34:44 = hWnd = 0x000500a6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:34:44 = hWnd = 0x000d00ec; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:34:44 = hWnd = 0x000500a8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:22:31 = Process Attach
17:22:31 = end process attach
17:22:31 = ##### Begin waiting Mutex to release process #####
17:22:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:22:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:22:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:22:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:22:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:22:37 = s1.
17:22:37 = s2.
17:22:37 = Start show animate
17:22:37 = Shell Excutute VerifyHost
17:23:4 = begin close Process
17:23:4 = Terminate Process
17:23:5 = end close Process
17:23:5 = DLL_PROCESS_DETACH
23:10:21 = Process Attach
23:10:21 = end process attach
23:10:21 = ***** NULL == SampleProvider *****
23:10:21 = ##### Begin waiting Mutex to release process #####
23:10:21 = hWnd = 0x000b0478; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:10:21 = hWnd = 0x004208e0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:10:21 = hWnd = 0x0008046c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:11:6 = Process Attach
23:11:6 = ## ERR ## Setevent
23:11:6 = ***** NULL == SampleProvider *****
23:11:6 = begin close Process
23:11:6 = end close Process
23:11:6 = ##### Get event and release process end #####
23:11:6 = hWnd = 0x000500e6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
23:11:6 = hWnd = 0x00030046; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
23:11:6 = hWnd = 0x0008006c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:11:6 = hWnd = 0x00030034; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:39:14 = Process Attach
7:39:14 = end process attach
7:39:14 = ##### Begin waiting Mutex to release process #####
7:39:14 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:39:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:39:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:39:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:39:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:39:14 = s1.
7:39:14 = s2.
7:39:14
7:39:14
7:40:15
7:40:15
7:40:16
7:40:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:7:48 = Process Attach

9:7:48 = end process attach
9:7:48 = ***** NULL == SampleProvider *****
9:7:48 = ##### Begin waiting Mutex to release process #####
9:7:48 = hWnd = 0x000605da; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:7:48 = hWnd = 0x00020606; ClassName:
w.
x=0, y=0, width=1, height=1
9:7:48 = hWnd = 0x000a05c6; ClassName:
x=0, y=0, width=0, height=0
9:7:48 = hWnd = 0x00030602; ClassName:
x=0, y=0, width=0, height=0
9:8:14 = Process Attach
9:8:14 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:8:14 = * NULL == SampleProvider *

9:8:14 = begin close Process

9:8:14 = end close Process

9:8:14 = ##### Get event and release process end #####
9:8:14 = hWnd = 0x000300be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:8:14 = hWnd = 0x00030090; ClassName:
w.
x=0, y=0, width=1, height=1
9:8:14 = hWnd = 0x000600e2; ClassName:
x=0, y=0, width=0, height=0
9:8:14 = hWnd = 0x000300aa; ClassName:
x=0, y=0, width=0, height=0
11:24:23 = Process Attach
11:24:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:24:23 = * NULL == SampleProvider *

11:24:23 = ##### Begin waiting Mutex to release process #####
11:24:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:24:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:24:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:24:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:24:23 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:24:23 = s1.
11:24:23 = s2.
11:24:24
11:24:24
11:25:28
11:25:28
11:25:29
11:25:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:46:51 = Process Attach

11:46:51 = end process attach
11:46:51 = ***** NULL == SampleProvider *****
11:46:51 = ##### Begin waiting Mutex to release process #####
11:46:51 = hWnd = 0x00030286; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:46:51 = hWnd = 0x00020272; ClassName:
dow.
x=0, y=0, width=1, height=1
11:46:51 = hWnd = 0x000202a0; ClassName:
x=0, y=0, width=0, height=0
11:46:51 = hWnd = 0x00020278; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:46:57 = Process Attach

11:46:57 = ## ERR ## Setevent
11:46:57 = ##### Get event and release process #####
11:46:57 = begin close Process
11:46:57 = end close Process
11:46:57 = ##### Get event and release process end #####
11:46:57 = ***** NULL == SampleProvider *****
11:46:57 = hWnd = 0x000200e4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:46:57 = hWnd = 0x000200e0; ClassName:
dow.
x=0, y=0, width=1, height=1
11:46:57 = hWnd = 0x000800ca; ClassName:
x=0, y=0, width=0, height=0
11:46:57 = hWnd = 0x000200e2; ClassName:
x=0, y=0, width=0, height=0
15:11:4 = Process Attach
15:11:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:11:4 = * NULL == SampleProvider *

15:11:4 = ##### Begin waiting Mutex to release process #####
15:11:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:11:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:11:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:11:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:11:4 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:11:4 = s1.
15:11:4 = s2.
15:11:4 = Start show animate
15:11:4 = Shell Excutute VerifyHost
15:11:37 = begin close Process
15:11:37 = Terminate Process
15:11:38 = end close Process
15:11:38 = DLL_PROCESS_DETACH
16:42:57 = Process Attach
16:42:58 = end process attach
16:42:58 = ***** NULL == SampleProvider *****
16:42:58 = ##### Begin waiting Mutex to release process #####
16:42:58 = hWnd = 0x000904fc; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

16:42:58 = hWnd = 0x002a12ae; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:42:58 = hWnd = 0x00371214; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:43:30 = Process Attach
16:43:30 = ## ERR ## Setevent
16:43:30 = ##### Get event and release process #####
16:43:30 = begin close Process
16:43:30 = ***** NULL == SampleProvider *****
16:43:30 = hWnd = 0x00180088; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:43:30 = hWnd = 0x000200b8; ClassName:
dow.
x=0, y=0, width=1, height=1
16:43:30 = hWnd = 0x000600d4; ClassName:
x=0, y=0, width=0, height=0
16:43:30 = hWnd = 0x000300c4; ClassName:
x=0, y=0, width=0, height=0
16:44:51 = Process Attach
16:44:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:44:51 = * NULL == SampleProvider *

16:44:51 = ##### Begin waiting Mutex to release process #####
16:44:51 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:44:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:44:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:44:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:44:52 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:44:52 = s1.
16:44:52 = s2.
16:45:4 = Start show animate
16:45:4 = Shell Excutute VerifyHost
16:45:56 = begin close Process
16:45:56 = Terminate Process
16:45:57 = end close Process
16:45:57 = DLL_PROCESS_DETACH
19:15:18 = Process Attach
19:15:18 = end process attach
19:15:18 = ***** NULL == SampleProvider *****
19:15:18 = ##### Begin waiting Mutex to release process #####

19:15:18 = hWnd = 0x00130422; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:15:18 = hWnd = 0x000404a4; ClassName:
dow.
x=0, y=0, width=1, height=1
19:15:18 = hWnd = 0x00200434; ClassName:
x=0, y=0, width=0, height=0
19:15:18 = hWnd = 0x00150548; ClassName:
x=0, y=0, width=0, height=0
19:15:23 = Process Attach
19:15:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:15:23 = ##### Get event and release process #####

19:15:23 = begin close Process
19:15:23 = end close Process
19:15:23 = ##### Get event and release process end #####
19:15:23 = hWnd = 0x000900d4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:15:23 = hWnd = 0x000a00e6; ClassName:
dow.
x=0, y=0, width=1, height=1
19:15:23 = hWnd = 0x000600d8; ClassName:
x=0, y=0, width=0, height=0
19:15:23 = hWnd = 0x00060048; ClassName:
x=0, y=0, width=0, height=0
21:9:51 = Process Attach
21:9:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:9:52 = * NULL == SampleProvider *

21:9:52 = ##### Begin waiting Mutex to release process #####
21:9:54 =
ow.
x=0, y=0,
21:9:54 =
x=0, y=0,
21:9:54 =
x=0, y=0,
21:10:7 =

21:10:7 = s1.
21:10:7 = s2.
21:10:12
21:10:12
21:11:13
21:11:13
21:11:14
21:11:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:5:40 = Process Attach

23:5:40 = end process attach
23:5:40 = ***** NULL == SampleProvider *****

23:5:40 = ##### Begin waiting Mutex to release process #####

23:5:40 = hWnd = 0x0002048e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:5:40 = hWnd = 0x00020486; ClassName:
ow.
x=0, y=0, width=1, height=1
23:5:40 = hWnd = 0x000304a4; ClassName:
x=0, y=0, width=0, height=0
23:5:40 = hWnd = 0x00020488; ClassName:
x=0, y=0, width=0, height=0
23:6:41 = Process Attach
23:6:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:6:41 = * NULL == SampleProvider *

23:6:41 = end close Process
23:6:41 = ##### Get event and release process end #####
23:6:41 = hWnd = 0x000a003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:6:41 = hWnd = 0x00030078; ClassName:
ow.
x=0, y=0, width=1, height=1
23:6:41 = hWnd = 0x000600d6; ClassName:
x=0, y=0, width=0, height=0
23:6:41 = hWnd = 0x0005009c; ClassName:
x=0, y=0, width=0, height=0
7:47:58 = Process Attach
7:47:58 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:47:58 = ##### Begin waiting Mutex to release process #####

7:47:58 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:47:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:47:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:47:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:47:59 = Need to re-create objects.
7:47:59 = s1.
7:47:59 = s2.
7:48:0 = Start show animate
7:48:0 = Shell Excutute VerifyHost
7:48:37 = begin close Process
7:48:37 = Terminate Process
7:48:38 = end close Process
7:48:38 = DLL_PROCESS_DETACH
9:19:6 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:6 = end process attach

9:19:6 = ***** NULL == SampleProvider *****
9:19:6 = hWnd = 0x00080048; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:19:6 = hWnd = 0x000604dc; ClassName:
w.
x=0, y=0, width=1, height=1
9:19:6 = hWnd = 0x000604be; ClassName:
x=0, y=0, width=0, height=0
9:19:6 = hWnd = 0x000404fa; ClassName:
x=0, y=0, width=0, height=0
9:19:23 = Process Attach
9:19:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:23 = * NULL == SampleProvider *

9:19:23 = begin close Process
9:19:23 = end close Process
9:19:23 = hWnd = 0x000a00b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:19:23 = hWnd = 0x000300a6; ClassName:
ow.
x=0, y=0, width=1, height=1
9:19:23 = hWnd = 0x000300c8; ClassName:
x=0, y=0, width=0, height=0
9:19:23 = hWnd = 0x000300b4; ClassName:
x=0, y=0, width=0, height=0
13:29:34 = Process Attach
13:29:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:29:34 = * NULL == SampleProvider *

13:29:34 = ##### Begin waiting Mutex to release process #####
13:29:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:29:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:29:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:29:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:29:34 = Need to re-create objects.
13:29:34 = s1.
13:29:34 = s2.
13:29:34 = Start show animate
13:29:34 = Shell Excutute VerifyHost
13:30:8 = begin close Process
13:30:8 = Terminate Process
13:30:9 = end close Process
13:30:9 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:32:28 = Process Attach

13:32:28 = end process attach
13:32:28 = ***** NULL == SampleProvider *****
13:32:28 = ##### Begin waiting Mutex to release process #####
13:32:28 = hWnd = 0x0003031e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:32:28 = hWnd = 0x0002031a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:32:28 = hWnd = 0x0003044e; ClassName:
x=0, y=0, width=0, height=0
13:32:28 = hWnd = 0x0002031c; ClassName:
x=0, y=0, width=0, height=0
13:32:35 = Process Attach
13:32:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:32:35 = ##### Get event and release process #####

13:32:35 = begin close Process
13:32:35 = end close Process
13:32:35 = ##### Get event and release process end #####
13:32:35 = hWnd = 0x000300e2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:32:35 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
13:32:35 = hWnd = 0x000300c2; ClassName:
x=0, y=0, width=0, height=0
13:32:35 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
15:48:4 = Process Attach
15:48:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:48:4 = * NULL == SampleProvider *

15:48:4 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:48:4 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:48:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:48:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:48:4 = Need to re-create objects.
15:48:4 = s1.
15:48:4 = s2.
15:48:4 = Start show animate
15:48:4 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:48:39
15:48:39
15:48:40
15:48:40

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

23:52:18 = Process Attach

23:52:19 = end process attach
23:52:19 = ***** NULL == SampleProvider *****
23:52:19 = ##### Begin waiting Mutex to release process #####
23:52:19 = hWnd = 0x000f0484; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:52:19 = hWnd = 0x00030b34; ClassName:
dow.
x=0, y=0, width=1, height=1
23:52:19 = hWnd = 0x0023065a; ClassName:
x=0, y=0, width=0, height=0
23:52:19 = hWnd = 0x00030b30; ClassName:
x=0, y=0, width=0, height=0
23:53:1 = Process Attach
23:53:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:53:1 = * NULL == SampleProvider *

23:53:1 = begin close Process
23:53:1 = end close Process
23:53:1 = ##### Get event and release process end #####
23:53:1 = hWnd = 0x00070058; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:53:1 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
23:53:1 = hWnd = 0x001800e4; ClassName:
x=0, y=0, width=0, height=0
23:53:1 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
8:15:16 = Process Attach
8:15:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:16 = * NULL == SampleProvider *

8:15:16 = ##### Begin waiting Mutex to release process #####
8:15:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:15:32 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:15:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:15:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:16:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:16:30 = s1.
8:16:30 = s2.
8:16:31 = Start show animate
8:16:31 = Shell Excutute VerifyHost
8:17:7 = begin close Process
8:17:7 = Terminate Process
8:17:8 = end close Process
8:17:8 = DLL_PROCESS_DETACH
9:19:36 = Process Attach
9:19:36 = end process attach
9:19:36 = ***** NULL == SampleProvider *****
9:19:36 = hWnd = 0x001010c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:19:36 = hWnd = 0x000f1146; ClassName:
ow.
x=0, y=0, width=1, height=1
9:19:36 = hWnd = 0x000710ba; ClassName:
x=0, y=0, width=0, height=0
9:19:36 = hWnd = 0x000710b8; ClassName:
x=0, y=0, width=0, height=0
9:19:44 = Process Attach
9:19:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:19:44 = ##### Get event and release process #####

9:19:44 = begin close Process
9:19:44 = end close Process
9:19:44 = ##### Get event and release process end #####
9:19:44 = hWnd = 0x002a008c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:19:44 = hWnd = 0x0076006e; ClassName:
ow.
x=0, y=0, width=1, height=1
9:19:44 = hWnd = 0x00040088; ClassName:
x=0, y=0, width=0, height=0
9:19:44 = hWnd = 0x00040036; ClassName:
x=0, y=0, width=0, height=0
9:42:12 = Process Attach
9:42:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:42:12 = * NULL == SampleProvider *

9:42:12 = ##### Begin waiting Mutex to release process #####
9:42:12 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:42:14 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:42:15 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

9:42:15 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
9:42:16 = Need to re-create objects.
9:42:16 = s1.
9:42:16 = s2.
9:42:20
9:42:20
9:42:57
9:42:57
9:42:58
9:42:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:21:41 = Process Attach

10:21:41 = end process attach
10:21:41 = ***** NULL == SampleProvider *****
10:21:41 = hWnd = 0x00050670; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:21:41 = hWnd = 0x0004066a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:21:41 = ##### Begin waiting Mutex to release process #####
10:21:41 = hWnd = 0x00030684; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:21:41 = hWnd = 0x00030680; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:22:43 = Process Attach
10:22:43 = ## ERR ## Setevent
10:22:43 = ***** NULL == SampleProvider *****
10:22:43 = ##### Get event and release process #####
10:22:43 = begin close Process
10:22:43 = end close Process
10:22:43 = ##### Get event and release process end #####
10:22:43 = hWnd = 0x000700b8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:22:43 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
10:22:43 = hWnd = 0x000400d6; ClassName:
x=0, y=0, width=0, height=0
10:22:43 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
12:47:4 = Process Attach
12:47:4 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:47:4 = * NULL == SampleProvider *

12:47:4 = ##### Begin waiting Mutex to release process #####

12:47:4 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:47:5 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
12:47:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:47:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:47:6 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:47:6 = s1.
12:47:6 = s2.
12:47:6 = Start show animate
12:47:6 = Shell Excutute VerifyHost
12:47:33 = begin close Process
12:47:33 = Terminate Process
12:47:34 = end close Process
12:47:34 = DLL_PROCESS_DETACH
0:24:6 = Process Attach
0:24:6 = end process attach
0:24:6 = ***** NULL == SampleProvider *****
0:24:6 = hWnd = 0x0030043c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:24:6 = hWnd = 0x000a055e; ClassName:
w.
x=0, y=0, width=1, height=1
0:24:6 = hWnd = 0x00191348; ClassName:
x=0, y=0, width=0, height=0
0:24:6 = hWnd = 0x00180578; ClassName:
x=0, y=0, width=0, height=0
0:24:41 = Process Attach
0:24:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:24:41 = ##### Get event and release process #####

0:24:41 = begin close Process
0:24:41 = end close Process
0:24:41 = ##### Get event and release process end #####
0:24:41 = hWnd = 0x00050088; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:24:41 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:24:41 = hWnd = 0x000f00c2; ClassName:
x=0, y=0, width=0, height=0
0:24:41 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
8:11:13 = Process Attach
8:11:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:11:13 = * NULL == SampleProvider *

8:11:13 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:11:14 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:11:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:11:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:11:17 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:11:18 = s1.
8:11:18 = s2.
8:11:22 = Start show animate
8:11:22 = Shell Excutute VerifyHost
8:11:59 = begin close Process
8:11:59 = Terminate Process
8:12:0 = end close Process
8:12:0 = DLL_PROCESS_DETACH
9:24:41 = Process Attach
9:24:41 = end process attach
9:24:41 = ***** NULL == SampleProvider *****
9:24:41 = hWnd = 0x00020336; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:24:41 = hWnd = 0x00030316; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:41 = hWnd = 0x000402c0; ClassName:
x=0, y=0, width=0, height=0
9:24:41 = hWnd = 0x00030318; ClassName:
x=0, y=0, width=0, height=0
9:24:49 = Process Attach
9:24:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:24:49 = * NULL == SampleProvider *

9:24:49 = begin close Process
9:24:49 = end close Process
9:24:49 = ##### Get event and release process end #####
9:24:49 = hWnd = 0x000a00c0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:24:49 = hWnd = 0x000500a8; ClassName:
ow.
x=0, y=0, width=1, height=1
9:24:49 = hWnd = 0x000600e8; ClassName:
x=0, y=0, width=0, height=0
9:24:49 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
12:49:13 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:49:13 = end process attach

12:49:13 = ##### Begin waiting Mutex to release process #####
12:49:13 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:49:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:49:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:49:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:49:13 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:49:13 = s1.
12:49:13 = s2.
12:49:17
12:49:17
12:49:49
12:49:49
12:49:50
12:49:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:15:43 = Process Attach

14:15:43 = end process attach
14:15:43 = ***** NULL == SampleProvider *****
14:15:43 = ##### Begin waiting Mutex to release process #####
14:15:43 = hWnd = 0x000c0472; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:15:43 = hWnd = 0x00140af4; ClassName:
dow.
x=0, y=0, width=1, height=1
14:15:43 = hWnd = 0x00030496; ClassName:
x=0, y=0, width=0, height=0
14:15:43 = hWnd = 0x001b04a4; ClassName:
x=0, y=0, width=0, height=0
14:16:27 = Process Attach
14:16:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:16:27 = ##### Get event and release process #####

14:16:27 = begin close Process
14:16:27 = end close Process
14:16:27 = ##### Get event and release process end #####
14:16:27 = hWnd = 0x000500ee; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:16:27 = hWnd = 0x00030098; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
14:16:27 = hWnd = 0x00040066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

14:16:27 = hWnd = 0x000200b0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:50:18 = Process Attach
15:50:18 = end process attach
15:50:18 = ***** NULL == SampleProvider *****
15:50:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:50:19 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:50:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:50:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:50:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:50:22 = s1.
15:50:22 = s2.
15:50:26 = Start show animate
15:50:26 = Shell Excutute VerifyHost
15:51:4 = begin close Process
15:51:4 = Terminate Process
15:51:5 = end close Process
15:51:5 = DLL_PROCESS_DETACH
16:27:3 = Process Attach
16:27:3 = end process attach
16:27:6 = ***** NULL == SampleProvider *****
16:27:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:27:6 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
16:27:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:27:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:27:58 = Need to re-create objects.
16:27:58 = s1.
16:27:58 = s2.
16:28:6 = Start show animate
16:28:6 = Shell Excutute VerifyHost
16:28:43 = begin close Process
16:28:43 = Terminate Process
16:28:44 = end close Process
16:28:44 = DLL_PROCESS_DETACH
16:39:52 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:39:52 = end process attach

16:39:52 = ##### Begin waiting Mutex to release process #####
16:39:52 = hWnd = 0x00020434; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:39:52 = hWnd = 0x00020432; ClassName:
dow.
x=0, y=0, width=1, height=1
16:39:52 = hWnd = 0x0002042e; ClassName:
x=0, y=0, width=0, height=0
16:39:52 = hWnd = 0x0002042a; ClassName:
x=0, y=0, width=0, height=0
16:40:1 = Process Attach
16:40:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:40:1 = * NULL == SampleProvider *

16:40:1 = begin close Process
16:40:1 = hWnd = 0x00040054; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:40:1 = ##### Get event and release process end #####
16:40:1 = hWnd = 0x00030066; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:40:1 = hWnd = 0x00050030; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
17:24:25 = Process Attach
17:24:25 = end process attach
17:24:25 = ***** NULL == SampleProvider *****
17:24:25 = ##### Begin waiting Mutex to release process #####
17:24:25 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:24:25 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:24:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:24:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:24:26 = Need to re-create objects.
17:24:26 = s1.
17:24:26 = s2.
17:24:27 = Start show animate
17:24:27 = Shell Excutute VerifyHost
17:25:1 = begin close Process
17:25:1 = Terminate Process
17:25:2 = end close Process
17:25:2 = DLL_PROCESS_DETACH
0:38:20 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:38:20 = end process attach

0:38:20 = ##### Begin waiting Mutex to release process #####
0:38:20 = hWnd = 0x00040a64; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:38:20 = hWnd = 0x00040a52; ClassName:
ow.
x=0, y=0, width=1, height=1
0:38:20 = hWnd = 0x00040a48; ClassName:
x=0, y=0, width=0, height=0
0:38:20 = hWnd = 0x00090a5c; ClassName:
x=0, y=0, width=0, height=0
0:38:57 = Process Attach
0:38:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:38:57 = * NULL == SampleProvider *

0:38:57 = begin close Process
0:38:57 = end close Process
0:38:57 = ##### Get event and release process end #####
0:38:57 = hWnd = 0x000500c2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:38:57 = hWnd = 0x000200b2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:38:57 = hWnd = 0x000500ee; ClassName:
x=0, y=0, width=0, height=0
0:38:57 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
8:46:47 = Process Attach
8:46:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:46:47 = * NULL == SampleProvider *

8:46:47 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:46:47 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:46:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:46:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:46:52 = Need to re-create objects.
8:46:52 = s1.
8:46:52 = s2.
8:46:56
8:46:56
8:47:33
8:47:33
8:47:34
8:47:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:24:24 = Process Attach

16:24:24 = end process attach
16:24:24 = ***** NULL == SampleProvider *****
16:24:24 = ##### Begin waiting Mutex to release process #####
16:24:24 = hWnd = 0x00130682; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:24:25 = hWnd = 0x000404de; ClassName:
dow.
x=0, y=0, width=1, height=1
16:24:25 = hWnd = 0x000404e4; ClassName:
x=0, y=0, width=0, height=0
16:24:25 = hWnd = 0x000404e8; ClassName:
x=0, y=0, width=0, height=0
16:26:3 = Process Attach
16:26:3 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:26:3 = * NULL == SampleProvider *

16:26:3 = begin close Process
16:26:3 = end close Process
16:26:3 = ##### Get event and release process end #####
16:26:3 = hWnd = 0x0006009e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:26:3 = hWnd = 0x0004002a; ClassName:
ow.
x=0, y=0, width=1, height=1
16:26:3 = hWnd = 0x001400de; ClassName:
x=0, y=0, width=0, height=0
16:26:3 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
18:3:6 = Process Attach
18:3:6 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:3:6 = * NULL == SampleProvider *

18:3:6 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:3:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
18:3:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:3:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:3:10 = Need to re-create objects.
18:3:10 = s1.
18:3:10 = s2.
18:3:13 = Start show animate
18:3:13 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:3:53
18:3:53
18:3:54
18:3:54

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

23:11:17 = Process Attach

23:11:17 = end process attach
23:11:17 = ***** NULL == SampleProvider *****
23:11:17 = ##### Begin waiting Mutex to release process #####
23:11:17 = hWnd = 0x0003053a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:11:17 = hWnd = 0x071c050e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:11:17 = hWnd = 0x000310d8; ClassName:
x=0, y=0, width=0, height=0
23:11:17 = hWnd = 0x03950506; ClassName:
x=0, y=0, width=0, height=0
23:11:49 = Process Attach
23:11:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:11:49 = * NULL == SampleProvider *

23:11:49 = begin close Process
23:11:49 = end close Process
23:11:49 = ##### Get event and release process end #####
23:11:49 = hWnd = 0x0007006e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:11:49 = hWnd = 0x00030038; ClassName:
dow.
x=0, y=0, width=1, height=1
23:11:49 = hWnd = 0x000600d8; ClassName:
x=0, y=0, width=0, height=0
23:11:49 = hWnd = 0x0003003c; ClassName:
x=0, y=0, width=0, height=0
7:17:19 = Process Attach
7:17:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:17:19 = * NULL == SampleProvider *

7:17:19 = ##### Begin waiting Mutex to release process #####
7:17:19 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:17:19 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:17:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:17:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:17:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:17:23 = s1.
7:17:23 = s2.
7:17:27 = Start show animate
7:17:27 = Shell Excutute VerifyHost
7:18:2 = begin close Process
7:18:2 = Terminate Process
7:18:3 = end close Process
7:18:3 = DLL_PROCESS_DETACH
14:2:28 = Process Attach
14:2:28 = end process attach
14:2:28 = ***** NULL == SampleProvider *****
14:2:28 = ##### Begin waiting Mutex to release process #####
14:2:28 = hWnd = 0x000900fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:2:28 = hWnd = 0x0005031c; ClassName:
ow.
x=0, y=0, width=1, height=1
14:2:28 = hWnd = 0x00020430; ClassName:
x=0, y=0, width=0, height=0
14:2:28 = hWnd = 0x000302cc; ClassName:
x=0, y=0, width=0, height=0
14:2:51 = Process Attach
14:2:51 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:2:51 = * NULL == SampleProvider *

14:2:51 = begin close Process
14:2:51 = end close Process
14:2:51 = ##### Get event and release process end #####
14:2:51 = hWnd = 0x00050038; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:2:51 = hWnd = 0x000200b4; ClassName:
ow.
x=0, y=0, width=1, height=1
14:2:51 = hWnd = 0x000500e6; ClassName:
x=0, y=0, width=0, height=0
14:2:51 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
14:47:5 = Process Attach
14:47:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:47:5 = ##### Begin waiting Mutex to release process #####

14:47:5 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:47:5 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
14:47:5 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

14:47:5 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
14:47:11 = Need to re-create objects.
14:47:11 = s1.
14:47:11 = s2.
14:47:12
14:47:12
14:47:39
14:47:39
14:47:41
14:47:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:57:57 = Process Attach

0:57:57 = end process attach
0:57:57 = ***** NULL == SampleProvider *****
0:57:57 = ##### Begin waiting Mutex to release process #####
0:57:57 =
ow.
x=0, y=0,
0:57:57 =
x=0, y=0,
0:57:57 =
x=0, y=0,
0:58:46 =
0:58:46 =

hWnd = 0x002e08f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x001b0874; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001d1954; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:58:46 = * NULL == SampleProvider *

0:58:46 = begin close Process
0:58:46 = end close Process
0:58:46 = ##### Get event and release process end #####
0:58:46 = hWnd = 0x000200b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:58:46 = hWnd = 0x005e010a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:58:46 = hWnd = 0x0068011a; ClassName:
x=0, y=0, width=0, height=0
0:58:46 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
8:15:26 = Process Attach
8:15:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:26 = * NULL == SampleProvider *

8:15:26 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:15:26 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
8:15:26 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
8:15:26 =
x=0, y=0,
8:16:26 =

width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

8:16:26 = s1.
8:16:26 = s2.
8:16:26
8:16:26
8:17:40
8:17:40
8:17:41
8:17:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:22:47 = Process Attach

22:22:47 = end process attach
22:22:47 = ##### Begin waiting Mutex to release process #####
22:22:47 = ***** NULL == SampleProvider *****
22:22:47 = hWnd = 0x000704ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:22:47 = hWnd = 0x00090512; ClassName:
dow.
x=0, y=0, width=1, height=1
22:22:47 = hWnd = 0x00130616; ClassName:
x=0, y=0, width=0, height=0
22:22:47 = hWnd = 0x000f03bc; ClassName:
x=0, y=0, width=0, height=0
22:23:48 = Process Attach
22:23:48 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:23:48 = * NULL == SampleProvider *

22:23:48 = hWnd = 0x00e60102; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:23:48 = hWnd = 0x000200ae; ClassName:
dow.
x=0, y=0, width=1, height=1
22:23:48 = hWnd = 0x01040114; ClassName:
x=0, y=0, width=0, height=0
22:23:48 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
22:44:54 = Process Attach
22:44:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:44:56 = * NULL == SampleProvider *

22:44:56 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:44:56 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:44:56 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

22:44:56 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:44:57 = Need to re-create objects.
22:44:57 = s1.
22:44:57 = s2.
22:44:58
22:44:58
22:45:31
22:45:31
22:45:32
22:45:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:1:34 = Process Attach

23:1:34 = end process attach
23:1:34 = ***** NULL == SampleProvider *****
23:1:34 = ##### Begin waiting Mutex to release process #####
23:1:34 = hWnd = 0x0002054c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:1:34 = hWnd = 0x00020552; ClassName:
ow.
x=0, y=0, width=1, height=1
23:1:34 = hWnd = 0x00060336; ClassName:
x=0, y=0, width=0, height=0
23:1:34 = hWnd = 0x0002054e; ClassName:
x=0, y=0, width=0, height=0
23:1:38 = Process Attach
23:1:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:1:38 = ##### Get event and release process #####

23:1:38 = begin close Process
23:1:38 = end close Process
23:1:38 = ##### Get event and release process end #####
23:1:38 = hWnd = 0x000600dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:1:38 = hWnd = 0x0008004c; ClassName:
ow.
x=0, y=0, width=1, height=1
23:1:38 = hWnd = 0x000100e4; ClassName:
x=0, y=0, width=0, height=0
23:1:38 = hWnd = 0x000e00ba; ClassName:
x=0, y=0, width=0, height=0
7:38:45 = Process Attach
7:38:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:38:45 = * NULL == SampleProvider *

7:38:45 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

7:38:47 =
ow.
x=0, y=0,
7:38:47 =
x=0, y=0,
7:38:47 =
x=0, y=0,
7:38:52 =

7:38:52 = s1.
7:38:52 = s2.
7:38:52
7:38:52
7:39:33
7:39:33
7:39:34
7:39:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:42:9 = Process Attach

15:42:9 = end process attach
15:42:9 = ***** NULL == SampleProvider *****
15:42:9 = ##### Begin waiting Mutex to release process #####
15:42:9 = hWnd = 0x00070404; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:42:9 = hWnd = 0x000d0456; ClassName:
ow.
x=0, y=0, width=1, height=1
15:42:9 = hWnd = 0x000804cc; ClassName:
x=0, y=0, width=0, height=0
15:42:9 = hWnd = 0x00070422; ClassName:
x=0, y=0, width=0, height=0
15:43:0 = Process Attach
15:43:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:43:0 = * NULL == SampleProvider *

15:43:0 = begin close Process
15:43:0 = end close Process
15:43:0 = ##### Get event and release process end #####
15:43:0 = hWnd = 0x000700c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:43:0 = hWnd = 0x000200b6; ClassName:
ow.
x=0, y=0, width=1, height=1
15:43:0 = hWnd = 0x000d00d4; ClassName:
x=0, y=0, width=0, height=0
15:43:0 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
16:21:35 = Process Attach
16:21:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:21:35 = * NULL == SampleProvider *

16:21:35 = ##### Begin waiting Mutex to release process #####

16:21:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:21:36 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:21:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:21:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:21:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:21:41 = s1.
16:21:41 = s2.
16:21:42
16:21:42
16:22:17
16:22:17
16:22:18
16:22:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:56:22 = Process Attach

23:56:22 = end process attach
23:56:22 = ***** NULL == SampleProvider *****
23:56:22 = ##### Begin waiting Mutex to release process #####
23:56:22 = hWnd = 0x004d0588; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:56:22 = hWnd = 0x0004040e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:56:22 = hWnd = 0x0007051e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:56:51 = Process Attach
23:56:51 = ## ERR ## Setevent
23:56:51 = ***** NULL == SampleProvider *****
23:56:51 = begin close Process
23:56:51 = end close Process
23:56:51 = ##### Get event and release process end #####
23:56:51 = hWnd = 0x00080084; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:56:51 = hWnd = 0x000200b4; ClassName:
dow.
x=0, y=0, width=1, height=1
23:56:51 = hWnd = 0x00320124; ClassName:
x=0, y=0, width=0, height=0
23:56:51 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
7:51:38 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:51:38 = end process attach

7:51:38 = ***** NULL == SampleProvider *****
7:51:39 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:51:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:51:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:51:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:51:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:51:43 = s1.
7:51:43 = s2.
7:51:45
7:51:45
7:52:23
7:52:23
7:52:24
7:52:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:23:16 = Process Attach

23:23:16 = end process attach
23:23:16 = ***** NULL == SampleProvider *****
23:23:16 = ##### Begin waiting Mutex to release process #####
23:23:16 = hWnd = 0x004d0762; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:23:16 = hWnd = 0x001805e8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:23:16 = hWnd = 0x00180bb0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:24:13 = Process Attach
23:24:13 = ## ERR ## Setevent
23:24:13 = ***** NULL == SampleProvider *****
23:24:13 = begin close Process
23:24:13 = end close Process
23:24:13 = ##### Get event and release process end #####
23:24:13 = hWnd = 0x0007009c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:24:13 = hWnd = 0x000200b0; ClassName:
dow.
x=0, y=0, width=1, height=1
23:24:13 = hWnd = 0x000c005e; ClassName:
x=0, y=0, width=0, height=0
23:24:13 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:8:1 = Process Attach

7:8:1 = end process attach
7:8:1 = ***** NULL == SampleProvider *****
7:8:1 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:8:1 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
7:8:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:8:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:8:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:8:2 = s1.
7:8:2 = s2.
7:8:6 = Start show animate
7:8:6 = Shell Excutute VerifyHost
7:8:38 = begin close Process
7:8:38 = Terminate Process
7:8:39 = end close Process
7:8:39 = DLL_PROCESS_DETACH
15:31:3 = Process Attach
15:31:3 = end process attach
15:31:3 = ***** NULL == SampleProvider *****
15:31:3 = ##### Begin waiting Mutex to release process #####
15:31:3 = hWnd = 0x001e050a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:31:3 = hWnd = 0x001b057c; ClassName:
ow.
x=0, y=0, width=1, height=1
15:31:3 = hWnd = 0x002605bc; ClassName:
x=0, y=0, width=0, height=0
15:31:3 = hWnd = 0x001b0016; ClassName:
x=0, y=0, width=0, height=0
15:32:30 = Process Attach
15:32:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:32:30 = * NULL == SampleProvider *

15:32:30 = begin close Process
15:32:30 = end close Process
15:32:30 = ##### Get event and release process end #####
15:32:30 = hWnd = 0x000200ac; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:32:30 = hWnd = 0x0004003e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

15:32:30 = hWnd = 0x00770108; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
15:32:30 = hWnd = 0x0004003c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:47:0 = Process Attach
19:47:0 = end process attach
19:47:0 = ***** NULL == SampleProvider *****
19:47:0 = ##### Begin waiting Mutex to release process #####
19:47:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:47:1 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
19:47:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:47:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:47:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:47:3 = s1.
19:47:3 = s2.
19:47:8 = Start show animate
19:47:8 = Shell Excutute VerifyHost
19:47:47 = begin close Process
19:47:47 = Terminate Process
19:47:48 = end close Process
19:47:48 = DLL_PROCESS_DETACH
0:55:12 = Process Attach
0:55:12 = end process attach
0:55:12 = ***** NULL == SampleProvider *****
0:55:12 = ##### Begin waiting Mutex to release process #####
0:55:12 =
ow.
x=0, y=0,
0:55:12 =
x=0, y=0,
0:55:12 =
x=0, y=0,
0:55:53 =
0:55:53 =

hWnd = 0x00050460; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0002041c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00020328; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:55:53 = * NULL == SampleProvider *

0:55:53 = begin close Process
0:55:53 = end close Process
0:55:53 = ##### Get event and release process end #####
0:55:53 = hWnd = 0x00030090; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

0:55:53 =
ow.
x=0, y=0,
0:55:53 =
x=0, y=0,
0:55:53 =
x=0, y=0,
7:53:32 =
7:53:32 =

hWnd = 0x007600ea; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00190108; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0003002e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:53:32 = * NULL == SampleProvider *

7:53:32 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:53:33 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:53:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:53:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:53:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:53:36 = s1.
7:53:36 = s2.
7:53:41
7:53:41
7:54:19
7:54:19
7:54:20
7:54:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:39:8 = Process Attach

20:39:8 = end process attach
20:39:8 = ***** NULL == SampleProvider *****
20:39:8 = ##### Begin waiting Mutex to release process #####
20:39:8 = hWnd = 0x00050496; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
20:39:8 = hWnd = 0x000704b2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:39:8 = hWnd = 0x00260662; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:40:10 = Process Attach
20:40:10 = ## ERR ## Setevent
20:40:10 = ***** NULL == SampleProvider *****
20:40:10 = end close Process
20:40:10 = ##### Get event and release process end #####
20:40:10 = hWnd = 0x01100102; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

20:40:10 = hWnd = 0x0003003e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:40:10 = hWnd = 0x0006002e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:40:10 = hWnd = 0x0004009a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:36:11 = Process Attach
1:36:11 = end process attach
1:36:11 = ***** NULL == SampleProvider *****
1:36:11 = ##### Begin waiting Mutex to release process #####
1:36:11 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:36:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:36:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:36:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:36:15 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:36:16 = s1.
1:36:16 = s2.
1:36:19
1:36:19
1:36:56
1:36:56
1:36:58
1:36:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:59:57 = Process Attach

2:59:57 = end process attach
2:59:57 = ***** NULL == SampleProvider *****
2:59:57 = hWnd = 0x00020314; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:59:57 = hWnd = 0x00020310; ClassName:
ow.
x=0, y=0, width=1, height=1
2:59:57 = hWnd = 0x00040376; ClassName:
x=0, y=0, width=0, height=0
2:59:57 = hWnd = 0x00020312; ClassName:
x=0, y=0, width=0, height=0
3:0:2 = Process Attach
3:0:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:0:2 = * NULL == SampleProvider *

3:0:2 = hWnd = 0x0007009a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768

3:0:2 = hWnd = 0x000600f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
3:0:2 = hWnd = 0x000600d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:0:2 = hWnd = 0x0004005c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:20:20 = Process Attach
9:20:20 = end process attach
9:20:20 = ##### Begin waiting Mutex to release process #####
9:20:20 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:20:20 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:20:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:20:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:20:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:20:29 = s1.
9:20:29 = s2.
9:20:29
9:20:29
9:20:55
9:20:55
9:20:56
9:20:56

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:36:31 = * NULL == SampleProvider *

6:36:31 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:36:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:36:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:36:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:36:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:36:31 = s1.
6:36:31 = s2.
6:36:32 = Start show animate
6:36:32 = Shell Excutute VerifyHost
6:37:5 = begin close Process
6:37:5 = Terminate Process
6:37:6 = end close Process
6:37:6 = DLL_PROCESS_DETACH
21:24:37 = Process Attach
21:24:37 = end process attach
21:24:37 = ***** NULL == SampleProvider *****
21:24:37 = ##### Begin waiting Mutex to release process #####
21:24:38 = hWnd = 0x0003002c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

21:24:38 = hWnd = 0x00010032; ClassName:
dow.
x=0, y=0, width=1, height=1
21:24:38 = hWnd = 0x00020024; ClassName:
x=32, y=50, width=1025, height=556
21:24:38 = hWnd = 0x00020016; ClassName:
x=19, y=25, width=1025, height=556
21:24:38 = hWnd = 0x00010042; ClassName:
x=0, y=0, width=0, height=0
21:24:38 = hWnd = 0x00010034; ClassName:
x=0, y=0, width=0, height=0
21:24:38 = hWnd = 0x00010018; ClassName:
x=0, y=0, width=0, height=0
21:24:39 = Need to re-create objects.

GDI+ Hook Window Class; Title: GDI+ Win

NVSVC64.DLL; Title: NvSvc.
UxdService; Title: UxdService.
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.
IME; Title: Default IME.

21:24:39 = s1.
21:24:39 = s2.
21:24:41
21:24:41
21:25:19
21:25:19
21:25:20
21:25:20

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

3:10:3 = Process Attach

3:10:3 = end process attach
3:10:3 = ***** NULL == SampleProvider *****
3:10:3 = ##### Begin waiting Mutex to release process #####
3:10:3 = hWnd = 0x000304aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:10:3 = hWnd = 0x000204b0; ClassName:
w.
x=0, y=0, width=1, height=1
3:10:3 = hWnd = 0x001804a8; ClassName:
x=0, y=0, width=0, height=0
3:10:3 = hWnd = 0x001304a4; ClassName:
x=0, y=0, width=0, height=0
3:11:27 = Process Attach
3:11:27 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:11:27 = * NULL == SampleProvider *

3:11:27 = begin close Process
3:11:27 = end close Process
3:11:27 = ##### Get event and release process end #####
3:11:27 =
x=0, y=0,
3:11:27 =
x=0, y=0,
7:45:49 =
7:45:49 =

hWnd = 0x00b40104; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00ce0114; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:45:49 = * NULL == SampleProvider *

7:45:49 = ##### Begin waiting Mutex to release process #####
7:45:49 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:45:50 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:45:50 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:45:50 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:45:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:45:57 = s1.
7:45:57 = s2.
7:45:58
7:45:58
7:46:35
7:46:35
7:46:36
7:46:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:7:3 = Process Attach

1:7:4 = end process attach
1:7:4 = ***** NULL == SampleProvider *****
1:7:4 = ##### Begin waiting Mutex to release process #####
1:7:4 = hWnd = 0x00060404; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:7:4 = hWnd = 0x00190508; ClassName:
.
x=0, y=0, width=1, height=1
1:7:4 = hWnd = 0x00160624; ClassName:
x=0, y=0, width=0, height=0
1:7:4 = hWnd = 0x0031054e; ClassName:
x=0, y=0, width=0, height=0
1:7:35 = Process Attach
1:7:35 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:7:35 = * NULL == SampleProvider *

1:7:35 = begin close Process
1:7:35 = end close Process
1:7:35 = ##### Get event and release process end #####
1:7:35 = hWnd = 0x01600116; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:7:35 = hWnd = 0x00070098; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:7:35 = hWnd = 0x005d009c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

1:7:35 = hWnd = 0x0006009a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:47:59 = Process Attach
7:47:59 = end process attach
7:47:59 = ***** NULL == SampleProvider *****
7:47:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:48:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:48:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:48:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:48:2 = Need to re-create objects.
7:48:2 = s1.
7:48:2 = s2.
7:48:6 = Start show animate
7:48:6 = Shell Excutute VerifyHost
7:48:43 = begin close Process
7:48:43 = Terminate Process
7:48:44 = end close Process
7:48:44 = DLL_PROCESS_DETACH
13:24:12 = Process Attach
13:24:12 = end process attach
13:24:12 = ***** NULL == SampleProvider *****
13:24:12 = ##### Begin waiting Mutex to release process #####
13:24:12 = hWnd = 0x00090554; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:24:12 = hWnd = 0x000c04be; ClassName:
dow.
x=0, y=0, width=1, height=1
13:24:12 = hWnd = 0x00270680; ClassName:
x=0, y=0, width=0, height=0
13:24:12 = hWnd = 0x00240548; ClassName:
x=0, y=0, width=0, height=0
13:27:41 = Process Attach
13:27:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:27:41 = * NULL == SampleProvider *

13:27:41 = begin close Process
13:27:41 = end close Process
13:27:41 = ##### Get event and release process end #####
13:27:41 = hWnd = 0x000200c0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

13:27:41 = hWnd = 0x000c011e; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:27:41 = hWnd = 0x000200b4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:27:41 = hWnd = 0x000200be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:30:47 = Process Attach
13:30:47 = end process attach
13:30:47 = ##### Begin waiting Mutex to release process #####
13:30:47 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:30:47 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:30:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:30:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:30:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:30:51 = s1.
13:30:51 = s2.
13:30:54
13:30:54
13:31:26
13:31:26
13:31:27
13:31:27

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:20:20 = Process Attach

1:20:20 = end process attach
1:20:20 = ***** NULL == SampleProvider *****
1:20:20 = ##### Begin waiting Mutex to release process #####
1:20:20 = hWnd = 0x000b00f2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:20:20 =
x=0, y=0,
1:20:20 =
x=0, y=0,
1:21:16 =
1:21:16 =

hWnd = 0x003b04ec; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x0042070a; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:21:16 = * NULL == SampleProvider *

1:21:16 = end close Process
1:21:16 = ##### Get event and release process end #####
1:21:16 = hWnd = 0x000b00cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:21:16 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:21:16 = hWnd = 0x00570060; ClassName:
x=0, y=0, width=0, height=0
1:21:16 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
7:29:28 = Process Attach
7:29:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:29:28 = * NULL == SampleProvider *

7:29:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:29:28 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:29:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:29:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:29:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:29:32 = s1.
7:29:32 = s2.
7:29:32
7:29:32
7:30:25
7:30:25
7:30:26
7:30:26

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:34:21 = Process Attach

16:34:21 = end process attach
16:34:21 = ***** NULL == SampleProvider *****
16:34:21 = ##### Begin waiting Mutex to release process #####
16:34:21 = hWnd = 0x000503fc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

16:34:21 = hWnd = 0x0002043a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:34:21 = hWnd = 0x0002041c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:34:21 = hWnd = 0x00030400; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:34:45 = Process Attach
16:34:45 = ## ERR ## Setevent
16:34:45 = ***** NULL == SampleProvider *****
16:34:45 = begin close Process
16:34:45 = end close Process
16:34:45 = ##### Get event and release process end #####
16:34:45 = hWnd = 0x0002011a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:34:45 = hWnd = 0x00020116; ClassName:
dow.
x=0, y=0, width=1, height=1
16:34:45 = hWnd = 0x0005010c; ClassName:
x=0, y=0, width=0, height=0
16:34:45 = hWnd = 0x00020118; ClassName:
x=0, y=0, width=0, height=0
22:12:38 = Process Attach
22:12:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:12:38 = * NULL == SampleProvider *

22:12:38 = ##### Begin waiting Mutex to release process #####
22:12:38 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:12:39 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:12:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:12:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:12:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:12:42 = s1.
22:12:42 = s2.
22:12:46
22:12:46
22:13:23
22:13:23
22:13:24
22:13:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:59:30 = Process Attach

22:59:30 = end process attach
22:59:30 = ***** NULL == SampleProvider *****

22:59:30 = ##### Begin waiting Mutex to release process #####

22:59:30 = hWnd = 0x0005049c; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:59:30 = hWnd = 0x000304b0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:59:30 = hWnd = 0x00060498; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:59:59 = Process Attach
22:59:59 = ## ERR ## Setevent
22:59:59 = ##### Get event and release process #####
22:59:59 = begin close Process
22:59:59 = end close Process
22:59:59 = ##### Get event and release process end #####
22:59:59 = hWnd = 0x000200b6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
22:59:59 = hWnd = 0x00060050; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:59:59 = hWnd = 0x000200ba; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:25:57 = Process Attach
23:25:57 = end process attach
23:25:57 = ***** NULL == SampleProvider *****
23:25:57 = ##### Begin waiting Mutex to release process #####
23:25:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:25:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:25:57 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:25:57 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:25:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:25:59 = s1.
23:25:59 = s2.
23:26:1 = Start show animate
23:26:1 = Shell Excutute VerifyHost
23:26:33 = begin close Process
23:26:33 = Terminate Process
23:26:34 = end close Process
23:26:34 = DLL_PROCESS_DETACH
14:37:0 = Process Attach
14:37:0 = end process attach
14:37:0 = ***** NULL == SampleProvider *****

14:37:0 = ##### Begin waiting Mutex to release process #####

14:37:0 = hWnd = 0x002b0556; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
14:37:0 = hWnd = 0x05fa04ae; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:37:0 = hWnd = 0x00230696; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:37:38 = Process Attach
14:37:38 = ## ERR ## Setevent
14:37:38 = ***** NULL == SampleProvider *****
14:37:38 = begin close Process
14:37:38 = end close Process
14:37:38 = ##### Get event and release process end #####
14:37:38 = hWnd = 0x000b0098; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:37:38 = hWnd = 0x000300bc; ClassName:
dow.
x=0, y=0, width=1, height=1
14:37:38 = hWnd = 0x0006003e; ClassName:
x=0, y=0, width=0, height=0
14:37:38 = hWnd = 0x000200be; ClassName:
x=0, y=0, width=0, height=0
14:39:19 = Process Attach
14:39:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:39:19 = * NULL == SampleProvider *

14:39:19 = ##### Begin waiting Mutex to release process #####
14:39:19 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:39:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:39:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:39:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:39:22 = Need to re-create objects.
14:39:22 = s1.
14:39:22 = s2.
14:39:26 = Start show animate
14:39:26 = Shell Excutute VerifyHost
14:40:6 = begin close Process
14:40:6 = Terminate Process
14:40:7 = end close Process
14:40:7 = DLL_PROCESS_DETACH
23:27:2 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:27:2 = end process attach

23:27:2 = ***** NULL == SampleProvider *****
23:27:2 = ##### Begin waiting Mutex to release process #####
23:27:2 = hWnd = 0x001904f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:27:2 = hWnd = 0x199f063e; ClassName:
ow.
x=0, y=0, width=1, height=1
23:27:2 = hWnd = 0x00880510; ClassName:
x=0, y=0, width=0, height=0
23:27:2 = hWnd = 0x00280ce0; ClassName:
x=0, y=0, width=0, height=0
23:45:16 = Process Attach
23:45:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:45:16 = ##### Begin waiting Mutex to release process #####

23:45:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:45:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:45:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:45:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:45:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:45:44 = s1.
23:45:44 = s2.
23:46:15
23:46:15
23:46:52
23:46:52
23:46:53
23:46:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:47:36 = Process Attach

0:47:36 = end process attach
0:47:36 = ##### Begin waiting Mutex to release process #####
0:47:36 = hWnd = 0x00030482; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:47:36 = hWnd = 0x0008048a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:47:36 = hWnd = 0x00030492; ClassName:
x=0, y=0, width=0, height=0
0:47:36 = hWnd = 0x00050480; ClassName:
x=0, y=0, width=0, height=0
0:48:18 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:48:18 = ## ERR ## Setevent

0:48:18 = ***** NULL == SampleProvider *****
0:48:18 = begin close Process
0:48:18 = end close Process
0:48:18 = ##### Get event and release process end #####
0:48:18 = hWnd = 0x000200a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:48:18 = hWnd = 0x000a0066; ClassName:
ow.
x=0, y=0, width=1, height=1
0:48:18 = hWnd = 0x000300b6; ClassName:
x=0, y=0, width=0, height=0
0:48:18 = hWnd = 0x0002009a; ClassName:
x=0, y=0, width=0, height=0
8:38:7 = Process Attach
8:38:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:38:7 = * NULL == SampleProvider *

8:38:7 = ##### Begin waiting Mutex to release process #####
8:38:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:38:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:38:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:38:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:38:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:38:11 = s1.
8:38:11 = s2.
8:38:14
8:38:14
8:38:52
8:38:52
8:38:53
8:38:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:13:39 = Process Attach

13:13:39 = end process attach
13:13:39 = ***** NULL == SampleProvider *****
13:13:39 = hWnd = 0x000304ae; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:13:39 = ##### Begin waiting Mutex to release process #####
13:13:39 = hWnd = 0x000504b0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

13:13:39 = hWnd = 0x0002047a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
13:14:7 = Process Attach
13:14:7 = ## ERR ## Setevent
13:14:7 = ***** NULL == SampleProvider *****
13:14:7 = begin close Process
13:14:7 = end close Process
13:14:7 = ##### Get event and release process end #####
13:14:7 = hWnd = 0x000a00d8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:14:7 = hWnd = 0x000400ae; ClassName:
ow.
x=0, y=0, width=1, height=1
13:14:7 = hWnd = 0x00070064; ClassName:
x=0, y=0, width=0, height=0
13:14:7 = hWnd = 0x000200aa; ClassName:
x=0, y=0, width=0, height=0
13:36:53 = Process Attach
13:36:53 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:36:53 = * NULL == SampleProvider *

13:36:53 = ##### Begin waiting Mutex to release process #####
13:36:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:36:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:36:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:36:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:36:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:36:57 = s1.
13:36:57 = s2.
13:37:1 = Start show animate
13:37:1 = Shell Excutute VerifyHost
13:37:38 = begin close Process
13:37:38 = Terminate Process
13:37:39 = end close Process
13:37:39 = DLL_PROCESS_DETACH
15:18:17 = Process Attach
15:18:17 = end process attach
15:18:17 = ***** NULL == SampleProvider *****
15:18:17 = ##### Begin waiting Mutex to release process #####
15:18:17 = hWnd = 0x000602a8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

15:18:17 = hWnd = 0x000904f0; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:18:17 = hWnd = 0x000f0594; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:18:17 = hWnd = 0x0007055a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:18:26 = Process Attach
15:18:26 = ## ERR ## Setevent
15:18:26 = ##### Get event and release process #####
15:18:26 = begin close Process
15:18:26 = end close Process
15:18:26 = ##### Get event and release process end #####
15:18:26 = hWnd = 0x000f00c4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:18:26 = hWnd = 0x00050050; ClassName:
dow.
x=0, y=0, width=1, height=1
15:18:26 = hWnd = 0x0009004e; ClassName:
x=0, y=0, width=0, height=0
15:18:26 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
18:10:3 = Process Attach
18:10:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:10:3 = ##### Begin waiting Mutex to release process #####

18:10:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:10:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
18:10:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:10:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:10:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:10:10 = s1.
18:10:10 = s2.
18:10:11
18:10:11
18:10:44
18:10:44
18:10:45
18:10:45

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:47:51 = Process Attach

0:47:51 = end process attach
0:47:51 = ***** NULL == SampleProvider *****

0:47:51 = ##### Begin waiting Mutex to release process #####

0:47:51 =
ow.
x=0, y=0,
0:47:51 =
x=0, y=0,
0:47:51 =
x=0, y=0,
0:48:45 =
0:48:45 =

hWnd = 0x025a051e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x18be036e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x032f050e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:48:45 = * NULL == SampleProvider *

0:48:45 = begin close Process
0:48:45 = end close Process
0:48:45 = ##### Get event and release process end #####
0:48:45 = hWnd = 0x00760124; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:48:45 = hWnd = 0x00040050; ClassName:
ow.
x=0, y=0, width=1, height=1
0:48:45 = hWnd = 0x00440128; ClassName:
x=0, y=0, width=0, height=0
0:48:45 = hWnd = 0x000300ae; ClassName:
x=0, y=0, width=0, height=0
7:25:26 = Process Attach
7:25:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:25:26 = * NULL == SampleProvider *

7:25:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:25:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:25:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:25:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:25:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:25:30 = s1.
7:25:30 = s2.
7:25:34
7:25:34
7:26:11
7:26:11
7:26:12
7:26:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:35:24 = Process Attach

0:35:25 = end process attach
0:35:25 = ***** NULL == SampleProvider *****

0:35:25 = ##### Begin waiting Mutex to release process #####

0:35:27 = hWnd = 0x00080366; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:35:27 = hWnd = 0x00250472; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:27 = hWnd = 0x00260360; ClassName:
x=0, y=0, width=0, height=0
0:35:27 = hWnd = 0x001804b0; ClassName:
x=0, y=0, width=0, height=0
0:36:57 = Process Attach
0:36:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:36:57 = * NULL == SampleProvider *

0:36:57 = begin close Process
0:36:57 = end close Process
0:36:57 = ##### Get event and release process end #####
0:36:57 = hWnd = 0x000200b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:36:57 = hWnd = 0x002000b0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:36:57 = hWnd = 0x00d200c0; ClassName:
x=0, y=0, width=0, height=0
0:36:57 = hWnd = 0x000e0090; ClassName:
x=0, y=0, width=0, height=0
8:48:45 = Process Attach
8:48:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:48:45 = ##### Begin waiting Mutex to release process #####

8:48:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:48:45 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:48:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:48:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:48:50 = Need to re-create objects.
8:48:50 = s1.
8:48:50 = s2.
8:48:52
8:48:52
8:49:24
8:49:24
8:49:25
8:49:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:38:51 = Process Attach

9:38:51 = end process attach
9:38:51 = ***** NULL == SampleProvider *****
9:38:51 = ##### Begin waiting Mutex to release process #####
9:38:51 = hWnd = 0x0004019e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:38:51 = hWnd = 0x000404c4; ClassName:
ow.
x=0, y=0, width=1, height=1
9:38:51 = hWnd = 0x000504ce; ClassName:
x=0, y=0, width=0, height=0
9:38:51 = hWnd = 0x000304b4; ClassName:
x=0, y=0, width=0, height=0
9:41:39 = Process Attach
9:41:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:41:39 = * NULL == SampleProvider *

9:41:39 =
9:41:39 =
ow.
x=0, y=0,
9:41:39 =

begin close Process

hWnd = 0x000300a8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

9:41:39 =
x=0, y=0,
9:43:56 =
9:43:56 =

hWnd = 0x000200aa; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

width=1, height=1
##### Get event and release process end #####

9:43:56 = * NULL == SampleProvider *

9:43:56 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:43:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:43:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:43:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:43:59 = Need to re-create objects.
9:43:59 = s1.
9:43:59 = s2.
9:43:59
9:43:59
9:44:45
9:44:45
9:44:46
9:44:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:0:38 = Process Attach

1:0:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:0:38 = * NULL == SampleProvider *

1:0:38 = hWnd = 0x03d9177a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:0:38 = hWnd = 0x0081079a; ClassName:
w.
x=0, y=0, width=1, height=1
1:0:38 = hWnd = 0x0009047a; ClassName:
x=0, y=0, width=0, height=0
1:0:38 = hWnd = 0x03410ad4; ClassName:
x=0, y=0, width=0, height=0
1:1:38 = Process Attach
1:1:38 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:38 = * NULL == SampleProvider *

1:1:38 = begin close Process
1:1:38 = end close Process
1:1:38 = ##### Get event and release process end #####
1:1:38 = hWnd = 0x00af00f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:38 = hWnd = 0x000700b4; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:38 = hWnd = 0x008e00f8; ClassName:
x=0, y=0, width=0, height=0
1:1:38 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
7:19:55 = Process Attach
7:19:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:19:55 = * NULL == SampleProvider *

7:19:55 = ##### Begin waiting Mutex to release process #####
7:19:55 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:19:55 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:19:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:19:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:20:0 = Need to re-create objects.
7:20:0 = s1.
7:20:0 = s2.
7:20:1 = Start show animate
7:20:1 = Shell Excutute VerifyHost
7:20:33 = begin close Process
7:20:33 = Terminate Process
7:20:34 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:20:34 = DLL_PROCESS_DETACH
23:13:2 = Process Attach
23:13:2 = end process attach
23:13:2 = ***** NULL == SampleProvider *****
23:13:2 = ##### Begin waiting Mutex to release process #####
23:13:2 = hWnd = 0x0004038e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:13:2 = hWnd = 0x000803be; ClassName:
ow.
x=0, y=0, width=1, height=1
23:13:2 = hWnd = 0x000d0392; ClassName:
x=0, y=0, width=0, height=0
23:13:2 = hWnd = 0x00040398; ClassName:
x=0, y=0, width=0, height=0
23:13:46 = Process Attach
23:13:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:13:46 = * NULL == SampleProvider *

23:13:46 = begin close Process
23:13:46 = end close Process
23:13:46 = ##### Get event and release process end #####
23:13:46 = hWnd = 0x000800aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:13:46 = hWnd = 0x0093011e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:13:46 = hWnd = 0x00330134; ClassName:
x=0, y=0, width=0, height=0
23:13:46 = hWnd = 0x00810028; ClassName:
x=0, y=0, width=0, height=0
7:56:10 = Process Attach
7:56:10 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:56:10 = * NULL == SampleProvider *

7:56:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:56:11 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:56:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:56:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:56:14 = Need to re-create objects.
7:56:15 = s1.
7:56:15 = s2.
7:56:18 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:56:18
7:56:56
7:56:56
7:56:57
7:56:57

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:54:11 = Process Attach

9:54:11 = end process attach
9:54:11 = ***** NULL == SampleProvider *****
9:54:11 = ##### Begin waiting Mutex to release process #####
9:54:11 =
ow.
x=0, y=0,
9:54:11 =
x=0, y=0,
9:54:11 =
x=0, y=0,
9:54:31 =
9:54:31 =

hWnd = 0x001b0526; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00050572; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0004057e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

9:54:31 = * NULL == SampleProvider *

9:54:31 = begin close Process
9:54:31 = end close Process
9:54:31 = ##### Get event and release process end #####
9:54:31 = hWnd = 0x0005002e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:54:31 = hWnd = 0x0003009c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:54:31 = hWnd = 0x000300d8; ClassName:
x=0, y=0, width=0, height=0
9:54:31 = hWnd = 0x000300b4; ClassName:
x=0, y=0, width=0, height=0
14:54:56 = Process Attach
14:54:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:54:56 = ##### Begin waiting Mutex to release process #####

14:54:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:54:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:54:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:54:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:54:56 = Need to re-create objects.
14:54:56 = s1.
14:54:56 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:54:57
14:54:57
14:55:23
14:55:23
14:55:24
14:55:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:27:47 = Process Attach

0:27:47 = end process attach
0:27:47 = ***** NULL == SampleProvider *****
0:27:47 = ##### Begin waiting Mutex to release process #####
0:27:47 =
ow.
x=0, y=0,
0:27:47 =
x=0, y=0,
0:27:47 =
x=0, y=0,
0:28:26 =
0:28:26 =

hWnd = 0x29c20740; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x3323055e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x04c00712; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:28:26 = * NULL == SampleProvider *

0:28:26 = begin close Process
0:28:26 = end close Process
0:28:26 = ##### Get event and release process end #####
0:28:26 = hWnd = 0x002900ca; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:28:26 = hWnd = 0x000200aa; ClassName:
ow.
x=0, y=0, width=1, height=1
0:28:26 = hWnd = 0x001f0042; ClassName:
x=0, y=0, width=0, height=0
0:28:26 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
8:40:57 = Process Attach
8:40:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:57 = * NULL == SampleProvider *

8:40:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:40:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:40:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:40:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:41:1 = Need to re-create objects.
8:41:1 = s1.
8:41:1 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:41:5 = Start show animate

8:41:5 = Shell Excutute VerifyHost
8:41:42 = begin close Process
8:41:42 = Terminate Process
8:41:43 = end close Process
8:41:43 = DLL_PROCESS_DETACH
0:55:59 = Process Attach
0:55:59 = end process attach
0:55:59 = ***** NULL == SampleProvider *****
0:55:59 = ##### Begin waiting Mutex to release process #####
0:55:59 = hWnd = 0x00a90792; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:55:59 = hWnd = 0x0dec06c0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:55:59 = hWnd = 0x083404ce; ClassName:
x=0, y=0, width=0, height=0
0:55:59 = hWnd = 0x00640712; ClassName:
x=0, y=0, width=0, height=0
0:57:36 = Process Attach
0:57:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:57:36 = * NULL == SampleProvider *

0:57:36 = begin close Process
0:57:36 = end close Process
0:57:36 = ##### Get event and release process end #####
0:57:36 = hWnd = 0x000500d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:57:36 = hWnd = 0x0005009a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:36 = hWnd = 0x0017002c; ClassName:
x=0, y=0, width=0, height=0
0:57:36 = hWnd = 0x000300b8; ClassName:
x=0, y=0, width=0, height=0
7:18:12 = Process Attach
7:18:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:18:12 = * NULL == SampleProvider *

7:18:12 = ##### Begin waiting Mutex to release process #####
7:18:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:18:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:18:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:18:13 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

7:18:18 = Need to re-create objects.
7:18:18 = s1.
7:18:18 = s2.
7:18:22
7:18:22
7:19:15
7:19:15
7:19:16
7:19:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:49:57 = Process Attach

9:49:57 = end process attach
9:49:57 = ***** NULL == SampleProvider *****
9:49:57 = ##### Begin waiting Mutex to release process #####
9:49:57 = hWnd = 0x000d03e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:49:57 = hWnd = 0x000806f4; ClassName:
ow.
x=0, y=0, width=1, height=1
9:49:57 = hWnd = 0x00030426; ClassName:
x=0, y=0, width=0, height=0
9:49:57 = hWnd = 0x000505ee; ClassName:
x=0, y=0, width=0, height=0
9:50:26 = Process Attach
9:50:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:50:26 = * NULL == SampleProvider *

9:50:26 = begin close Process
9:50:26 = end close Process
9:50:26 = ##### Get event and release process end #####
9:50:26 = hWnd = 0x0004006a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:50:26 = hWnd = 0x0004008c; ClassName:
ow.
x=0, y=0, width=1, height=1
9:50:26 = hWnd = 0x000400f6; ClassName:
x=0, y=0, width=0, height=0
9:50:26 = hWnd = 0x00050062; ClassName:
x=0, y=0, width=0, height=0
9:52:2 = Process Attach
9:52:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:52:2 = * NULL == SampleProvider *

9:52:2 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:52:3 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.

x=0, y=0, width=1, height=1

9:52:4 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:52:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:52:6 = Need to re-create objects.
9:52:6 = s1.
9:52:6 = s2.
9:52:9 = Start show animate
9:52:9 = Shell Excutute VerifyHost
9:52:46 = begin close Process
9:52:46 = Terminate Process
9:52:47 = end close Process
9:52:47 = DLL_PROCESS_DETACH
23:28:21 = Process Attach
23:28:21 = end process attach
23:28:21 = ***** NULL == SampleProvider *****
23:28:21 = ##### Begin waiting Mutex to release process #####
23:28:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:28:22 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:28:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:28:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:28:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:28:25 = s1.
23:28:25 = s2.
23:28:30 = Start show animate
23:28:30 = Shell Excutute VerifyHost
23:29:8 = begin close Process
23:29:8 = Terminate Process
23:29:9 = end close Process
23:29:9 = DLL_PROCESS_DETACH
23:50:34 = Process Attach
23:50:34 = end process attach
23:50:34 = ***** NULL == SampleProvider *****
23:50:34 = hWnd = 0x000904d8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:50:34 = hWnd = 0x00030524; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
23:50:34 = hWnd = 0x000404da; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

23:50:34 = hWnd = 0x00030520; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:50:39 = Process Attach
23:50:39 = ## ERR ## Setevent
23:50:39 = ##### Get event and release process #####
23:50:39 = begin close Process
23:50:39 = end close Process
23:50:39 = ##### Get event and release process end #####
23:50:39 = ***** NULL == SampleProvider *****
23:50:39 = hWnd = 0x0004003a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:50:39 = hWnd = 0x0005005a; ClassName:
dow.
x=0, y=0, width=1, height=1
23:50:39 = hWnd = 0x00040064; ClassName:
x=0, y=0, width=0, height=0
23:50:39 = hWnd = 0x00020038; ClassName:
x=0, y=0, width=0, height=0
7:28:59 = Process Attach
7:28:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:28:59 = * NULL == SampleProvider *

7:28:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:29:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
7:29:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
7:29:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
7:29:2 = Need to re-create objects.
7:29:2 = s1.
7:29:2 = s2.
7:29:4 = Start show animate
7:29:4 = Shell Excutute VerifyHost
7:29:43 = begin close Process
7:29:43 = Terminate Process
7:29:45 = end close Process
7:29:45 = DLL_PROCESS_DETACH
1:2:33 = Process Attach
1:2:33 = end process attach
1:2:33 = ***** NULL == SampleProvider *****
1:2:33 = hWnd = 0x00790492; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

1:2:33 = hWnd = 0x064604b2; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:2:33 = hWnd = 0x001104e6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:2:33 = hWnd = 0x154c05d0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:3:43 = Process Attach
1:3:43 = ## ERR ## Setevent
1:3:43 = ***** NULL == SampleProvider *****
1:3:43 = begin close Process
1:3:43 = end close Process
1:3:43 = ##### Get event and release process end #####
1:3:43 = hWnd = 0x0005009a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:3:43 = hWnd = 0x00030038; ClassName:
w.
x=0, y=0, width=1, height=1
1:3:43 = hWnd = 0x01d200fc; ClassName:
x=0, y=0, width=0, height=0
1:3:43 = hWnd = 0x0003003c; ClassName:
x=0, y=0, width=0, height=0
7:45:41 = Process Attach
7:45:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:45:41 = * NULL == SampleProvider *

7:45:41 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:45:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:45:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:45:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:45:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:45:41 = s1.
7:45:41 = s2.
7:45:41
7:45:41
7:46:15
7:46:15
7:46:16
7:46:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:8:46 = Process Attach

0:8:46 = end process attach
0:8:46 = ##### Begin waiting Mutex to release process #####
0:8:46 = hWnd = 0x000c045a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
0:8:46 = hWnd = 0x01f50578; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:8:46 = hWnd = 0x000e049a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:8:46 = hWnd = 0x06ca054e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:9:21 = Process Attach
0:9:21 = ## ERR ## Setevent
0:9:21 = ***** NULL == SampleProvider *****
0:9:21 = begin close Process
0:9:21 = end close Process
0:9:21 = ##### Get event and release process end #####
0:9:21 = hWnd = 0x01780048; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:9:21 = hWnd = 0x00030098; ClassName:
w.
x=0, y=0, width=1, height=1
0:9:21 = hWnd = 0x004100e4; ClassName:
x=0, y=0, width=0, height=0
0:9:21 = hWnd = 0x00060084; ClassName:
x=0, y=0, width=0, height=0
8:8:45 = Process Attach
8:8:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:8:45 = * NULL == SampleProvider *

8:8:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:8:46 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:8:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:8:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:8:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:8:51 = s1.
8:8:51 = s2.
8:8:57
8:8:57
8:9:33
8:9:33
8:9:34
8:9:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:28:6 = Process Attach

12:28:6 = end process attach
12:28:6 = ***** NULL == SampleProvider *****

12:28:6 = ##### Begin waiting Mutex to release process #####

12:28:6 = hWnd = 0x000304c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:28:6 = hWnd = 0x00080494; ClassName:
ow.
x=0, y=0, width=1, height=1
12:28:6 = hWnd = 0x000304de; ClassName:
x=0, y=0, width=0, height=0
12:28:6 = hWnd = 0x000504c8; ClassName:
x=0, y=0, width=0, height=0
12:28:13 = Process Attach
12:28:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:28:13 = * NULL == SampleProvider *

12:28:13 = begin close Process
12:28:13 = end close Process
12:28:13 = ##### Get event and release process end #####
12:28:13 = hWnd = 0x000a008e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:28:13 = hWnd = 0x000d0098; ClassName:
dow.
x=0, y=0, width=1, height=1
12:28:13 = hWnd = 0x000800c2; ClassName:
x=0, y=0, width=0, height=0
12:28:13 = hWnd = 0x0011004e; ClassName:
x=0, y=0, width=0, height=0
13:2:11 = Process Attach
13:2:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:2:11 = * NULL == SampleProvider *

13:2:11 = ##### Begin waiting Mutex to release process #####
13:2:11 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:2:11 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
13:2:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:2:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:2:18 = Need to re-create objects.
13:2:18 = s1.
13:2:18 = s2.
13:2:18
13:2:18
13:2:34
13:2:34
13:2:35

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:2:35 = DLL_PROCESS_DETACH
13:13:5 = Process Attach
13:13:5 = end process attach
13:13:5 = ***** NULL == SampleProvider *****
13:13:5 = ##### Begin waiting Mutex to release process #####
13:13:5 = hWnd = 0x000804b2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:13:5 = hWnd = 0x0003052e; ClassName:
ow.
x=0, y=0, width=1, height=1
13:13:5 = hWnd = 0x000404fc; ClassName:
x=0, y=0, width=0, height=0
13:13:5 = hWnd = 0x00030518; ClassName:
x=0, y=0, width=0, height=0
13:13:9 = Process Attach
13:13:9 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:13:9 = ##### Get event and release process #####

13:13:9 = begin close Process
13:13:9 = end close Process
13:13:9 = ##### Get event and release process end #####
13:13:9 = hWnd = 0x000200e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:13:9 = hWnd = 0x000300d6; ClassName:
ow.
x=0, y=0, width=1, height=1
13:13:9 = hWnd = 0x00040034; ClassName:
x=0, y=0, width=0, height=0
13:13:9 = hWnd = 0x000300e0; ClassName:
x=0, y=0, width=0, height=0
15:51:34 = Process Attach
15:51:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:51:34 = * NULL == SampleProvider *

15:51:34 = ##### Begin waiting Mutex to release process #####
15:51:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:51:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:51:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:51:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:51:34 = Need to re-create objects.
15:51:34 = s1.
15:51:34 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:51:34 = Start show animate

15:51:34 = Shell Excutute VerifyHost
15:52:1 = begin close Process
15:52:1 = Terminate Process
15:52:2 = end close Process
15:52:2 = DLL_PROCESS_DETACH
17:6:38 = Process Attach
17:6:38 = end process attach
17:6:38 = ***** NULL == SampleProvider *****
17:6:38 = ##### Begin waiting Mutex to release process #####
17:6:38 = hWnd = 0x000405d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:6:38 = hWnd = 0x00190586; ClassName:
ow.
x=0, y=0, width=1, height=1
17:6:38 = hWnd = 0x000405ee; ClassName:
x=0, y=0, width=0, height=0
17:6:38 = hWnd = 0x003004cc; ClassName:
x=0, y=0, width=0, height=0
17:6:44 = Process Attach
17:6:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:6:44 = ##### Get event and release process #####

17:6:44 = begin close Process
17:6:44 = end close Process
17:6:44 = ##### Get event and release process end #####
17:6:44 = hWnd = 0x00040064; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:6:44 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
17:6:44 = hWnd = 0x00760054; ClassName:
x=0, y=0, width=0, height=0
17:6:44 = hWnd = 0x001000d6; ClassName:
x=0, y=0, width=0, height=0
9:7:16 = Process Attach
9:7:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:7:16 = * NULL == SampleProvider *

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

9:7:17 = Need to re-create objects.
9:7:17 = s1.
9:7:17 = s2.
9:7:17
9:7:17
9:7:50
9:7:50
9:7:51
9:7:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:18:19 = Process Attach

9:18:19 = end process attach
9:18:19 = ***** NULL == SampleProvider *****
9:18:19 = ##### Begin waiting Mutex to release process #####
9:18:19 = hWnd = 0x00060468; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:18:19 = hWnd = 0x00040018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:18:19 = hWnd = 0x00060466; ClassName:
x=0, y=0, width=0, height=0
9:18:19 = hWnd = 0x00060328; ClassName:
x=0, y=0, width=0, height=0
9:18:19 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:18:19 = s1.
9:18:19 = s2.
9:18:19 = Start show animate
9:18:19 = Shell Excutute VerifyHost
10:44:53 = begin close Process
10:44:53 = Terminate Process
10:44:54 = end close Process
10:44:54 = DLL_PROCESS_DETACH
12:52:24 = Process Attach
12:52:24 = end process attach
12:52:24 = ***** NULL == SampleProvider *****
12:52:24 = ##### Begin waiting Mutex to release process #####
12:52:24 = hWnd = 0x002a05ac; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:52:24 = hWnd = 0x00190034; ClassName:
dow.
x=0, y=0, width=1, height=1
12:52:24 = hWnd = 0x001305d2; ClassName:
x=0, y=0, width=0, height=0
12:52:24 = hWnd = 0x0024061e; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

12:52:28 = Process Attach
12:52:28 = ## ERR ## Setevent
12:52:28 = ***** NULL == SampleProvider *****
12:52:28 = ##### Get event and release process #####
12:52:28 = hWnd = 0x000200d0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:52:28 = end close Process
12:52:28 = ##### Get event and release process end #####
12:52:28 = hWnd = 0x00040048; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:52:28 = hWnd = 0x000200d2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:53:18 = Process Attach
12:53:18 = end process attach
12:53:18 = ***** NULL == SampleProvider *****
12:53:18 = ##### Begin waiting Mutex to release process #####
12:53:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:53:20 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:53:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:53:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:53:23 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:53:23 = s1.
12:53:23 = s2.
12:53:23 = Start show animate
12:53:23 = Shell Excutute VerifyHost
12:54:5 = begin close Process
12:54:5 = Terminate Process
12:54:6 = end close Process
12:54:6 = DLL_PROCESS_DETACH
14:12:0 = Process Attach
14:12:0 = end process attach
14:12:0 = ***** NULL == SampleProvider *****
14:12:0 = ##### Begin waiting Mutex to release process #####
14:12:0 = hWnd = 0x00170564; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:12:0 = hWnd = 0x00120516; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
14:12:0 =
x=0, y=0,
14:12:0 =
x=0, y=0,
14:12:6 =
14:12:6 =

width=1, height=1
hWnd = 0x00100572; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00110518; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

14:12:6 = * NULL == SampleProvider *

14:12:6 = begin close Process
14:12:6 = end close Process
14:12:6 = ##### Get event and release process end #####
14:12:6 = hWnd = 0x00040084; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:12:6 = hWnd = 0x0016005a; ClassName:
ow.
x=0, y=0, width=1, height=1
14:12:6 = hWnd = 0x000a00c0; ClassName:
x=0, y=0, width=0, height=0
14:12:6 = hWnd = 0x000b00cc; ClassName:
x=0, y=0, width=0, height=0
14:18:33 = Process Attach
14:18:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:18:33 = * NULL == SampleProvider *

14:18:33 = ##### Begin waiting Mutex to release process #####
14:18:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:18:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:18:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:18:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:18:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:18:36 = s1.
14:18:36 = s2.
14:18:36 = Start show animate
14:18:36 = Shell Excutute VerifyHost
14:19:2 = begin close Process
14:19:2 = Terminate Process
14:19:3 = end close Process
14:19:3 = DLL_PROCESS_DETACH
15:2:34 = Process Attach
15:2:34 = end process attach
15:2:34 = ##### Begin waiting Mutex to release process #####
15:2:34 = hWnd = 0x00080662; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
15:2:34 = hWnd = 0x00050528; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
15:2:34 = hWnd = 0x0005052c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:2:34 = hWnd = 0x000604c4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:2:39 = Process Attach
15:2:39 = ## ERR ## Setevent
15:2:39 = ##### Get event and release process #####
15:2:39 = begin close Process
15:2:39 = end close Process
15:2:39 = ##### Get event and release process end #####
15:2:39 = hWnd = 0x0002004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:2:39 = hWnd = 0x001c008a; ClassName:
ow.
x=0, y=0, width=1, height=1
15:2:39 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
15:2:39 = hWnd = 0x0004007e; ClassName:
x=0, y=0, width=0, height=0
10:17:34 = Process Attach
10:17:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:17:34 = * NULL == SampleProvider *

10:17:34 = ##### Begin waiting Mutex to release process #####
10:17:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:17:35 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:17:35 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:17:35 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:17:38 = Need to re-create objects.
10:17:38 = s1.
10:17:38 = s2.
10:17:38
10:17:38
10:18:33
10:18:33
10:18:34
10:18:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:52:32 = Process Attach

16:52:32 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:52:32 = * NULL == SampleProvider *

16:52:32 = ##### Begin waiting Mutex to release process #####
16:52:32 = hWnd = 0x000e0486; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:52:32 = hWnd = 0x000d04a8; ClassName:
dow.
x=0, y=0, width=1, height=1
16:52:32 = hWnd = 0x001e00a4; ClassName:
x=0, y=0, width=0, height=0
16:52:32 = hWnd = 0x000c04d6; ClassName:
x=0, y=0, width=0, height=0
16:52:37 = Process Attach
16:52:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:52:37 = * NULL == SampleProvider *

16:52:37 = begin close Process
16:52:37 = end close Process
16:52:37 = ##### Get event and release process end #####
16:52:37 = hWnd = 0x002300c6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:52:37 = hWnd = 0x001100de; ClassName:
dow.
x=0, y=0, width=1, height=1
16:52:37 = hWnd = 0x002800da; ClassName:
x=0, y=0, width=0, height=0
16:52:37 = hWnd = 0x0036005c; ClassName:
x=0, y=0, width=0, height=0
21:26:30 = Process Attach
21:26:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:26:30 = * NULL == SampleProvider *

21:26:30 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:26:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:26:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:26:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:26:34 = Need to re-create objects.
21:26:34 = s1.
21:26:34 = s2.
21:26:38
21:26:38
21:27:15
21:27:15
21:27:16

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:27:16 = DLL_PROCESS_DETACH
22:49:36 = Process Attach
22:49:36 = end process attach
22:49:36 = ***** NULL == SampleProvider *****
22:49:36 = ##### Begin waiting Mutex to release process #####
22:49:36 = hWnd = 0x000d050e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:49:36 = hWnd = 0x00070532; ClassName:
dow.
x=0, y=0, width=1, height=1
22:49:36 = hWnd = 0x000804ec; ClassName:
x=0, y=0, width=0, height=0
22:49:36 = hWnd = 0x000a049c; ClassName:
x=0, y=0, width=0, height=0
22:49:41 = Process Attach
22:49:41 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:49:41 = * NULL == SampleProvider *

22:49:41 = begin close Process
22:49:41 = end close Process
22:49:41 = ##### Get event and release process end #####
22:49:41 = hWnd = 0x0008002c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:49:41 = hWnd = 0x0004003c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:49:41 = hWnd = 0x002900c4; ClassName:
x=0, y=0, width=0, height=0
22:49:41 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
9:37:25 = Process Attach
9:37:25 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:37:25 = * NULL == SampleProvider *

9:37:25 = ##### Begin waiting Mutex to release process #####
9:37:25 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:37:25 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:37:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:37:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:37:28 = Need to re-create objects.
9:37:29 = s1.
9:37:29 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:37:33
9:37:33
9:38:10
9:38:10
9:38:11
9:38:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:0:11 = Process Attach

12:0:11 = end process attach
12:0:11 = ***** NULL == SampleProvider *****
12:0:11 = ##### Begin waiting Mutex to release process #####
12:0:11 = hWnd = 0x0006055a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:0:11 = hWnd = 0x003c0524; ClassName:
ow.
x=0, y=0, width=1, height=1
12:0:11 = hWnd = 0x000905a8; ClassName:
x=0, y=0, width=0, height=0
12:0:11 = hWnd = 0x000c0554; ClassName:
x=0, y=0, width=0, height=0
12:0:21 = Process Attach
12:0:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:0:21 = * NULL == SampleProvider *

12:0:21 = end close Process
12:0:21 = ##### Get event and release process end #####
12:0:21 =
x=0, y=0,
12:0:21 =
x=0, y=0,
14:28:9 =
14:28:9 =

hWnd = 0x0029004e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00050098; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

14:28:10 = * NULL == SampleProvider *

14:28:10 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:28:10 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:28:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:28:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:28:14 = Need to re-create objects.
14:28:14 = s1.
14:28:14 = s2.
14:28:18 = Start show animate
14:28:18 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:28:55
14:28:55
14:28:56
14:28:56

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

15:52:28 = Process Attach

15:52:28 = end process attach
15:52:28 = ***** NULL == SampleProvider *****
15:52:28 = ##### Begin waiting Mutex to release process #####
15:52:28 = hWnd = 0x000904f0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:52:28 = hWnd = 0x0008004c; ClassName:
dow.
x=0, y=0, width=1, height=1
15:52:28 = hWnd = 0x000404e8; ClassName:
x=0, y=0, width=0, height=0
15:52:28 = hWnd = 0x000c027c; ClassName:
x=0, y=0, width=0, height=0
15:52:33 = Process Attach
15:52:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:52:33 = ##### Get event and release process #####

15:52:33 = begin close Process
15:52:33 = end close Process
15:52:33 = ##### Get event and release process end #####
15:52:33 = hWnd = 0x00040050; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:52:33 = hWnd = 0x0004004c; ClassName:
dow.
x=0, y=0, width=1, height=1
15:52:33 = hWnd = 0x00030038; ClassName:
x=0, y=0, width=0, height=0
15:52:33 = hWnd = 0x000300cc; ClassName:
x=0, y=0, width=0, height=0
9:50:4 = Process Attach
9:50:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:50:5 = * NULL == SampleProvider *

9:50:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:50:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:50:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:50:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:50:8 = Need to re-create objects.
9:50:8 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:50:8 = s2.
9:50:13
9:50:13
9:50:49
9:50:49
9:50:50
9:50:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:22:25 = Process Attach

10:22:25 = end process attach
10:22:25 = ***** NULL == SampleProvider *****
10:22:25 = ##### Begin waiting Mutex to release process #####
10:22:25 = hWnd = 0x0003060e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:22:25 = hWnd = 0x0002061c; ClassName:
dow.
x=0, y=0, width=1, height=1
10:22:25 = hWnd = 0x0002067c; ClassName:
x=0, y=0, width=0, height=0
10:22:25 = hWnd = 0x000405e6; ClassName:
x=0, y=0, width=0, height=0
10:22:30 = Process Attach
10:22:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:22:30 = ##### Get event and release process #####

10:22:30 = begin close Process
10:22:30 = end close Process
10:22:30 = ##### Get event and release process end #####
10:22:30 = ***** NULL == SampleProvider *****
10:22:30 = hWnd = 0x00030074; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:22:30 = hWnd = 0x000b004a; ClassName:
dow.
x=0, y=0, width=1, height=1
10:22:30 = hWnd = 0x001000cc; ClassName:
x=0, y=0, width=0, height=0
10:22:30 = hWnd = 0x0002005a; ClassName:
x=0, y=0, width=0, height=0
10:24:35 = Process Attach
10:24:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:24:35 = * NULL == SampleProvider *

10:24:35 = ##### Begin waiting Mutex to release process #####
10:24:35 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:24:35 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

10:24:35 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
10:24:35 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:24:35 = Need to re-create objects.
10:24:35 = s1.
10:24:35 = s2.
10:24:37
10:24:37
10:24:57
10:24:57
10:24:58
10:24:58

=
=
=
=
=
=

23:5:37 = Process Attach

23:5:37 = end process attach
23:5:37 = ***** NULL == SampleProvider *****
23:5:37 = hWnd = 0x002b0abe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:5:37 = hWnd = 0x00220618; ClassName:
ow.
x=0, y=0, width=1, height=1
23:5:37 = hWnd = 0x00490964; ClassName:
x=0, y=0, width=0, height=0
23:5:37 = hWnd = 0x002905c4; ClassName:
x=0, y=0, width=0, height=0
23:5:47 = Process Attach
23:5:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:5:47 = ##### Get event and release process #####

23:5:47 = ***** NULL == SampleProvider *****
23:5:47 = end close Process
23:5:47 = ##### Get event and release process end #####
23:5:47 = hWnd = 0x000500f2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:5:47 = hWnd = 0x067000e8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
23:5:47 = hWnd = 0x0cb900ee; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

23:5:47 =
x=0, y=0,
11:9:21 =
11:9:21 =

hWnd = 0x000200b8; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

11:9:21 = * NULL == SampleProvider *

11:9:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:9:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:9:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:9:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:9:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:9:25 = s1.
11:9:25 = s2.
11:9:28
11:9:28
11:10:6
11:10:6
11:10:7
11:10:7

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

14:48:17 = Process Attach

14:48:17 = end process attach
14:48:17 = ***** NULL == SampleProvider *****
14:48:17 = ##### Begin waiting Mutex to release process #####
14:48:17 = hWnd = 0x00100522; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:48:17 = hWnd = 0x0014053e; ClassName:
dow.
x=0, y=0, width=1, height=1
14:48:17 = hWnd = 0x00100538; ClassName:
x=0, y=0, width=0, height=0
14:48:17 = hWnd = 0x00160536; ClassName:
x=0, y=0, width=0, height=0
14:48:24 = Process Attach
14:48:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:48:24 = ##### Get event and release process #####

14:48:24 = ***** NULL == SampleProvider *****
14:48:24 = end close Process
14:48:24 = ##### Get event and release process end #####
14:48:24 = hWnd = 0x00080082; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
14:48:24 = hWnd = 0x0048004c; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0

15:32:3 = Process Attach
15:32:3 = end process attach
15:32:3 = ***** NULL == SampleProvider *****
15:32:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:32:3 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
15:32:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:32:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:32:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:32:3 = s1.
15:32:3 = s2.
15:32:3 = Start show animate
15:32:3 = Shell Excutute VerifyHost
15:32:34 = begin close Process
15:32:34 = Terminate Process
15:32:35 = end close Process
15:32:35 = DLL_PROCESS_DETACH
15:54:15 = Process Attach
15:54:15 = end process attach
15:54:15 = ***** NULL == SampleProvider *****
15:54:15 = ##### Begin waiting Mutex to release process #####
15:54:15 = hWnd = 0x00050816; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:54:15 = hWnd = 0x00030382; ClassName:
dow.
x=0, y=0, width=1, height=1
15:54:15 = hWnd = 0x00050732; ClassName:
x=0, y=0, width=0, height=0
15:54:15 = hWnd = 0x000906bc; ClassName:
x=0, y=0, width=0, height=0
15:54:21 = Process Attach
15:54:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:54:21 = ##### Get event and release process #####

15:54:21 = begin close Process
15:54:21 = end close Process
15:54:21 = ##### Get event and release process end #####
15:54:21 = ***** NULL == SampleProvider *****
15:54:21 = hWnd = 0x00150046; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

15:54:21 = hWnd = 0x00040034; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:54:21 = hWnd = 0x00210062; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:54:21 = hWnd = 0x000500f0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:8:21 = Process Attach
18:8:21 = end process attach
18:8:21 = ***** NULL == SampleProvider *****
18:8:21 = ##### Begin waiting Mutex to release process #####
18:8:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:8:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
18:8:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:8:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:8:25 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:8:26 = s1.
18:8:26 = s2.
18:8:29 = Start show animate
18:8:29 = Shell Excutute VerifyHost
18:9:7 = begin close Process
18:9:7 = Terminate Process
18:9:8 = end close Process
18:9:8 = DLL_PROCESS_DETACH
19:32:31 = Process Attach
19:32:31 = end process attach
19:32:31 = ***** NULL == SampleProvider *****
19:32:31 = hWnd = 0x089a05b4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:32:31 = hWnd = 0x01aa04fa; ClassName:
dow.
x=0, y=0, width=1, height=1
19:32:31 = hWnd = 0x007c0366; ClassName:
x=0, y=0, width=0, height=0
19:32:31 = hWnd = 0x09ca04e4; ClassName:
x=0, y=0, width=0, height=0
19:32:37 = Process Attach
19:32:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:32:37 = ##### Get event and release process #####

19:32:37 = begin close Process
19:32:37 = end close Process
19:32:37 = ##### Get event and release process end #####

19:32:37 = hWnd = 0x01130050; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:32:37 = hWnd = 0x02770052; ClassName:
dow.
x=0, y=0, width=1, height=1
19:32:37 = hWnd = 0x000500b2; ClassName:
x=0, y=0, width=0, height=0
19:32:37 = hWnd = 0x015300c8; ClassName:
x=0, y=0, width=0, height=0
12:25:33 = Process Attach
12:25:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:25:33 = * NULL == SampleProvider *

12:25:33 = ##### Begin waiting Mutex to release process #####
12:25:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:25:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:25:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:25:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:25:38 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:25:38 = s1.
12:25:38 = s2.
12:25:40
12:25:40
12:26:20
12:26:20
12:26:21
12:26:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

12:52:21 = Process Attach

12:52:21 = end process attach
12:52:21 = ***** NULL == SampleProvider *****
12:52:21 = ##### Begin waiting Mutex to release process #####
12:52:21 = hWnd = 0x000705d8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:52:21 = hWnd = 0x0006059a; ClassName:
dow.
x=0, y=0, width=1, height=1
12:52:21 = hWnd = 0x0005055c; ClassName:
x=0, y=0, width=0, height=0
12:52:21 = hWnd = 0x00070038; ClassName:
x=0, y=0, width=0, height=0
12:52:26 = Process Attach
12:52:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:52:26 = ##### Get event and release process #####

12:52:26 = begin close Process
12:52:26 = end close Process
12:52:26 = ##### Get event and release process end #####
12:52:26 = hWnd = 0x00030096; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:52:26 = hWnd = 0x00030038; ClassName:
dow.
x=0, y=0, width=1, height=1
12:52:26 = hWnd = 0x00060056; ClassName:
x=0, y=0, width=0, height=0
12:52:26 = hWnd = 0x000300d6; ClassName:
x=0, y=0, width=0, height=0
18:37:21 = Process Attach
18:37:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:37:21 = * NULL == SampleProvider *

18:37:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:37:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:37:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:37:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:37:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:37:24 = s1.
18:37:24 = s2.
18:37:28 = Start show animate
18:37:28 = Shell Excutute VerifyHost
18:38:6 = begin close Process
18:38:6 = Terminate Process
18:38:7 = end close Process
18:38:7 = DLL_PROCESS_DETACH
21:18:7 = Process Attach
21:18:7 = end process attach
21:18:7 = ***** NULL == SampleProvider *****
21:18:7 = ##### Begin waiting Mutex to release process #####
21:18:7 = hWnd = 0x35120384; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:18:7 = hWnd = 0x00210592; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
21:18:7 = hWnd = 0x000904f0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

21:18:7 = hWnd = 0x4f1504de; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
21:18:14 = Process Attach
21:18:14 = ## ERR ## Setevent
21:18:14 = ***** NULL == SampleProvider *****
21:18:14 = begin close Process
21:18:14 = end close Process
21:18:14 = ##### Get event and release process end #####
21:18:14 = hWnd = 0x000200b2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:18:14 = hWnd = 0x000200ae; ClassName:
dow.
x=0, y=0, width=1, height=1
21:18:14 = hWnd = 0x000c002a; ClassName:
x=0, y=0, width=0, height=0
21:18:14 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
15:15:23 = Process Attach
15:15:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:15:23 = * NULL == SampleProvider *

15:15:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:15:24 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:15:25 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:15:25 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:15:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:15:28 = s1.
15:15:28 = s2.
15:15:32
15:15:32
15:16:11
15:16:11
15:16:12
15:16:12

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:58:21 = ##### Get event and release process #####

16:58:21 = hWnd = 0x00070050; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:58:21 = end close Process
16:58:21 = hWnd = 0x0004006a; ClassName:
dow.
x=0, y=0, width=1, height=1
16:58:21 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
16:58:21 = hWnd = 0x00030080; ClassName:
x=0, y=0, width=0, height=0
18:54:40 = Process Attach
18:54:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win

MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:40 = * NULL == SampleProvider *

18:54:40 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:54:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:54:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:54:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:54:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:54:44 = s1.
18:54:44 = s2.
18:54:49
18:54:49
18:55:26
18:55:26
18:55:28
18:55:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:6:17 = Process Attach

0:6:17 = end process attach
0:6:17 = ***** NULL == SampleProvider *****

0:6:17 = hWnd = 0x000d02bc; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:6:17 = hWnd = 0x000504d8; ClassName:
w.
x=0, y=0, width=1, height=1
0:6:17 = hWnd = 0x000604be; ClassName:
x=0, y=0, width=0, height=0
0:6:17 = hWnd = 0x000704cc; ClassName:
x=0, y=0, width=0, height=0
0:6:55 = Process Attach
0:6:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:6:55 = * NULL == SampleProvider *

0:6:55 = begin close Process
0:6:55 = end close Process
0:6:55 = ##### Get event and release process end #####
0:6:55 = hWnd = 0x00030098; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:6:55 = hWnd = 0x000400ca; ClassName:
w.
x=0, y=0, width=1, height=1
0:6:55 = hWnd = 0x0023011c; ClassName:
x=0, y=0, width=0, height=0
0:6:55 = hWnd = 0x0004002a; ClassName:
x=0, y=0, width=0, height=0
10:6:16 = Process Attach
10:6:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:6:16 = * NULL == SampleProvider *

10:6:16 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:6:17 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
10:6:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:6:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:6:21 = Need to re-create objects.
10:6:21 = s1.
10:6:21 = s2.
10:6:25 = Start show animate
10:6:25 = Shell Excutute VerifyHost
10:7:2 = begin close Process
10:7:2 = Terminate Process
10:7:3 = end close Process
10:7:3 = DLL_PROCESS_DETACH
23:18:45 = Process Attach
23:18:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:18:45 = * NULL == SampleProvider *

23:18:45 = ##### Begin waiting Mutex to release process #####
23:18:45 = hWnd = 0x00100504; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:18:45 = hWnd = 0x001104b8; ClassName:
dow.
x=0, y=0, width=1, height=1
23:18:45 = hWnd = 0x000604d2; ClassName:
x=0, y=0, width=0, height=0
23:18:45 = hWnd = 0x000904da; ClassName:
x=0, y=0, width=0, height=0
23:20:20 = Process Attach
23:20:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:20:20 = * NULL == SampleProvider *

23:20:20 = hWnd = 0x000800be; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:20:20 = hWnd = 0x0003003c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:20:20 = hWnd = 0x000e008c; ClassName:
x=0, y=0, width=0, height=0
23:20:20 = hWnd = 0x000300b2; ClassName:
x=0, y=0, width=0, height=0
23:22:33 = Process Attach
23:22:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:33 = * NULL == SampleProvider *

23:22:33 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:22:33 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:22:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:22:36 = Need to re-create objects.
23:22:36 = s1.
23:22:36 = s2.
23:22:39
23:22:39
23:23:23
23:23:23
23:23:25
23:23:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:48:28 = Process Attach

0:48:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:48:28 = * NULL == SampleProvider *

0:48:28 = ##### Begin waiting Mutex to release process #####
0:48:28 = hWnd = 0x000904a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:48:28 = hWnd = 0x0006035e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:48:28 = hWnd = 0x0005004a; ClassName:
x=0, y=0, width=0, height=0
0:48:28 = hWnd = 0x00290484; ClassName:
x=0, y=0, width=0, height=0
0:48:47 = Process Attach
0:48:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:48:47 = * NULL == SampleProvider *

0:48:47 = begin close Process
0:48:47 = end close Process
0:48:47 = ##### Get event and release process end #####
0:48:47 = hWnd = 0x000500ce; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:48:47 = hWnd = 0x000300a0; ClassName:
ow.
x=0, y=0, width=1, height=1
0:48:47 = hWnd = 0x0006009a; ClassName:
x=0, y=0, width=0, height=0
0:48:47 = hWnd = 0x000500aa; ClassName:
x=0, y=0, width=0, height=0
9:1:21 = Process Attach
9:1:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:1:21 = * NULL == SampleProvider *

9:1:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:1:22 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:1:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:1:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:1:26 = Need to re-create objects.
9:1:26 = s1.
9:1:26 = s2.
9:1:28 = Start show animate
9:1:28 = Shell Excutute VerifyHost
9:2:6 = begin close Process
9:2:6 = Terminate Process
9:2:7 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:2:7 = DLL_PROCESS_DETACH
0:58:10 = Process Attach
0:58:10 = end process attach
0:58:10 = ***** NULL == SampleProvider *****
0:58:10 = ##### Begin waiting Mutex to release process #####
0:58:10 = hWnd = 0x00230d52; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:58:10 = hWnd = 0x0038051a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:58:10 = hWnd = 0x00250b0a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:59:4 = Process Attach
0:59:4 = ## ERR ## Setevent
0:59:4 = ***** NULL == SampleProvider *****
0:59:4 = begin close Process
0:59:4 = end close Process
0:59:4 = ##### Get event and release process end #####
0:59:4 = hWnd = 0x000b0100; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:59:4 = hWnd = 0x00050036; ClassName:
w.
x=0, y=0, width=1, height=1
0:59:4 = hWnd = 0x000e0102; ClassName:
x=0, y=0, width=0, height=0
0:59:4 = hWnd = 0x000200ba; ClassName:
x=0, y=0, width=0, height=0
7:17:23 = Process Attach
7:17:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:17:23 = * NULL == SampleProvider *

7:17:23 = ##### Begin waiting Mutex to release process #####
7:17:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:17:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:17:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:17:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:17:26 = Need to re-create objects.
7:17:27 = s1.
7:17:27 = s2.
7:17:30 = Start show animate
7:17:30 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:18:8
7:18:8
7:18:9
7:18:9

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

14:50:10 = Process Attach

14:50:10 = end process attach
14:50:10 = ***** NULL == SampleProvider *****
14:50:10 = hWnd = 0x000d070e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:50:10 = hWnd = 0x0006060a; ClassName:
dow.
x=0, y=0, width=1, height=1
14:50:10 = hWnd = 0x0005061e; ClassName:
x=0, y=0, width=0, height=0
14:50:10 = hWnd = 0x00210732; ClassName:
x=0, y=0, width=0, height=0
14:50:50 = Process Attach
14:50:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:50:50 = * NULL == SampleProvider *

14:50:50 = begin close Process
14:50:50 = end close Process
14:50:50 = ##### Get event and release process end #####
14:50:50 = hWnd = 0x00050082; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:50:50 = hWnd = 0x0003003c; ClassName:
dow.
x=0, y=0, width=1, height=1
14:50:50 = hWnd = 0x000d008c; ClassName:
x=0, y=0, width=0, height=0
14:50:50 = hWnd = 0x000300b2; ClassName:
x=0, y=0, width=0, height=0
16:36:20 = Process Attach
16:36:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:21 = * NULL == SampleProvider *

16:36:21 = ##### Begin waiting Mutex to release process #####
16:36:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:36:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:36:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:36:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:36:24 = Need to re-create objects.
16:36:24 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:24 = s2.
16:36:24
16:36:24
16:36:53
16:36:53
16:36:54
16:36:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:5:50 = Process Attach

21:5:50 = end process attach
21:5:50 = ***** NULL == SampleProvider *****
21:5:50 = ##### Begin waiting Mutex to release process #####
21:5:50 = hWnd = 0x00250564; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:5:50 = hWnd = 0x003f04be; ClassName:
ow.
x=0, y=0, width=1, height=1
21:5:50 = hWnd = 0x0007055e; ClassName:
x=0, y=0, width=0, height=0
21:5:50 = hWnd = 0x003f0518; ClassName:
x=0, y=0, width=0, height=0
21:5:56 = Process Attach
21:5:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:5:56 = * NULL == SampleProvider *

21:5:56 = begin close Process
21:5:56 = end close Process
21:5:56 = ##### Get event and release process end #####
21:5:56 = hWnd = 0x000400e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:5:56 = hWnd = 0x000600d0; ClassName:
ow.
x=0, y=0, width=1, height=1
21:5:56 = hWnd = 0x00030096; ClassName:
x=0, y=0, width=0, height=0
21:5:56 = hWnd = 0x000900ce; ClassName:
x=0, y=0, width=0, height=0
21:6:55 = Process Attach
21:6:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:6:56 = * NULL == SampleProvider *

21:6:56 = ##### Begin waiting Mutex to release process #####
21:6:56 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:6:56 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
21:6:56 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

21:6:56 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
21:6:57 = Need to re-create objects.
21:6:57 = s1.
21:6:57 = s2.
21:6:57
21:6:57
21:7:37
21:7:37
21:7:38
21:7:38

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:44:2 = Process Attach

23:44:2 = end process attach
23:44:2 = ***** NULL == SampleProvider *****
23:44:2 = ##### Begin waiting Mutex to release process #####
23:44:2 = hWnd = 0x000404c4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:44:2 = hWnd = 0x000404c2; ClassName:
ow.
x=0, y=0, width=1, height=1
23:44:2 = hWnd = 0x000504d2; ClassName:
x=0, y=0, width=0, height=0
23:44:2 = hWnd = 0x000404c8; ClassName:
x=0, y=0, width=0, height=0
23:44:16 = Process Attach
23:44:16 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:44:16 = * NULL == SampleProvider *

23:44:16 = begin close Process
23:44:16 = end close Process
23:44:16 = ##### Get event and release process end #####
23:44:16 = hWnd = 0x000700d2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:44:16 = hWnd = 0x000900da; ClassName:
dow.
x=0, y=0, width=1, height=1
23:44:16 = hWnd = 0x00030078; ClassName:
x=0, y=0, width=0, height=0
23:44:16 = hWnd = 0x000400e2; ClassName:
x=0, y=0, width=0, height=0
23:45:34 = Process Attach
23:45:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:45:34 = * NULL == SampleProvider *

23:45:34 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:45:34 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:45:35 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:45:35 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:45:35 = Need to re-create objects.
23:45:35 = s1.
23:45:35 = s2.
23:45:35 = Start show animate
23:45:35 = Shell Excutute VerifyHost
23:48:2 = Process Attach
23:48:2 = end process attach
23:48:2 = ***** NULL == SampleProvider *****
23:48:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:48:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
23:48:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:48:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:48:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:48:3 = s1.
23:48:3 = s2.
23:48:4 = Start show animate
23:48:4 = Shell Excutute VerifyHost
23:48:39 = begin close Process
23:48:39 = Terminate Process
23:48:40 = end close Process
23:48:40 = DLL_PROCESS_DETACH
23:51:57 = Process Attach
23:51:57 = end process attach
23:51:57 = ***** NULL == SampleProvider *****
23:51:57 = ##### Begin waiting Mutex to release process #####
23:51:57 = hWnd = 0x00010456; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:51:57 = hWnd = 0x00010452; ClassName:
dow.
x=0, y=0, width=1, height=1
23:51:57 = hWnd = 0x0001045c; ClassName:
x=0, y=0, width=0, height=0
23:51:57 = hWnd = 0x00010454; ClassName:
x=0, y=0, width=0, height=0
23:52:7 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:52:7 = ## ERR ## Setevent

23:52:7 = ##### Get event and release process #####
23:52:7 = hWnd = 0x000600c4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:52:7 = end close Process
23:52:7 = ##### Get event and release process end #####
23:52:7 =
x=0, y=0,
6:39:43 =
6:39:43 =

hWnd = 0x000300c6; ClassName: IME; Title: Default IME.

width=0, height=0
Process Attach
end process attach

6:39:43 = * NULL == SampleProvider *

6:39:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:39:43 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:39:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:39:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:39:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:39:50 = s1.
6:39:50 = s2.
6:39:51
6:39:51
6:40:31
6:40:31
6:40:32
6:40:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

17:12:54 = Process Attach

17:12:54 = end process attach
17:12:54 = ***** NULL == SampleProvider *****
17:12:54 = ##### Begin waiting Mutex to release process #####
17:12:54 = hWnd = 0x00060518; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:12:54 = hWnd = 0x0006052e; ClassName:
dow.
x=0, y=0, width=1, height=1
17:12:54 = hWnd = 0x00080566; ClassName:
x=0, y=0, width=0, height=0
17:12:54 = hWnd = 0x001f07a4; ClassName:
x=0, y=0, width=0, height=0
17:13:39 = Process Attach
17:13:39 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:13:39 = * NULL == SampleProvider *

17:13:39 = begin close Process
17:13:39 = end close Process
17:13:39 = ##### Get event and release process end #####
17:13:39 = hWnd = 0x0003002e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
17:13:39 = hWnd = 0x000500aa; ClassName:
dow.
x=0, y=0, width=1, height=1
17:13:39 = hWnd = 0x002200d0; ClassName:
x=0, y=0, width=0, height=0
17:13:39 = hWnd = 0x000500e6; ClassName:
x=0, y=0, width=0, height=0
17:35:11 = Process Attach
17:35:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:35:12 = * NULL == SampleProvider *

17:35:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:35:12 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:35:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:35:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:35:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:35:17 = s1.
17:35:17 = s2.
17:35:20
17:35:20
17:35:58
17:35:58
17:35:59
17:35:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

19:45:26 = Process Attach

19:45:26 = end process attach
19:45:26 = ***** NULL == SampleProvider *****
19:45:26 = ##### Begin waiting Mutex to release process #####
19:45:26 = hWnd = 0x0281058a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:45:26 = hWnd = 0x01aa04e0; ClassName:
dow.
x=0, y=0, width=1, height=1
19:45:26 = hWnd = 0x003e0642; ClassName:
x=0, y=0, width=0, height=0
19:45:26 = hWnd = 0x00ef05c6; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

19:56:44 = Process Attach
19:56:44 = end process attach
19:56:44 = ***** NULL == SampleProvider *****
19:56:44 = ##### Begin waiting Mutex to release process #####
19:56:45 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:56:45 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:56:45 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:56:50 = Need to re-create objects.
19:56:51 = s1.
19:56:51 = s2.
19:56:56
19:56:56
19:57:32
19:57:32
19:57:33
19:57:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:6:35 = Process Attach

20:6:35 = end process attach
20:6:35 = ***** NULL == SampleProvider *****
20:6:35 = ##### Begin waiting Mutex to release process #####
20:6:35 = hWnd = 0x000a06aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:6:35 = hWnd = 0x000d0588; ClassName:
ow.
x=0, y=0, width=1, height=1
20:6:35 = hWnd = 0x00050558; ClassName:
x=0, y=0, width=0, height=0
20:6:35 = hWnd = 0x000c059a; ClassName:
x=0, y=0, width=0, height=0
20:6:40 = Process Attach
20:6:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:6:40 = ##### Get event and release process #####

20:6:40 = begin close Process
20:6:40 = end close Process
20:6:40 = ##### Get event and release process end #####
20:6:40 = ***** NULL == SampleProvider *****
20:6:40 = hWnd = 0x00050086; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:6:40 = hWnd = 0x000b00d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
20:6:40 =
x=0, y=0,
20:6:40 =
x=0, y=0,
20:7:46 =
20:7:46 =

width=1, height=1
hWnd = 0x000a00fa; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000800e6; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

20:7:46 = * NULL == SampleProvider *

20:7:46 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:7:46 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
20:7:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:7:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:7:49 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:7:50 = s1.
20:7:50 = s2.
20:7:53
20:7:53
20:8:31
20:8:31
20:8:32
20:8:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

21:9:23 = Process Attach

21:9:23 = end process attach
21:9:23 = ***** NULL == SampleProvider *****
21:9:23 = ##### Begin waiting Mutex to release process #####
21:9:23 = hWnd = 0x00090586; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:9:23 = hWnd = 0x003004b2; ClassName:
ow.
x=0, y=0, width=1, height=1
21:9:23 = hWnd = 0x00070570; ClassName:
x=0, y=0, width=0, height=0
21:9:23 = hWnd = 0x001804d2; ClassName:
x=0, y=0, width=0, height=0
21:9:36 = Process Attach
21:9:36 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:9:36 = ##### Get event and release process #####

21:9:36 = begin close Process
21:9:36 = end close Process
21:9:36 = ##### Get event and release process end #####

21:9:36 = hWnd = 0x000500ce; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:9:36 = hWnd = 0x000500c4; ClassName:
ow.
x=0, y=0, width=1, height=1
21:9:36 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
21:9:36 = hWnd = 0x000600d8; ClassName:
x=0, y=0, width=0, height=0
21:11:16 = Process Attach
21:11:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:11:16 = * NULL == SampleProvider *

21:11:16 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:11:16 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:11:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:11:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:11:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:11:21 = s1.
21:11:21 = s2.
21:11:25 = Start show animate
21:11:25 = Shell Excutute VerifyHost
21:12:2 = begin close Process
21:12:2 = Terminate Process
21:12:3 = end close Process
21:12:3 = DLL_PROCESS_DETACH
0:49:11 = Process Attach
0:49:11 = end process attach
0:49:11 = ***** NULL == SampleProvider *****
0:49:11 = ##### Begin waiting Mutex to release process #####
0:49:11 = hWnd = 0x0017062e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:49:11 = hWnd = 0x000c062c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:49:11 = hWnd = 0x001404e8; ClassName:
x=0, y=0, width=0, height=0
0:49:11 = hWnd = 0x000e0688; ClassName:
x=0, y=0, width=0, height=0
0:49:18 = Process Attach
0:49:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:49:18 = * NULL == SampleProvider *

0:49:18 = begin close Process

0:49:18 = end close Process
0:49:18 = ##### Get event and release process end #####
0:49:18 = hWnd = 0x00090080; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:49:18 = hWnd = 0x0009002e; ClassName:
ow.
x=0, y=0, width=1, height=1
0:49:18 = hWnd = 0x000900e6; ClassName:
x=0, y=0, width=0, height=0
0:49:18 = hWnd = 0x000900c6; ClassName:
x=0, y=0, width=0, height=0
8:45:40 = Process Attach
8:45:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:45:40 = * NULL == SampleProvider *

8:45:40 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:45:41 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:45:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:45:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:45:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:45:45 = s1.
8:45:45 = s2.
8:45:49
8:45:49
8:46:26
8:46:26
8:46:27
8:46:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:15:33 = Process Attach

16:15:34 = end process attach
16:15:34 = ***** NULL == SampleProvider *****
16:15:34 = ##### Begin waiting Mutex to release process #####
16:15:34 = hWnd = 0x00020484; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:15:34 = hWnd = 0x000b047a; ClassName:
dow.
x=0, y=0, width=1, height=1
16:15:34 = hWnd = 0x0002049c; ClassName:
x=0, y=0, width=0, height=0
16:15:34 = hWnd = 0x0002049a; ClassName:
x=0, y=0, width=0, height=0
16:16:11 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:16:11 = ## ERR ## Setevent

16:16:11 = ***** NULL == SampleProvider *****
16:16:11 = begin close Process
16:16:11 = end close Process
16:16:11 = ##### Get event and release process end #####
16:16:11 = hWnd = 0x000400d4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:16:11 = hWnd = 0x00030048; ClassName:
dow.
x=0, y=0, width=1, height=1
16:16:11 = hWnd = 0x00130060; ClassName:
x=0, y=0, width=0, height=0
16:16:11 = hWnd = 0x000300b0; ClassName:
x=0, y=0, width=0, height=0
17:51:41 = Process Attach
17:51:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:51:41 = * NULL == SampleProvider *

17:51:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:51:42 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:51:43 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
17:51:43 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:51:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:51:47 = s1.
17:51:47 = s2.
17:51:50
17:51:50
17:52:26
17:52:26
17:52:27
17:52:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:58:45 = Process Attach

0:58:45 = end process attach
0:58:45 = ***** NULL == SampleProvider *****
0:58:45 = ##### Begin waiting Mutex to release process #####
0:58:45 =
ow.
x=0, y=0,
0:58:45 =
x=0, y=0,
0:58:45 =
x=0, y=0,

hWnd = 0x0005055e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x287d04d6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x004304be; ClassName: IME; Title: Default IME.
width=0, height=0

0:59:21 = Process Attach

0:59:21 = ## ERR ## Setevent
0:59:21 = ***** NULL == SampleProvider *****
0:59:21 = begin close Process
0:59:21 = end close Process
0:59:21 = ##### Get event and release process end #####
0:59:21 = hWnd = 0x000500a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:59:21 = hWnd = 0x0003003a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:21 = hWnd = 0x000e0056; ClassName:
x=0, y=0, width=0, height=0
0:59:21 = hWnd = 0x00060088; ClassName:
x=0, y=0, width=0, height=0
6:44:21 = Process Attach
6:44:21 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:44:21 = * NULL == SampleProvider *

6:44:21 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:44:22 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:44:22 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:44:22 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:44:26 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:44:26 = s1.
6:44:26 = s2.
6:44:31 = Start show animate
6:44:31 = Shell Excutute VerifyHost
6:45:6 = begin close Process
6:45:6 = Terminate Process
6:45:7 = end close Process
6:45:7 = DLL_PROCESS_DETACH
9:21:26 = Process Attach
9:21:26 = end process attach
9:21:26 = ***** NULL == SampleProvider *****
9:21:26 = ##### Begin waiting Mutex to release process #####
9:21:26 = hWnd = 0x00040302; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:21:26 = hWnd = 0x000304aa; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

9:21:26 =
x=0, y=0,
9:21:26 =
x=0, y=0,
9:21:41 =
9:21:41 =

hWnd = 0x000204ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x00040458; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

9:21:41 = * NULL == SampleProvider *

9:21:41 = begin close Process
9:21:41 = end close Process
9:21:41 = ##### Get event and release process end #####
9:21:41 = hWnd = 0x0007003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:21:41 = hWnd = 0x000a0088; ClassName:
ow.
x=0, y=0, width=1, height=1
9:21:41 = hWnd = 0x000400d0; ClassName:
x=0, y=0, width=0, height=0
9:21:41 = hWnd = 0x000c002a; ClassName:
x=0, y=0, width=0, height=0
9:23:30 = Process Attach
9:23:30 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:23:30 = * NULL == SampleProvider *

9:23:30 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:23:31 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:23:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:23:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:23:35 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:23:36 = s1.
9:23:36 = s2.
9:23:39
9:23:39
9:24:16
9:24:16
9:24:17
9:24:17

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

18:41:53 = Process Attach

18:41:53 = end process attach
18:41:53 = ***** NULL == SampleProvider *****
18:41:53 = ##### Begin waiting Mutex to release process #####
18:41:53 = hWnd = 0x00030462; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

18:41:53 = hWnd = 0x00050460; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
18:41:53 = hWnd = 0x0002048a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:41:53 = hWnd = 0x0014045e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:42:0 = Process Attach
18:42:0 = ## ERR ## Setevent
18:42:0 = ***** NULL == SampleProvider *****
18:42:0 = begin close Process
18:42:0 = end close Process
18:42:0 = ##### Get event and release process end #####
18:42:0 = hWnd = 0x001200d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
18:42:0 = hWnd = 0x0010008e; ClassName:
ow.
x=0, y=0, width=1, height=1
18:42:0 = hWnd = 0x000c0038; ClassName:
x=0, y=0, width=0, height=0
18:42:0 = hWnd = 0x001a0066; ClassName:
x=0, y=0, width=0, height=0
19:31:55 = Process Attach
19:31:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:31:55 = * NULL == SampleProvider *

19:31:55 = ##### Begin waiting Mutex to release process #####
19:31:56 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:31:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:31:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:31:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:32:0 = Need to re-create objects.
19:32:0 = s1.
19:32:0 = s2.
19:32:3 = Start show animate
19:32:3 = Shell Excutute VerifyHost
19:32:41 = begin close Process
19:32:41 = Terminate Process
19:32:42 = end close Process
19:32:42 = DLL_PROCESS_DETACH
23:10:19 = Process Attach
23:10:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:10:19 = * NULL == SampleProvider *

23:10:19 = ##### Begin waiting Mutex to release process #####
23:10:19 = hWnd = 0x000204ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:10:19 = hWnd = 0x00050480; ClassName:
dow.
x=0, y=0, width=1, height=1
23:10:19 = hWnd = 0x000204d6; ClassName:
x=0, y=0, width=0, height=0
23:10:19 = hWnd = 0x000204ca; ClassName:
x=0, y=0, width=0, height=0
23:10:23 = Process Attach
23:10:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:10:23 = * NULL == SampleProvider *

23:10:23 = begin close Process
23:10:23 = end close Process
23:10:23 = ##### Get event and release process end #####
23:10:23 = hWnd = 0x000700ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:10:23 = hWnd = 0x000b008e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:10:23 = hWnd = 0x000500ca; ClassName:
x=0, y=0, width=0, height=0
23:10:23 = hWnd = 0x000d00c8; ClassName:
x=0, y=0, width=0, height=0
8:43:45 = Process Attach
8:43:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:43:45 = * NULL == SampleProvider *

8:43:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:43:46 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:43:47 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:43:47 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:43:51 = Need to re-create objects.
8:43:51 = s1.
8:43:51 = s2.
8:43:54
8:43:54
8:44:31
8:44:31
8:44:32
8:44:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:48:20 = Process Attach

8:48:20 = end process attach
8:48:20 = ***** NULL == SampleProvider *****
8:48:20 = ##### Begin waiting Mutex to release process #####
8:48:20 = hWnd = 0x00030496; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:48:20 = hWnd = 0x00040470; ClassName:
ow.
x=0, y=0, width=1, height=1
8:48:20 = hWnd = 0x0002046e; ClassName:
x=0, y=0, width=0, height=0
8:48:20 = hWnd = 0x00050444; ClassName:
x=0, y=0, width=0, height=0
8:48:24 = Process Attach
8:48:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:48:24 = * NULL == SampleProvider *

8:48:24 = begin close Process
8:48:24 = end close Process
8:48:24 = ##### Get event and release process end #####
8:48:24 = hWnd = 0x0002008e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:48:24 = hWnd = 0x000200cc; ClassName:
ow.
x=0, y=0, width=1, height=1
8:48:24 = hWnd = 0x000300c2; ClassName:
x=0, y=0, width=0, height=0
8:48:24 = hWnd = 0x00020068; ClassName:
x=0, y=0, width=0, height=0
8:49:40 = Process Attach
8:49:40 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:49:40 = * NULL == SampleProvider *

8:49:40 = ##### Begin waiting Mutex to release process #####
8:49:41 =
ow.
x=0, y=0,
8:49:41 =
x=0, y=0,
8:49:41 =
x=0, y=0,
8:49:46 =

8:49:46 = s1.
8:49:46 = s2.
8:49:50 = Start show animate
8:49:50 = Shell Excutute VerifyHost
8:50:26 = begin close Process

8:50:26 = Terminate Process

8:50:27 = end close Process
8:50:27 = DLL_PROCESS_DETACH
1:22:55 = Process Attach
1:22:55 = end process attach
1:22:55 = ***** NULL == SampleProvider *****
1:22:55 = hWnd = 0x0f780c64; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:22:55 = ##### Begin waiting Mutex to release process #####
1:22:55 =
ow.
x=0, y=0,
1:22:55 =
x=0, y=0,
1:22:55 =
x=0, y=0,
1:23:33 =
1:23:33 =

hWnd = 0x00820ab8; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x7502036a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0038045c; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:23:33 = * NULL == SampleProvider *

1:23:33 = begin close Process
1:23:33 = end close Process
1:23:33 = ##### Get event and release process end #####
1:23:33 = hWnd = 0x004b00fc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:23:33 = hWnd = 0x00040094; ClassName:
ow.
x=0, y=0, width=1, height=1
1:23:33 = hWnd = 0x00530124; ClassName:
x=0, y=0, width=0, height=0
1:23:33 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
1:35:12 = Process Attach
1:35:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:12 = * NULL == SampleProvider *

1:35:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:35:13 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
1:35:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
1:35:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
1:35:15 = Need to re-create objects.
1:35:16 = s1.
1:35:16 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:35:20
1:35:20
1:35:58
1:35:58
1:35:59
1:35:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:44:47 = Process Attach

1:44:47 = end process attach
1:44:47 = ***** NULL == SampleProvider *****
1:44:47 = ##### Begin waiting Mutex to release process #####
1:44:47 = hWnd = 0x0002048c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:44:47 = hWnd = 0x00030474; ClassName:
ow.
x=0, y=0, width=1, height=1
1:44:47 = hWnd = 0x00020158; ClassName:
x=0, y=0, width=0, height=0
1:44:47 = hWnd = 0x000204a8; ClassName:
x=0, y=0, width=0, height=0
1:45:10 = Process Attach
1:45:10 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:45:10 = * NULL == SampleProvider *

1:45:10 = begin close Process
1:45:10 = end close Process
1:45:10 = ##### Get event and release process end #####
1:45:10 = hWnd = 0x000200b8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:45:10 = hWnd = 0x000400b2; ClassName:
ow.
x=0, y=0, width=1, height=1
1:45:10 = hWnd = 0x00050064; ClassName:
x=0, y=0, width=0, height=0
1:45:10 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
2:23:4 = Process Attach
2:23:5 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:23:5 = * NULL == SampleProvider *

2:23:5 = ##### Begin waiting Mutex to release process #####
2:23:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:23:5 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
2:23:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
2:23:5 = hWnd = 0x0001001a; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

2:23:10 = Need to re-create objects.
2:23:10 = s1.
2:23:10 = s2.
2:23:14
2:23:14
2:23:50
2:23:50
2:23:51
2:23:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:28:29 = Process Attach

2:28:29 = end process attach
2:28:29 = ***** NULL == SampleProvider *****
2:28:29 = ##### Begin waiting Mutex to release process #####
2:28:29 = hWnd = 0x00030364; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:28:29 = hWnd = 0x000604da; ClassName:
ow.
x=0, y=0, width=1, height=1
2:28:29 = hWnd = 0x0003035e; ClassName:
x=0, y=0, width=0, height=0
2:28:29 = hWnd = 0x0003038a; ClassName:
x=0, y=0, width=0, height=0
2:28:34 = Process Attach
2:28:34 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:28:34 = * NULL == SampleProvider *

2:28:34 = begin close Process
2:28:34 = end close Process
2:28:34 = ##### Get event and release process end #####
2:28:34 = hWnd = 0x000200e8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:28:34 = hWnd = 0x0003008a; ClassName:
ow.
x=0, y=0, width=1, height=1
2:28:34 = hWnd = 0x000200a4; ClassName:
x=0, y=0, width=0, height=0
2:28:34 = hWnd = 0x000200ee; ClassName:
x=0, y=0, width=0, height=0
8:16:16 = Process Attach
8:16:16 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:16:16 = * NULL == SampleProvider *

8:16:16 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:16:17 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
8:16:17 =
x=0, y=0,
8:16:17 =
x=0, y=0,
8:16:21 =

width=1, height=1
hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

8:16:22 = s1.
8:16:22 = s2.
8:16:25 = Start show animate
8:16:25 = Shell Excutute VerifyHost
8:17:3 = begin close Process
8:17:3 = Terminate Process
8:17:4 = end close Process
8:17:4 = DLL_PROCESS_DETACH
12:54:38 = Process Attach
12:54:38 = end process attach
12:54:38 = ***** NULL == SampleProvider *****
12:54:38 = ##### Begin waiting Mutex to release process #####
12:54:38 = hWnd = 0x000a05a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:54:38 = hWnd = 0x00090576; ClassName:
dow.
x=0, y=0, width=1, height=1
12:54:38 = hWnd = 0x000905aa; ClassName:
x=0, y=0, width=0, height=0
12:54:38 = hWnd = 0x000805ac; ClassName:
x=0, y=0, width=0, height=0
12:54:58 = Process Attach
12:54:58 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:54:58 = * NULL == SampleProvider *

12:54:58 = begin close Process
12:54:58 = end close Process
12:54:58 = ##### Get event and release process end #####
12:54:58 = hWnd = 0x000b00c4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:54:58 = hWnd = 0x00040090; ClassName:
dow.
x=0, y=0, width=1, height=1
12:54:58 = hWnd = 0x001600c6; ClassName:
x=0, y=0, width=0, height=0
12:54:58 = hWnd = 0x00030092; ClassName:
x=0, y=0, width=0, height=0
12:59:37 = Process Attach
12:59:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:59:37 = * NULL == SampleProvider *

12:59:37 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
12:59:37 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
12:59:38 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
12:59:38 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
12:59:41 = Need to re-create objects.
12:59:41 = s1.
12:59:41 = s2.
12:59:44 = Start show animate
12:59:44 = Shell Excutute VerifyHost
13:0:21 = begin close Process
13:0:21 = Terminate Process
13:0:22 = end close Process
13:0:22 = DLL_PROCESS_DETACH
13:17:40 = Process Attach
13:17:40 = end process attach
13:17:40 = ***** NULL == SampleProvider *****
13:17:40 = hWnd = 0x000f0596; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:17:40 = hWnd = 0x00060310; ClassName:
dow.
x=0, y=0, width=1, height=1
13:17:40 = hWnd = 0x000f0454; ClassName:
x=0, y=0, width=0, height=0
13:17:40 = hWnd = 0x000f04aa; ClassName:
x=0, y=0, width=0, height=0
13:18:22 = Process Attach
13:18:22 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:18:22 = ##### Get event and release process #####

13:18:22 = ***** NULL == SampleProvider *****
13:18:22 = ##### Get event and release process end #####
13:18:22 = hWnd = 0x000600a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:18:22 = hWnd = 0x000500aa; ClassName:
dow.
x=0, y=0, width=1, height=1
13:18:22 = hWnd = 0x000800ea; ClassName:
x=0, y=0, width=0, height=0
13:18:22 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
13:20:22 = Process Attach
13:20:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:20:22 = * NULL == SampleProvider *

13:20:22 = hWnd = 0x0001001c; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:20:23 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:20:23 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:20:23 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:20:30 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:20:30 = s1.
13:20:30 = s2.
13:20:34
13:20:34
13:21:10
13:21:10
13:21:11
13:21:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:33:35 = Process Attach

13:33:35 = end process attach
13:33:35 = ***** NULL == SampleProvider *****
13:33:35 = ##### Begin waiting Mutex to release process #####
13:33:35 = hWnd = 0x00070576; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:33:35 = hWnd = 0x00060560; ClassName:
dow.
x=0, y=0, width=1, height=1
13:33:35 = hWnd = 0x00090550; ClassName:
x=0, y=0, width=0, height=0
13:33:35 = hWnd = 0x00070558; ClassName:
x=0, y=0, width=0, height=0
13:34:24 = Process Attach
13:34:24 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:34:24 = * NULL == SampleProvider *

13:34:24 = begin close Process
13:34:24 = end close Process
13:34:24 = ##### Get event and release process end #####
13:34:24 = hWnd = 0x000700c2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:34:24 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
13:34:24 = hWnd = 0x000700ca; ClassName:
x=0, y=0, width=0, height=0
13:34:24 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:37:57 = Process Attach

13:37:57 = end process attach
13:37:57 = ***** NULL == SampleProvider *****
13:37:57 = ##### Begin waiting Mutex to release process #####
13:37:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:37:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:37:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:37:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:38:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:38:3 = s1.
13:38:3 = s2.
13:38:6 = Start show animate
13:38:6 = Shell Excutute VerifyHost
13:38:42 = begin close Process
13:38:42 = Terminate Process
13:38:43 = end close Process
13:38:43 = DLL_PROCESS_DETACH
14:2:10 = Process Attach
14:2:10 = end process attach
14:2:10 = ***** NULL == SampleProvider *****
14:2:10 = hWnd = 0x0005015c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:2:10 = ##### Begin waiting Mutex to release process #####
14:2:10 =
ow.
x=0, y=0,
14:2:10 =
x=0, y=0,
14:2:10 =
x=0, y=0,
14:2:36 =
14:2:36 =

hWnd = 0x00050556; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0005051a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00050476; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

14:2:36 = ##### Get event and release process #####

14:2:36 = begin close Process
14:2:36 = end close Process
14:2:37 = ##### Get event and release process end #####
14:2:37 = hWnd = 0x00040098; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:2:37 = hWnd = 0x000400b4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
14:2:37 =
x=0, y=0,
14:2:37 =
x=0, y=0,
14:4:23 =
14:4:23 =

width=1, height=1
hWnd = 0x000600a4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000200bc; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

14:4:23 = * NULL == SampleProvider *

14:4:23 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:4:24 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
14:4:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:4:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:4:28 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:4:28 = s1.
14:4:28 = s2.
14:4:31 = Start show animate
14:4:31 = Shell Excutute VerifyHost
14:5:8 = begin close Process
14:5:8 = Terminate Process
14:5:9 = end close Process
14:5:9 = DLL_PROCESS_DETACH
16:23:19 = Process Attach
16:23:19 = end process attach
16:23:19 = ***** NULL == SampleProvider *****
16:23:19 = hWnd = 0x00040578; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:23:19 = hWnd = 0x000404d4; ClassName:
dow.
x=0, y=0, width=1, height=1
16:23:19 = hWnd = 0x0003057c; ClassName:
x=0, y=0, width=0, height=0
16:23:19 = hWnd = 0x00040576; ClassName:
x=0, y=0, width=0, height=0
16:23:57 = Process Attach
16:23:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:23:57 = * NULL == SampleProvider *

16:23:57 = begin close Process
16:23:57 = end close Process
16:23:57 = ##### Get event and release process end #####
16:23:57 = hWnd = 0x000500c8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768

16:23:57 = hWnd = 0x00050050; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:23:57 = hWnd = 0x00050088; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
16:23:57 = hWnd = 0x000200b4; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:31:21 = Process Attach
16:31:21 = end process attach
16:31:21 = ***** NULL == SampleProvider *****
16:31:21 = ##### Begin waiting Mutex to release process #####
16:31:21 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:31:21 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:31:21 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:31:21 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:31:27 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:31:27 = s1.
16:31:27 = s2.
16:31:27
16:31:27
16:31:42
16:31:42
16:31:43
16:31:43

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:1:31 = Process Attach

1:1:31 = end process attach
1:1:31 = ***** NULL == SampleProvider *****
1:1:31 = ##### Begin waiting Mutex to release process #####
1:1:31 = hWnd = 0x003b06ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:31 = hWnd = 0x00140516; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:31 = hWnd = 0x01020612; ClassName:
x=0, y=0, width=0, height=0
1:1:31 = hWnd = 0x039d081a; ClassName:
x=0, y=0, width=0, height=0
1:1:46 = Process Attach
1:1:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:1:46 = * NULL == SampleProvider *

1:1:46 = begin close Process

1:1:46 = end close Process
1:1:46 = ##### Get event and release process end #####
1:1:46 = hWnd = 0x000b0060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:1:46 = hWnd = 0x00030048; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:46 = hWnd = 0x002400d6; ClassName:
x=0, y=0, width=0, height=0
1:1:46 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
7:49:33 = Process Attach
7:49:33 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:49:33 = ##### Begin waiting Mutex to release process #####

7:49:33 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:49:33 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:49:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:49:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:49:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:49:37 = s1.
7:49:37 = s2.
7:49:39 = Start show animate
7:49:39 = Shell Excutute VerifyHost
7:50:2 = begin close Process
7:50:2 = Terminate Process
7:50:3 = end close Process
7:50:3 = DLL_PROCESS_DETACH
11:51:57 = Process Attach
11:51:57 = end process attach
11:51:57 = ***** NULL == SampleProvider *****
11:51:57 = ##### Begin waiting Mutex to release process #####
11:51:57 = hWnd = 0x000404d0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:51:57 = hWnd = 0x000d0972; ClassName:
dow.
x=0, y=0, width=1, height=1
11:51:57 = hWnd = 0x000404ca; ClassName:
x=0, y=0, width=0, height=0
11:51:57 = hWnd = 0x000304de; ClassName:
x=0, y=0, width=0, height=0
11:54:34 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:54:34 = ## ERR ## Setevent

11:54:34 = ##### Get event and release process #####
11:54:34 = begin close Process
11:54:34 = end close Process
11:54:34 = ##### Get event and release process end #####
11:54:34 = hWnd = 0x000200ae; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
11:54:34 = hWnd = 0x00040076; ClassName:
dow.
x=0, y=0, width=1, height=1
11:54:34 = hWnd = 0x00040052; ClassName:
x=0, y=0, width=0, height=0
11:54:34 = hWnd = 0x000200ac; ClassName:
x=0, y=0, width=0, height=0
11:58:55 = Process Attach
11:58:55 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:58:55 = * NULL == SampleProvider *

11:58:55 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:58:56 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
11:58:56 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:58:56 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:59:2 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:59:2 = s1.
11:59:2 = s2.
11:59:5 = Start show animate
11:59:5 = Shell Excutute VerifyHost
11:59:43 = begin close Process
11:59:43 = Terminate Process
11:59:44 = end close Process
11:59:44 = DLL_PROCESS_DETACH
16:50:30 = Process Attach
16:50:30 = end process attach
16:50:30 = ***** NULL == SampleProvider *****
16:50:30 = ##### Begin waiting Mutex to release process #####
16:50:30 = hWnd = 0x0004045a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:50:30 = hWnd = 0x00040476; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:50:30 = hWnd = 0x0008047e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

16:50:30 = hWnd = 0x00060454; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
16:50:44 = Process Attach
16:50:44 = ## ERR ## Setevent
16:50:44 = ***** NULL == SampleProvider *****
16:50:44 = begin close Process
16:50:44 = end close Process
16:50:44 = ##### Get event and release process end #####
16:50:44 = hWnd = 0x000700c8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:50:44 = hWnd = 0x000400a2; ClassName:
dow.
x=0, y=0, width=1, height=1
16:50:44 = hWnd = 0x000a0086; ClassName:
x=0, y=0, width=0, height=0
16:50:44 = hWnd = 0x000300a4; ClassName:
x=0, y=0, width=0, height=0
19:48:17 = Process Attach
19:48:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:48:17 = * NULL == SampleProvider *

19:48:17 = ##### Begin waiting Mutex to release process #####
19:48:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:48:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:48:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:48:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:48:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:48:22 = s1.
19:48:22 = s2.
19:48:26 = Start show animate
19:48:26 = Shell Excutute VerifyHost
19:49:4 = begin close Process
19:49:4 = Terminate Process
19:49:5 = end close Process
19:49:5 = DLL_PROCESS_DETACH
0:12:47 = Process Attach
0:12:47 = end process attach
0:12:47 = ***** NULL == SampleProvider *****
0:12:47 = ##### Begin waiting Mutex to release process #####
0:12:47 = hWnd = 0x000c0534; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
0:12:47 = hWnd = 0x000704f0; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:12:47 = hWnd = 0x000e0554; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:12:47 = hWnd = 0x000a057c; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:12:53 = Process Attach
0:12:53 = ## ERR ## Setevent
0:12:53 = ***** NULL == SampleProvider *****
0:12:53 = ##### Get event and release process #####
0:12:53 = begin close Process
0:12:53 = end close Process
0:12:53 = ##### Get event and release process end #####
0:12:53 =
ow.
x=0, y=0,
0:12:53 =
x=0, y=0,
0:12:53 =
x=0, y=0,
6:37:38 =
6:37:38 =

hWnd = 0x000400a2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000400da; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000e00c8; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

6:37:38 = * NULL == SampleProvider *

6:37:38 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:37:39 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:37:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:37:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:37:42 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:37:42 = s1.
6:37:42 = s2.
6:37:47
6:37:47
6:38:24
6:38:24
6:38:25
6:38:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:2:46 = Process Attach

4:2:48 = end process attach
4:2:48 = ***** NULL == SampleProvider *****

4:2:48 = ##### Begin waiting Mutex to release process #####

4:2:49 = hWnd = 0x002609dc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:2:49 = hWnd = 0x00140adc; ClassName:
w.
x=0, y=0, width=1, height=1
4:2:49 = hWnd = 0x001a0b50; ClassName:
x=0, y=0, width=0, height=0
4:2:49 = hWnd = 0x002509d4; ClassName:
x=0, y=0, width=0, height=0
4:4:21 = Process Attach
4:4:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:4:21 = * NULL == SampleProvider *

4:4:21 = begin close Process
4:4:21 = end close Process
4:4:21 = ##### Get event and release process end #####
4:4:21 = hWnd = 0x000400a0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:4:21 = hWnd = 0x000400a6; ClassName:
w.
x=0, y=0, width=1, height=1
4:4:21 = hWnd = 0x000f00bc; ClassName:
x=0, y=0, width=0, height=0
4:4:21 = hWnd = 0x000300a8; ClassName:
x=0, y=0, width=0, height=0
6:13:9 = Process Attach
6:13:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:13:9 = * NULL == SampleProvider *

6:13:9 = ##### Begin waiting Mutex to release process #####
6:13:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:13:10 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:13:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:13:11 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:13:13 = Need to re-create objects.
6:13:14 = s1.
6:13:14 = s2.
6:13:18
6:13:18
6:13:55
6:13:55
6:13:56
6:13:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:56:40 = Process Attach

0:56:41 = end process attach
0:56:41 = ***** NULL == SampleProvider *****
0:56:41 = hWnd = 0x00080496; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:56:41 = hWnd = 0x001804dc; ClassName:
ow.
x=0, y=0, width=1, height=1
0:56:41 = hWnd = 0x000904b2; ClassName:
x=0, y=0, width=0, height=0
0:56:41 = hWnd = 0x000e04da; ClassName:
x=0, y=0, width=0, height=0
0:57:0 = Process Attach
0:57:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:57:0 = * NULL == SampleProvider *

0:57:0 = begin close Process
0:57:0 = end close Process
0:57:0 = ##### Get event and release process end #####
0:57:0 = hWnd = 0x000f00e8; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:57:0 = hWnd = 0x000300a0; ClassName:
w.
x=0, y=0, width=1, height=1
0:57:0 = hWnd = 0x0010003e; ClassName:
x=0, y=0, width=0, height=0
0:57:0 = hWnd = 0x00050080; ClassName:
x=0, y=0, width=0, height=0
8:22:2 = Process Attach
8:22:2 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:22:2 = * NULL == SampleProvider *

8:22:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:22:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:22:3 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:22:3 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:22:6 = Need to re-create objects.
8:22:6 = s1.
8:22:6 = s2.
8:22:10
8:22:10
8:22:48
8:22:48

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:22:49 = end close Process

8:22:49 = DLL_PROCESS_DETACH
19:45:37 = Process Attach
19:45:37 = end process attach
19:45:37 = ***** NULL == SampleProvider *****
19:45:37 = hWnd = 0x00040674; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:45:37 = hWnd = 0x003a0312; ClassName:
dow.
x=0, y=0, width=1, height=1
19:45:37 = hWnd = 0x0020052e; ClassName:
x=0, y=0, width=0, height=0
19:45:37 = hWnd = 0x000c0678; ClassName:
x=0, y=0, width=0, height=0
19:45:55 = Process Attach
19:45:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:45:55 = * NULL == SampleProvider *

19:45:55 = ##### Get event and release process end #####
19:45:55 = hWnd = 0x001000de; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:45:55 = hWnd = 0x0004002a; ClassName:
dow.
x=0, y=0, width=1, height=1
19:45:55 = hWnd = 0x0015003a; ClassName:
x=0, y=0, width=0, height=0
19:45:55 = hWnd = 0x000300a6; ClassName:
x=0, y=0, width=0, height=0
21:35:38 = Process Attach
21:35:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:35:38 = * NULL == SampleProvider *

21:35:38 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:35:39 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:35:40 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:35:40 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:35:42 = Need to re-create objects.
21:35:42 = s1.
21:35:42 = s2.
21:35:45
21:35:45
21:36:23
21:36:23

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:36:24 = end close Process

21:36:24 = DLL_PROCESS_DETACH
21:57:27 = Process Attach
21:57:27 = end process attach
21:57:27 = ***** NULL == SampleProvider *****
21:57:27 = hWnd = 0x000304fe; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:57:27 = hWnd = 0x000e04d6; ClassName:
dow.
x=0, y=0, width=1, height=1
21:57:27 = hWnd = 0x000a0530; ClassName:
x=0, y=0, width=0, height=0
21:57:27 = hWnd = 0x001a0542; ClassName:
x=0, y=0, width=0, height=0
21:57:31 = Process Attach
21:57:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:57:31 = ##### Get event and release process #####

21:57:31 = begin close Process
21:57:31 = end close Process
21:57:31 = ##### Get event and release process end #####
21:57:31 = ***** NULL == SampleProvider *****
21:57:31 = hWnd = 0x00060066; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
21:57:31 = hWnd = 0x000400ee; ClassName:
dow.
x=0, y=0, width=1, height=1
21:57:31 = hWnd = 0x000300f0; ClassName:
x=0, y=0, width=0, height=0
21:57:31 = hWnd = 0x00040094; ClassName:
x=0, y=0, width=0, height=0
7:44:7 = Process Attach
7:44:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:44:7 = * NULL == SampleProvider *

7:44:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:44:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:44:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:44:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:44:12 = Need to re-create objects.
7:44:12 = s1.
7:44:12 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:44:15
7:44:15
7:44:52
7:44:52
7:44:54
7:44:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:36:38 = Process Attach

15:36:38 = end process attach
15:36:38 = ***** NULL == SampleProvider *****
15:36:38 = ##### Begin waiting Mutex to release process #####
15:36:38 = hWnd = 0x000604c0; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:36:38 = hWnd = 0x000904a4; ClassName:
dow.
x=0, y=0, width=1, height=1
15:36:38 = hWnd = 0x002004bc; ClassName:
x=0, y=0, width=0, height=0
15:36:38 = hWnd = 0x000b0472; ClassName:
x=0, y=0, width=0, height=0
15:37:55 = Process Attach
15:37:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:37:55 = ##### Get event and release process #####

15:37:55 = hWnd = 0x000600c6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:37:55 = end close Process
15:37:55 = hWnd = 0x00070084; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:37:55 = hWnd = 0x000300a0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:42:50 = Process Attach
15:42:50 = end process attach
15:42:50 = ***** NULL == SampleProvider *****
15:42:50 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:42:51 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:42:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:42:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:42:55 = Need to re-create objects.
15:42:55 = s1.
15:42:55 = s2.
15:42:59 = Start show animate
15:42:59 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:43:36
15:43:36
15:43:37
15:43:37

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

23:43:5 = Process Attach

23:43:5 = end process attach
23:43:5 = ***** NULL == SampleProvider *****
23:43:5 = ##### Begin waiting Mutex to release process #####
23:43:5 = hWnd = 0x0039055a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:43:5 = hWnd = 0x009e059c; ClassName:
ow.
x=0, y=0, width=1, height=1
23:43:5 = hWnd = 0x093c06e0; ClassName:
x=0, y=0, width=0, height=0
23:43:5 = hWnd = 0x00910700; ClassName:
x=0, y=0, width=0, height=0
23:43:31 = Process Attach
23:43:31 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:43:31 = * NULL == SampleProvider *

23:43:31 = begin close Process
23:43:31 = end close Process
23:43:31 = ##### Get event and release process end #####
23:43:31 = hWnd = 0x00c30068; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:43:31 = hWnd = 0x00030098; ClassName:
dow.
x=0, y=0, width=1, height=1
23:43:31 = hWnd = 0x000a00e0; ClassName:
x=0, y=0, width=0, height=0
23:43:31 = hWnd = 0x00040082; ClassName:
x=0, y=0, width=0, height=0
7:22:43 = Process Attach
7:22:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:22:43 = * NULL == SampleProvider *

7:22:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:22:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:22:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:22:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:22:47 = Need to re-create objects.
7:22:47 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:22:47 = s2.
7:22:50
7:22:50
7:23:28
7:23:28
7:23:29
7:23:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

2:42:4 = Process Attach

2:42:5 = end process attach
2:42:5 = ***** NULL == SampleProvider *****
2:42:5 = ##### Begin waiting Mutex to release process #####
2:42:5 = hWnd = 0x002b0514; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
2:42:5 = hWnd = 0x0384052a; ClassName:
w.
x=0, y=0, width=1, height=1
2:42:5 = hWnd = 0x000e04d6; ClassName:
x=0, y=0, width=0, height=0
2:42:5 = hWnd = 0x00080504; ClassName:
x=0, y=0, width=0, height=0
2:42:16 = Process Attach
2:42:16 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

2:42:16 = * NULL == SampleProvider *

2:42:16 = begin close Process
2:42:16 = end close Process
2:42:16 = ##### Get event and release process end #####
2:42:16 = hWnd = 0x000e00ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
2:42:16 = hWnd = 0x00040050; ClassName:
ow.
x=0, y=0, width=1, height=1
2:42:16 = hWnd = 0x001000c6; ClassName:
x=0, y=0, width=0, height=0
2:42:16 = hWnd = 0x00040098; ClassName:
x=0, y=0, width=0, height=0
8:35:36 = Process Attach
8:35:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:35:36 = * NULL == SampleProvider *

8:35:36 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:35:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:35:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:35:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:35:40 = Need to re-create objects.

8:35:40 = s1.
8:35:40 = s2.
8:35:44
8:35:44
8:36:22
8:36:22
8:36:24
8:36:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:44:26 = Process Attach

0:44:26 = end process attach
0:44:26 = ***** NULL == SampleProvider *****
0:44:26 = ##### Begin waiting Mutex to release process #####
0:44:26 =
ow.
x=0, y=0,
0:44:26 =
x=0, y=0,
0:44:26 =
x=0, y=0,
0:44:57 =
0:44:57 =

hWnd = 0x00240494; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x1d0f04c6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00b7049e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:44:57 = * NULL == SampleProvider *

0:44:57 = begin close Process
0:44:57 = end close Process
0:44:57 = ##### Get event and release process end #####
0:44:57 = hWnd = 0x014b0118; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:44:57 = hWnd = 0x000600b2; ClassName:
ow.
x=0, y=0, width=1, height=1
0:44:57 = hWnd = 0x0010012c; ClassName:
x=0, y=0, width=0, height=0
0:44:57 = hWnd = 0x000200ba; ClassName:
x=0, y=0, width=0, height=0
8:17:59 = Process Attach
8:18:0 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:18:0 = * NULL == SampleProvider *

8:18:0 = ##### Begin waiting Mutex to release process #####
8:18:0 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:18:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
8:18:1 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

8:18:1 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:18:4 = Need to re-create objects.
8:18:4 = s1.
8:18:4 = s2.
8:18:8 = Start show animate
8:18:8 = Shell Excutute VerifyHost
8:18:45 = begin close Process
8:18:45 = Terminate Process
8:18:46 = end close Process
8:18:46 = DLL_PROCESS_DETACH
20:38:16 = Process Attach
20:38:16 = end process attach
20:38:16 = ***** NULL == SampleProvider *****
20:38:16 = ##### Begin waiting Mutex to release process #####
20:38:16 = hWnd = 0x004505e8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:38:16 = hWnd = 0x0023065c; ClassName:
dow.
x=0, y=0, width=1, height=1
20:38:16 = hWnd = 0x000a0650; ClassName:
x=0, y=0, width=0, height=0
20:38:16 = hWnd = 0x0011064e; ClassName:
x=0, y=0, width=0, height=0
20:38:49 = Process Attach
20:38:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:38:49 = ##### Get event and release process #####

20:38:49 = begin close Process
20:38:49 = end close Process
20:38:49 = ##### Get event and release process end #####
20:38:49 = ***** NULL == SampleProvider *****
20:38:49 = hWnd = 0x000a004c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:38:49 = hWnd = 0x000200b6; ClassName:
dow.
x=0, y=0, width=1, height=1
20:38:49 = hWnd = 0x00180076; ClassName:
x=0, y=0, width=0, height=0
20:38:49 = hWnd = 0x0004008e; ClassName:
x=0, y=0, width=0, height=0
20:41:13 = Process Attach
20:41:13 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:41:13 = ##### Begin waiting Mutex to release process #####

20:41:13 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
20:41:14 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:41:15 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:41:15 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:41:17 = Need to re-create objects.
20:41:17 = s1.
20:41:17 = s2.
20:41:19
20:41:19
20:41:49
20:41:49
20:41:50
20:41:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:21:9 = Process Attach

22:21:9 = end process attach
22:21:9 = ***** NULL == SampleProvider *****
22:21:9 = ##### Begin waiting Mutex to release process #####
22:21:9 = hWnd = 0x00030508; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:21:9 = hWnd = 0x0005050a; ClassName:
ow.
x=0, y=0, width=1, height=1
22:21:9 = hWnd = 0x000404e2; ClassName:
x=0, y=0, width=0, height=0
22:21:9 = hWnd = 0x000604fa; ClassName:
x=0, y=0, width=0, height=0
22:21:25 = Process Attach
22:21:25 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:21:25 = * NULL == SampleProvider *

22:21:25 = begin close Process
22:21:25 = end close Process
22:21:25 = ##### Get event and release process end #####
22:21:25 = hWnd = 0x000200f2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:21:25 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
22:21:25 = hWnd = 0x000200c4; ClassName:
x=0, y=0, width=0, height=0
22:21:25 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
7:34:47 = Process Attach
7:34:47 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:34:47 = * NULL == SampleProvider *

7:34:47 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:34:47 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:34:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:34:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:34:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:34:50 = s1.
7:34:50 = s2.
7:34:53
7:34:53
7:35:33
7:35:33
7:35:34
7:35:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:26:8 = Process Attach

8:26:8 = end process attach
8:26:8 = ***** NULL == SampleProvider *****
8:26:8 = ##### Begin waiting Mutex to release process #####
8:26:8 = hWnd = 0x00090492; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:26:8 = hWnd = 0x000b04ae; ClassName:
w.
x=0, y=0, width=1, height=1
8:26:8 = hWnd = 0x000804b0; ClassName:
x=0, y=0, width=0, height=0
8:26:8 = hWnd = 0x000c04c4; ClassName:
x=0, y=0, width=0, height=0
8:27:47 = Process Attach
8:27:47 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:27:47 = * NULL == SampleProvider *

8:27:47 =
8:27:47 =
8:27:47 =
x=0, y=0,
8:27:47 =
x=0, y=0,
8:30:19 =
8:30:19 =

begin close Process

end close Process
hWnd = 0x000500e2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000200c2; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

8:30:19 = * NULL == SampleProvider *

8:30:19 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
8:30:20 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
8:30:20 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:30:20 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:30:22 = Need to re-create objects.
8:30:22 = s1.
8:30:22 = s2.
8:30:25 = Start show animate
8:30:25 = Shell Excutute VerifyHost
8:31:4 = begin close Process
8:31:4 = Terminate Process
8:31:5 = end close Process
8:31:5 = DLL_PROCESS_DETACH
9:56:32 = Process Attach
9:56:32 = end process attach
9:56:32 = ***** NULL == SampleProvider *****
9:56:32 = ##### Begin waiting Mutex to release process #####
9:56:32 = hWnd = 0x0004052a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:56:32 = hWnd = 0x000b0482; ClassName:
ow.
x=0, y=0, width=1, height=1
9:56:32 = hWnd = 0x00030480; ClassName:
x=0, y=0, width=0, height=0
9:56:32 = hWnd = 0x0006052c; ClassName:
x=0, y=0, width=0, height=0
9:56:49 = Process Attach
9:56:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:56:49 = ##### Get event and release process #####

9:56:49 = begin close Process
9:56:49 = hWnd = 0x000300f8; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:56:49 = ##### Get event and release process end #####
9:56:49 = hWnd = 0x000200c6; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:56:49 = hWnd = 0x000900c4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:56:49 = hWnd = 0x000200c8; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:9:5 = Process Attach
10:9:5 = end process attach

10:9:5 = * NULL == SampleProvider *

10:9:5 = ##### Begin waiting Mutex to release process #####
10:9:5 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:9:6 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
10:9:6 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:9:6 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:9:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:7 = s1.
10:9:7 = s2.
10:9:7 = Start show animate
10:9:7 = Shell Excutute VerifyHost
10:9:41 = begin close Process
10:9:41 = Terminate Process
10:9:42 = end close Process
10:9:42 = DLL_PROCESS_DETACH
22:52:14 = Process Attach
22:52:15 = end process attach
22:52:15 = ##### Begin waiting Mutex to release process #####
22:52:15 = ***** NULL == SampleProvider *****
22:52:15 = hWnd = 0x00360ac6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:52:15 = hWnd = 0x003a09de; ClassName:
dow.
x=0, y=0, width=1, height=1
22:52:15 = hWnd = 0x00050a18; ClassName:
x=0, y=0, width=0, height=0
22:52:15 = hWnd = 0x000d0bfe; ClassName:
x=0, y=0, width=0, height=0
22:52:50 = Process Attach
22:52:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:52:50 = ##### Get event and release process #####

22:52:50 = begin close Process
22:52:50 = end close Process
22:52:50 = ##### Get event and release process end #####
22:52:50 = ***** NULL == SampleProvider *****
22:52:50 = hWnd = 0x009300da; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:52:50 = hWnd = 0x000200ae; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

22:52:50 = hWnd = 0x00160032; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:52:50 = hWnd = 0x000200b0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:16:10 = Process Attach
8:16:10 = end process attach
8:16:10 = ***** NULL == SampleProvider *****
8:16:10 = ##### Begin waiting Mutex to release process #####
8:16:10 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:16:10 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:16:10 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:16:10 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:16:12 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:16:12 = s1.
8:16:12 = s2.
8:16:12
8:16:12
8:16:45
8:16:45
8:16:46
8:16:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:34:6 = Process Attach

0:34:6 = end process attach
0:34:6 = ***** NULL == SampleProvider *****
0:34:6 = hWnd = 0x0019052e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:34:6 = ##### Begin waiting Mutex to release process #####
0:34:6 = hWnd = 0x002d054a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:34:6 = hWnd = 0x00260548; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:34:6 = hWnd = 0x000f052a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:35:46 = Process Attach
0:35:46 = ## ERR ## Setevent
0:35:46 = ##### Get event and release process #####
0:35:46 = begin close Process
0:35:46 = end close Process
0:35:46 = ##### Get event and release process end #####

0:35:46 = * NULL == SampleProvider *

0:35:46 = hWnd = 0x0006003c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:35:46 = hWnd = 0x000200f8; ClassName:
ow.
x=0, y=0, width=1, height=1
0:35:46 = hWnd = 0x0033004e; ClassName:
x=0, y=0, width=0, height=0
0:35:46 = hWnd = 0x000300bc; ClassName:
x=0, y=0, width=0, height=0
8:42:29 = Process Attach
8:42:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:42:29 = * NULL == SampleProvider *

8:42:29 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:42:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:42:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:42:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:42:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:42:34 = s1.
8:42:34 = s2.
8:42:37
8:42:37
8:43:14
8:43:14
8:43:15
8:43:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

22:38:26 = Process Attach

22:38:26 = end process attach
22:38:26 = ***** NULL == SampleProvider *****
22:38:26 = hWnd = 0x00020bec; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:38:26 = hWnd = 0x00090bf4; ClassName:
dow.
x=0, y=0, width=1, height=1
22:38:26 = hWnd = 0x00020be0; ClassName:
x=0, y=0, width=0, height=0
22:38:26 = hWnd = 0x00020bf0; ClassName:
x=0, y=0, width=0, height=0
22:38:56 = Process Attach
22:38:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:38:56 = ##### Get event and release process #####

22:38:56 = begin close Process

22:38:56 = end close Process
22:38:56 = ##### Get event and release process end #####
22:38:56 = hWnd = 0x001100cc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:38:56 = hWnd = 0x0003009c; ClassName:
dow.
x=0, y=0, width=1, height=1
22:38:56 = hWnd = 0x001700e0; ClassName:
x=0, y=0, width=0, height=0
22:38:56 = hWnd = 0x00040084; ClassName:
x=0, y=0, width=0, height=0
8:37:52 = Process Attach
8:37:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:37:52 = * NULL == SampleProvider *

8:37:52 = ##### Begin waiting Mutex to release process #####
8:37:52 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:37:53 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:37:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:37:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:37:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:37:57 = s1.
8:37:57 = s2.
8:38:0 = Start show animate
8:38:0 = Shell Excutute VerifyHost
8:38:38 = begin close Process
8:38:38 = Terminate Process
8:38:39 = end close Process
8:38:39 = DLL_PROCESS_DETACH
9:5:54 = Process Attach
9:5:54 = end process attach
9:5:54 = ***** NULL == SampleProvider *****
9:5:54 = ##### Begin waiting Mutex to release process #####
9:5:54 = hWnd = 0x0003048e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:5:54 = hWnd = 0x00040466; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:5:54 = hWnd = 0x00030464; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

9:5:54 = hWnd = 0x00030468; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
9:6:3 = Process Attach
9:6:3 = ## ERR ## Setevent
9:6:3 = ***** NULL == SampleProvider *****
9:6:3 = begin close Process
9:6:3 = end close Process
9:6:3 = ##### Get event and release process end #####
9:6:3 = hWnd = 0x000200e2; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:6:3 = hWnd = 0x000200e4; ClassName:
.
x=0, y=0, width=1, height=1
9:6:3 = hWnd = 0x000300c6; ClassName:
x=0, y=0, width=0, height=0
9:6:3 = hWnd = 0x0003008e; ClassName:
x=0, y=0, width=0, height=0
9:15:44 = Process Attach
9:15:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:44 = * NULL == SampleProvider *

9:15:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:15:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:15:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:15:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:15:50 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:50 = s1.
9:15:50 = s2.
9:15:54
9:15:54
9:16:30
9:16:30
9:16:32
9:16:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:39:51 = Process Attach

9:39:51 = end process attach
9:39:51 = ##### Begin waiting Mutex to release process #####
9:39:51 = hWnd = 0x00020590; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:39:51 = hWnd = 0x00020598; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

9:39:51 = hWnd = 0x00020584; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
9:39:51 = hWnd = 0x00020594; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:9:2 = Process Attach
0:9:2 = ## ERR ## Setevent
0:9:2 = ***** NULL == SampleProvider *****
0:9:2 = begin close Process
0:9:2 = end close Process
0:9:2 = ##### Get event and release process end #####
0:9:2 = hWnd = 0x000200b4; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:9:2 = hWnd = 0x000200b2; ClassName:
.
x=0, y=0, width=1, height=1
0:9:2 = hWnd = 0x0005005a; ClassName:
x=0, y=0, width=0, height=0
0:9:2 = hWnd = 0x002e0092; ClassName:
x=0, y=0, width=0, height=0
8:6:8 = Process Attach
8:6:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:6:8 = * NULL == SampleProvider *

8:6:8 = hWnd = 0x0001001c; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:6:9 = hWnd = 0x00010018; ClassName:
.
x=0, y=0, width=1, height=1
8:6:9 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:6:9 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:6:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:6:12 = s1.
8:6:12 = s2.
8:6:15
8:6:15
8:6:54
8:6:54
8:6:55
8:6:55

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:28:40 = Process Attach

8:28:41 = end process attach
8:28:41 = ***** NULL == SampleProvider *****
8:28:41 = hWnd = 0x000704e4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:28:41 = hWnd = 0x000704ec; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0, width=1, height=1
8:28:41 = hWnd = 0x00030536; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:28:41 = hWnd = 0x000804dc; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:30:8 = Process Attach
8:30:8 = ## ERR ## Setevent
8:30:8 = ##### Get event and release process #####
8:30:8 = begin close Process
8:30:8 = end close Process
8:30:8 = ##### Get event and release process end #####
8:30:8 = hWnd = 0x00050086; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:30:8 = hWnd = 0x0004005c; ClassName:
w.
x=0, y=0, width=1, height=1
8:30:8 = hWnd = 0x000400d6; ClassName:
x=0, y=0, width=0, height=0
8:30:8 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
8:32:28 = Process Attach
8:32:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:32:28 = * NULL == SampleProvider *

8:32:28 = ##### Begin waiting Mutex to release process #####
8:32:28 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:32:29 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:32:29 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:32:29 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:32:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:32:32 = s1.
8:32:32 = s2.
8:32:37
8:32:37
8:33:14
8:33:14
8:33:15
8:33:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:31:17 = Process Attach

1:31:17 = end process attach
1:31:17 = ***** NULL == SampleProvider *****

1:31:17 = ##### Begin waiting Mutex to release process #####

1:31:17 =
ow.
x=0, y=0,
1:31:17 =
x=0, y=0,
1:31:17 =
x=0, y=0,
1:31:47 =
1:31:47 =

hWnd = 0x0043054e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x01010510; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000b0444; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:31:47 = * NULL == SampleProvider *

1:31:47 = begin close Process
1:31:47 = end close Process
1:31:47 = ##### Get event and release process end #####
1:31:47 = hWnd = 0x01a70034; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:31:47 = hWnd = 0x000500a8; ClassName:
ow.
x=0, y=0, width=1, height=1
1:31:47 = hWnd = 0x00030056; ClassName:
x=0, y=0, width=0, height=0
1:31:47 = hWnd = 0x00030084; ClassName:
x=0, y=0, width=0, height=0
8:59:7 = Process Attach
8:59:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:59:7 = * NULL == SampleProvider *

8:59:7 = ##### Begin waiting Mutex to release process #####
8:59:8 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:59:8 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:59:8 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:59:8 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:59:13 = Need to re-create objects.
8:59:13 = s1.
8:59:13 = s2.
8:59:17
8:59:17
8:59:53
8:59:53
8:59:54
8:59:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:57:22 = Process Attach

0:57:22 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:57:22 = * NULL == SampleProvider *

0:57:22 = hWnd = 0xca0912a6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:22 = hWnd = 0x6ed10b46; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:22 = hWnd = 0x5d350b4a; ClassName:
x=0, y=0, width=0, height=0
0:57:22 = hWnd = 0x3a600b42; ClassName:
x=0, y=0, width=0, height=0
0:57:57 = Process Attach
0:57:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:57:57 = ##### Get event and release process #####

0:57:57 = ***** NULL == SampleProvider *****
0:57:57 = end close Process
0:57:57 = ##### Get event and release process end #####
0:57:57 = hWnd = 0x000f00a2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:57:57 = hWnd = 0x0004002a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:57 = hWnd = 0x002100e6; ClassName:
x=0, y=0, width=0, height=0
0:57:57 = hWnd = 0x000500a6; ClassName:
x=0, y=0, width=0, height=0
6:6:45 = Process Attach
6:6:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:6:45 = * NULL == SampleProvider *

6:6:45 = ##### Begin waiting Mutex to release process #####
6:6:45 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:6:46 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
6:6:46 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:6:46 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:6:49 = Need to re-create objects.
6:6:49 = s1.
6:6:49 = s2.
6:6:53
6:6:53
6:7:29
6:7:29

=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:7:30 = end close Process

6:7:30 = DLL_PROCESS_DETACH
14:44:20 = Process Attach
14:44:20 = end process attach
14:44:20 = ***** NULL == SampleProvider *****
14:44:20 = hWnd = 0x00840518; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:44:20 = hWnd = 0x000804c2; ClassName:
dow.
x=0, y=0, width=1, height=1
14:44:20 = hWnd = 0x0009049c; ClassName:
x=0, y=0, width=0, height=0
14:44:20 = hWnd = 0x000c0474; ClassName:
x=0, y=0, width=0, height=0
14:44:44 = Process Attach
14:44:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:44:44 = * NULL == SampleProvider *

14:44:44 = begin close Process
14:44:44 = end close Process
14:44:44 = ##### Get event and release process end #####
14:44:44 = hWnd = 0x000800cc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:44:44 = hWnd = 0x000200be; ClassName:
dow.
x=0, y=0, width=1, height=1
14:44:44 = hWnd = 0x0006009e; ClassName:
x=0, y=0, width=0, height=0
14:44:44 = hWnd = 0x00070098; ClassName:
x=0, y=0, width=0, height=0
14:56:31 = Process Attach
14:56:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:56:31 = * NULL == SampleProvider *

14:56:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:56:32 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:56:32 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:56:32 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:56:38 = Need to re-create objects.
14:56:38 = s1.
14:56:38 = s2.
14:56:42 = Start show animate
14:56:42 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:57:18
14:57:18
14:57:19
14:57:19

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

19:37:40 = Process Attach

19:37:40 = end process attach
19:37:40 = ***** NULL == SampleProvider *****
19:37:40 = ##### Begin waiting Mutex to release process #####
19:37:40 = hWnd = 0x00190596; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:37:40 = hWnd = 0x003f05c8; ClassName:
dow.
x=0, y=0, width=1, height=1
19:37:40 = hWnd = 0x001304d2; ClassName:
x=0, y=0, width=0, height=0
19:37:40 = hWnd = 0x001005f4; ClassName:
x=0, y=0, width=0, height=0
19:37:52 = Process Attach
19:37:52 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:37:52 = * NULL == SampleProvider *

19:37:52 = hWnd = 0x000300b8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:37:52 = hWnd = 0x000500ba; ClassName:
dow.
x=0, y=0, width=1, height=1
19:37:52 = hWnd = 0x000200d2; ClassName:
x=0, y=0, width=0, height=0
19:37:52 = hWnd = 0x0005008e; ClassName:
x=0, y=0, width=0, height=0
19:51:1 = Process Attach
19:51:1 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:51:1 = * NULL == SampleProvider *

19:51:1 = ##### Begin waiting Mutex to release process #####
19:51:1 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:51:1 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
19:51:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:51:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:51:8 = Need to re-create objects.
19:51:8 = s1.
19:51:8 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:51:13
19:51:13
19:51:45
19:51:45
19:51:46
19:51:46

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:36:7 = Process Attach

23:36:7 = end process attach
23:36:7 = ##### Begin waiting Mutex to release process #####
23:36:7 = hWnd = 0x000a0520; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:36:7 = hWnd = 0x001e0524; ClassName:
ow.
x=0, y=0, width=1, height=1
23:36:7 = hWnd = 0x000e0588; ClassName:
x=0, y=0, width=0, height=0
23:36:7 = hWnd = 0x000d04ca; ClassName:
x=0, y=0, width=0, height=0
23:36:16 = Process Attach
23:36:16 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:36:16 = * NULL == SampleProvider *

23:36:16 = begin close Process
23:36:16 = end close Process
23:36:16 = ##### Get event and release process end #####
23:36:16 = hWnd = 0x008100d8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:36:16 = hWnd = 0x000200b6; ClassName:
dow.
x=0, y=0, width=1, height=1
23:36:16 = hWnd = 0x000600c0; ClassName:
x=0, y=0, width=0, height=0
23:36:16 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
8:40:26 = Process Attach
8:40:27 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:27 = * NULL == SampleProvider *

8:40:27 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:40:27 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:40:28 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:40:28 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:40:31 = Need to re-create objects.
8:40:31 = s1.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:40:31 = s2.
8:40:37
8:40:37
8:41:13
8:41:13
8:41:14
8:41:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

5:31:26 = Process Attach

5:31:26 = end process attach
5:31:26 = ***** NULL == SampleProvider *****
5:31:26 = hWnd = 0x001509f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
5:31:26 = hWnd = 0x27b80478; ClassName:
ow.
x=0, y=0, width=1, height=1
5:31:26 = hWnd = 0x014904ca; ClassName:
x=0, y=0, width=0, height=0
5:31:26 = hWnd = 0x001c0976; ClassName:
x=0, y=0, width=0, height=0
5:31:56 = Process Attach
5:31:56 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

5:31:56 = * NULL == SampleProvider *

5:31:56 = begin close Process
5:31:56 = end close Process
5:31:56 = ##### Get event and release process end #####
5:31:56 = hWnd = 0x000400de; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
5:31:56 = hWnd = 0x000500aa; ClassName:
ow.
x=0, y=0, width=1, height=1
5:31:56 = hWnd = 0x000d00e6; ClassName:
x=0, y=0, width=0, height=0
5:31:56 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
8:57:51 = Process Attach
8:57:51 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:57:51 = * NULL == SampleProvider *

8:57:51 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:57:52 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:57:52 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:57:52 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:57:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:57:55 = s1.
8:57:55 = s2.
8:57:57
8:57:57
8:58:36
8:58:36
8:58:37
8:58:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:57:9 = Process Attach

0:57:9 = end process attach
0:57:9 = ***** NULL == SampleProvider *****
0:57:9 = hWnd = 0x002c0740; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:57:9 = hWnd = 0x0a6f0a7a; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
0:57:9 = ##### Begin waiting Mutex to release process #####
0:57:9 = hWnd = 0x013c0b0a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:57:9 = hWnd = 0x009e0540; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:57:43 = Process Attach
0:57:43 = ## ERR ## Setevent
0:57:43 = ***** NULL == SampleProvider *****
0:57:43 = begin close Process
0:57:43 = end close Process
0:57:43 = ##### Get event and release process end #####
0:57:43 = hWnd = 0x01410062; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:57:43 = hWnd = 0x0004002a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:57:43 = hWnd = 0x00e30068; ClassName:
x=0, y=0, width=0, height=0
0:57:43 = hWnd = 0x000200b0; ClassName:
x=0, y=0, width=0, height=0
8:50:28 = Process Attach
8:50:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:50:28 = * NULL == SampleProvider *

8:50:28 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:50:29 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
8:50:30 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

8:50:30 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
8:50:32 = Need to re-create objects.
8:50:32 = s1.
8:50:32 = s2.
8:50:35
8:50:35
8:51:13
8:51:13
8:51:15
8:51:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:11:56 = Process Attach

9:11:57 = end process attach
9:11:57 = ***** NULL == SampleProvider *****
9:11:57 = ##### Begin waiting Mutex to release process #####
9:11:57 = hWnd = 0x000204c0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:12:4 = hWnd = 0x000204c6; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:12:4 = hWnd = 0x000204d6; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:12:4 = hWnd = 0x000204be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:13:48 = Process Attach
9:13:48 = ## ERR ## Setevent
9:13:48 = ##### Get event and release process #####
9:13:48 = begin close Process
9:13:48 = end close Process
9:13:48 = ##### Get event and release process end #####
9:13:48 = ***** NULL == SampleProvider *****
9:13:48 = hWnd = 0x0003007e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:13:48 = hWnd = 0x000500aa; ClassName:
ow.
x=0, y=0, width=1, height=1
9:13:48 = hWnd = 0x000200d4; ClassName:
x=0, y=0, width=0, height=0
9:13:48 = hWnd = 0x000600d8; ClassName:
x=0, y=0, width=0, height=0
9:15:38 = Process Attach
9:15:38 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:15:38 = ##### Begin waiting Mutex to release process #####

9:15:38 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
9:15:38 =
ow.
x=0, y=0,
9:15:38 =
x=0, y=0,
9:15:38 =
x=0, y=0,
9:15:45 =

9:15:45 = s1.
9:15:45 = s2.
9:15:46 = Start show animate
9:15:46 = Shell Excutute VerifyHost
9:16:8 = begin close Process
9:16:8 = Terminate Process
9:16:9 = end close Process
9:16:9 = DLL_PROCESS_DETACH
9:35:38 = Process Attach
9:35:38 = end process attach
9:35:38 = ***** NULL == SampleProvider *****
9:35:38 = ##### Begin waiting Mutex to release process #####
9:35:38 = hWnd = 0x000404b0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:35:38 = hWnd = 0x00070140; ClassName:
ow.
x=0, y=0, width=1, height=1
9:35:38 = hWnd = 0x00040500; ClassName:
x=0, y=0, width=0, height=0
9:35:38 = hWnd = 0x000404ac; ClassName:
x=0, y=0, width=0, height=0
9:38:53 = Process Attach
9:38:53 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:38:53 = ##### Get event and release process #####

9:38:53 = begin close Process
9:38:53 = end close Process
9:38:53 = ##### Get event and release process end #####
9:38:53 = ***** NULL == SampleProvider *****
9:38:53 = hWnd = 0x00060052; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:38:53 = hWnd = 0x000200ac; ClassName:
ow.
x=0, y=0, width=1, height=1
9:38:53 = hWnd = 0x000400e2; ClassName:
x=0, y=0, width=0, height=0
9:38:53 = hWnd = 0x000200ae; ClassName:
x=0, y=0, width=0, height=0
9:40:54 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:54 = end process attach

9:40:54 = ***** NULL == SampleProvider *****
9:40:54 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:40:54 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:40:55 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:40:55 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:40:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:40:57 = s1.
9:40:57 = s2.
9:41:1 = Start show animate
9:41:1 = Shell Excutute VerifyHost
9:41:39 = begin close Process
9:41:39 = Terminate Process
9:41:40 = end close Process
9:41:40 = DLL_PROCESS_DETACH
1:1:37 = Process Attach
1:1:37 = end process attach
1:1:37 = ***** NULL == SampleProvider *****
1:1:37 = ##### Begin waiting Mutex to release process #####
1:1:37 = hWnd = 0x000a0584; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:1:37 = hWnd = 0x00161168; ClassName:
w.
x=0, y=0, width=1, height=1
1:1:37 = hWnd = 0x000c11c4; ClassName:
x=0, y=0, width=0, height=0
1:1:37 = hWnd = 0x000e0b8c; ClassName:
x=0, y=0, width=0, height=0
1:2:6 = Process Attach
1:2:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:2:6 = * NULL == SampleProvider *

1:2:6 = begin close Process
1:2:6 = end close Process
1:2:6 = ##### Get event and release process end #####
1:2:6 = hWnd = 0x002a00e6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title: I
nicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:2:6 = hWnd = 0x000200b4; ClassName: GDI+ Hook Window Class; Title: GDI+ Window
.
x=0, y=0, width=1, height=1
1:2:6 = hWnd = 0x00140054; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

1:2:6 = hWnd = 0x000200be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:19:57 = Process Attach
9:19:58 = end process attach
9:19:58 = ***** NULL == SampleProvider *****
9:19:58 = ##### Begin waiting Mutex to release process #####
9:19:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:19:59 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:19:59 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:20:1 = Need to re-create objects.
9:20:1 = s1.
9:20:1 = s2.
9:20:5 = Start show animate
9:20:5 = Shell Excutute VerifyHost
9:20:42 = begin close Process
9:20:42 = Terminate Process
9:20:43 = end close Process
9:20:43 = DLL_PROCESS_DETACH
19:34:48 = Process Attach
19:34:48 = end process attach
19:34:48 = ***** NULL == SampleProvider *****
19:34:48 = hWnd = 0x000604b6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:34:48 = hWnd = 0x000a0512; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:34:48 = ##### Begin waiting Mutex to release process #####
19:34:48 = hWnd = 0x001504ac; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:34:48 = hWnd = 0x0006058a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:35:15 = Process Attach
19:35:15 = ## ERR ## Setevent
19:35:15 = ##### Get event and release process #####
19:35:15 = begin close Process
19:35:15 = end close Process
19:35:15 = ##### Get event and release process end #####
19:35:15 = hWnd = 0x003500d0; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:35:15 = hWnd = 0x001900da; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
19:35:15 = hWnd = 0x000b00cc; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:35:15 = hWnd = 0x0008005e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:48:57 = Process Attach
19:48:57 = end process attach
19:48:57 = ***** NULL == SampleProvider *****
19:48:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:48:58 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:48:59 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:48:59 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:49:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:49:1 = s1.
19:49:1 = s2.
19:49:5 = Start show animate
19:49:5 = Shell Excutute VerifyHost
19:49:43 = begin close Process
19:49:43 = Terminate Process
19:49:44 = end close Process
19:49:44 = DLL_PROCESS_DETACH
0:11:16 = Process Attach
0:11:16 = end process attach
0:11:16 = ***** NULL == SampleProvider *****
0:11:16 = ##### Begin waiting Mutex to release process #####
0:11:16 = hWnd = 0x000a0646; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:11:16 = hWnd = 0x000e050c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:11:16 = hWnd = 0x000805ce; ClassName:
x=0, y=0, width=0, height=0
0:11:16 = hWnd = 0x00080600; ClassName:
x=0, y=0, width=0, height=0
0:11:30 = Process Attach
0:11:30 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:11:30 = * NULL == SampleProvider *

0:11:30 = begin close Process
0:11:30 = end close Process
0:11:30 = ##### Get event and release process end #####

0:11:30 = hWnd = 0x000500e6; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:11:30 = hWnd = 0x00040092; ClassName:
ow.
x=0, y=0, width=1, height=1
0:11:30 = hWnd = 0x000c00a4; ClassName:
x=0, y=0, width=0, height=0
0:11:30 = hWnd = 0x00030094; ClassName:
x=0, y=0, width=0, height=0
7:56:48 = Process Attach
7:56:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:56:48 = * NULL == SampleProvider *

7:56:48 = ##### Begin waiting Mutex to release process #####
7:56:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:56:48 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:56:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:56:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:56:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:56:53 = s1.
7:56:53 = s2.
7:56:54
7:56:54
7:57:24
7:57:24
7:57:25
7:57:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

20:26:32 = Process Attach

20:26:32 = end process attach
20:26:32 = ***** NULL == SampleProvider *****
20:26:32 = hWnd = 0x0006048c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:26:32 = hWnd = 0x00020484; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:26:32 = ##### Begin waiting Mutex to release process #####
20:26:32 = hWnd = 0x00090468; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:26:32 = hWnd = 0x000b0482; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:26:58 = Process Attach
20:26:58 = ## ERR ## Setevent

20:26:58 = * NULL == SampleProvider *

20:26:58 = begin close Process
20:26:58 = end close Process
20:26:58 = ##### Get event and release process end #####
20:26:58 = hWnd = 0x00050086; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
20:26:58 = hWnd = 0x000300a4; ClassName:
dow.
x=0, y=0, width=1, height=1
20:26:58 = hWnd = 0x000300b2; ClassName:
x=0, y=0, width=0, height=0
20:26:58 = hWnd = 0x00040090; ClassName:
x=0, y=0, width=0, height=0
20:29:26 = Process Attach
20:29:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:29:26 = * NULL == SampleProvider *

20:29:26 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:29:26 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:29:27 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:29:27 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:29:29 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:29:29 = s1.
20:29:29 = s2.
20:29:33
20:29:33
20:30:12
20:30:12
20:30:13
20:30:13

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:7:30 = Process Attach

0:7:30 = end process attach
0:7:30 = ***** NULL == SampleProvider *****
0:7:30 = hWnd = 0x0007048e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:7:30 = hWnd = 0x0009044c; ClassName:
w.
x=0, y=0, width=1, height=1
0:7:30 = hWnd = 0x00110518; ClassName:
x=0, y=0, width=0, height=0
0:7:30 = hWnd = 0x00420462; ClassName:
x=0, y=0, width=0, height=0
0:7:49 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:7:49 = ## ERR ## Setevent

0:7:49 = ***** NULL == SampleProvider *****
0:7:49 = begin close Process
0:7:49 = end close Process
0:7:49 = ##### Get event and release process end #####
0:7:49 = hWnd = 0x000c0090; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:7:49 = hWnd = 0x000300a0; ClassName:
w.
x=0, y=0, width=1, height=1
0:7:49 = hWnd = 0x00080048; ClassName:
x=0, y=0, width=0, height=0
0:7:49 = hWnd = 0x0004002a; ClassName:
x=0, y=0, width=0, height=0
0:9:11 = Process Attach
0:9:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:9:11 = * NULL == SampleProvider *

0:9:11 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:9:12 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
0:9:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:9:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:9:15 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:9:15 = s1.
0:9:15 = s2.
0:9:19
0:9:19
0:9:57
0:9:57
0:9:58
0:9:58

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:18:40 = Process Attach

0:18:40 = end process attach
0:18:40 = ***** NULL == SampleProvider *****
0:18:40 = ##### Begin waiting Mutex to release process #####
0:18:40 = hWnd = 0x000404bc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:18:40 = hWnd = 0x000504d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
0:18:40 = hWnd = 0x002a052e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
0:18:40 =
x=0, y=0,
0:18:53 =
0:18:53 =

width=0, height=0
hWnd = 0x000404ba; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:18:53 = ##### Get event and release process #####

0:18:53 = ***** NULL == SampleProvider *****
0:18:53 = end close Process
0:18:53 = ##### Get event and release process end #####
0:18:53 = hWnd = 0x0003005e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:18:53 = hWnd = 0x000300a4; ClassName:
ow.
x=0, y=0, width=1, height=1
0:18:53 = hWnd = 0x0003009c; ClassName:
x=0, y=0, width=0, height=0
0:18:53 = hWnd = 0x0005004e; ClassName:
x=0, y=0, width=0, height=0
0:20:3 = Process Attach
0:20:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:20:3 = * NULL == SampleProvider *

0:20:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:20:4 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
0:20:5 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
0:20:5 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
0:20:7 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:20:7 = s1.
0:20:7 = s2.
0:20:10
0:20:10
0:20:49
0:20:49
0:20:50
0:20:50

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:17:36 = Process Attach

1:17:36 = end process attach
1:17:36 = ***** NULL == SampleProvider *****
1:17:36 = ##### Begin waiting Mutex to release process #####
1:17:36 = hWnd = 0x00050558; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
1:17:36 =
ow.
x=0, y=0,
1:17:36 =
x=0, y=0,
1:17:36 =
x=0, y=0,
1:17:46 =
1:17:46 =

width=1366, height=768
hWnd = 0x000505b2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x009f04e4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000305b4; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:17:46 = * NULL == SampleProvider *

1:17:46 = ##### Get event and release process #####
1:17:46 = begin close Process
1:17:46 = end close Process
1:17:46 = ##### Get event and release process end #####
1:17:46 = hWnd = 0x000200be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:17:46 = hWnd = 0x0003002c; ClassName:
ow.
x=0, y=0, width=1, height=1
1:17:46 = hWnd = 0x0065010a; ClassName:
x=0, y=0, width=0, height=0
1:17:46 = hWnd = 0x000400de; ClassName:
x=0, y=0, width=0, height=0
8:23:9 = Process Attach
8:23:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:23:9 = * NULL == SampleProvider *

8:23:9 = ##### Begin waiting Mutex to release process #####
8:23:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:23:10 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
8:23:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:23:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:23:12 = Need to re-create objects.
8:23:12 = s1.
8:23:12 = s2.
8:23:18
8:23:18
8:23:55
8:23:55
8:23:56
8:23:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:28:3 = Process Attach

9:28:3 = end process attach

9:28:3 = ***** NULL == SampleProvider *****
9:28:3 = ##### Begin waiting Mutex to release process #####
9:28:3 = hWnd = 0x000704e0; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:28:3 = hWnd = 0x000205d2; ClassName:
w.
x=0, y=0, width=1, height=1
9:28:3 = hWnd = 0x000705ac; ClassName:
x=0, y=0, width=0, height=0
9:28:3 = hWnd = 0x000205d0; ClassName:
x=0, y=0, width=0, height=0
9:28:13 = Process Attach
9:28:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:13 = * NULL == SampleProvider *

9:28:13 = ##### Get event and release process #####
9:28:13 = hWnd = 0x000200c2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:28:13 = end close Process
9:28:13 = ##### Get event and release process end #####
9:28:13 = hWnd = 0x000200c0; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:25:59 = Process Attach
18:25:59 = end process attach
18:25:59 = ***** NULL == SampleProvider *****
18:25:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:26:0 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
18:26:1 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
18:26:1 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
18:26:4 = Need to re-create objects.
18:26:4 = s1.
18:26:4 = s2.
18:26:8 = Start show animate
18:26:8 = Shell Excutute VerifyHost
18:26:47 = begin close Process
18:26:47 = Terminate Process
18:26:48 = end close Process
18:26:48 = DLL_PROCESS_DETACH
22:10:3 = Process Attach

22:10:4 = end process attach

22:10:4 = ***** NULL == SampleProvider *****
22:10:4 = ##### Begin waiting Mutex to release process #####
22:10:4 = hWnd = 0x0011048a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:10:4 = hWnd = 0x000a0470; ClassName:
ow.
x=0, y=0, width=1, height=1
22:10:4 = hWnd = 0x000e046e; ClassName:
x=0, y=0, width=0, height=0
22:10:4 = hWnd = 0x000c0450; ClassName:
x=0, y=0, width=0, height=0
22:10:13 = Process Attach
22:10:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:10:13 = ##### Get event and release process #####

22:10:13 = begin close Process
22:10:13 = end close Process
22:10:13 = ##### Get event and release process end #####
22:10:13 = hWnd = 0x001a0086; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:10:13 = hWnd = 0x0004002a; ClassName:
dow.
x=0, y=0, width=1, height=1
22:10:13 = hWnd = 0x000800e6; ClassName:
x=0, y=0, width=0, height=0
22:10:13 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
22:37:8 = Process Attach
22:37:8 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:37:8 = * NULL == SampleProvider *

22:37:8 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:37:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
22:37:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
22:37:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
22:37:13 = Need to re-create objects.
22:37:13 = s1.
22:37:13 = s2.
22:37:16
22:37:16
22:37:54
22:37:54

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:59:5 = * NULL == SampleProvider *

22:59:5 = end close Process

22:59:5 = ##### Get event and release process end #####
22:59:5 = hWnd = 0x000b00e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:59:5 = hWnd = 0x001d005e; ClassName:
ow.
x=0, y=0, width=1, height=1
22:59:5 = hWnd = 0x001d00d8; ClassName:
x=0, y=0, width=0, height=0
22:59:5 = hWnd = 0x001b0058; ClassName:
x=0, y=0, width=0, height=0
21:23:12 = Process Attach
21:23:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:23:12 = * NULL == SampleProvider *

21:23:12 = ##### Begin waiting Mutex to release process #####
21:23:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:23:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:23:14 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:23:14 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:23:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:23:16 = s1.
21:23:16 = s2.
21:23:20
21:23:20
21:23:57
21:23:57
21:23:59
21:23:59

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:31:43 = Process Attach

0:31:43 = end process attach
0:31:43 = ##### Begin waiting Mutex to release process #####
0:31:43 = hWnd = 0x000a0376; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:31:43 = hWnd = 0x00020398; ClassName:
ow.
x=0, y=0, width=1, height=1
0:31:43 = hWnd = 0x00110520; ClassName:
x=0, y=0, width=0, height=0
0:31:43 = hWnd = 0x000c0362; ClassName:
x=0, y=0, width=0, height=0
0:31:54 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:31:54 = ## ERR ## Setevent

0:31:54 = ***** NULL == SampleProvider *****
0:31:54 = begin close Process
0:31:54 = end close Process
0:31:54 = ##### Get event and release process end #####
0:31:54 = hWnd = 0x002e004c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:31:54 = hWnd = 0x00080090; ClassName:
ow.
x=0, y=0, width=1, height=1
0:31:54 = hWnd = 0x000300fc; ClassName:
x=0, y=0, width=0, height=0
0:31:54 = hWnd = 0x000200b4; ClassName:
x=0, y=0, width=0, height=0
7:55:49 = Process Attach
7:55:49 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:55:49 = * NULL == SampleProvider *

7:55:49 = ##### Begin waiting Mutex to release process #####
7:55:49 =
ow.
x=0, y=0,
7:55:50 =
x=0, y=0,
7:55:50 =
x=0, y=0,
7:55:51 =

7:55:52 = s1.
7:55:52 = s2.
7:55:56
7:55:56
7:56:34
7:56:34
7:56:35
7:56:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

16:22:42 = Process Attach

16:22:42 = end process attach
16:22:42 = ***** NULL == SampleProvider *****
16:22:42 = ##### Begin waiting Mutex to release process #####
16:22:42 = hWnd = 0x001f04cc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:22:42 = hWnd = 0x00050486; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
16:22:42 = hWnd = 0x000404fe; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

16:22:42 = hWnd = 0x0007047e; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
16:22:52 = Process Attach
16:22:52 = ## ERR ## Setevent
16:22:52 = ***** NULL == SampleProvider *****
16:22:52 = begin close Process
16:22:52 = end close Process
16:22:52 = ##### Get event and release process end #####
16:22:52 = hWnd = 0x00120060; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
16:22:52 = hWnd = 0x00040054; ClassName:
dow.
x=0, y=0, width=1, height=1
16:22:52 = hWnd = 0x001800e0; ClassName:
x=0, y=0, width=0, height=0
16:22:52 = hWnd = 0x000200c0; ClassName:
x=0, y=0, width=0, height=0
22:16:17 = Process Attach
22:16:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:16:17 = * NULL == SampleProvider *

22:16:17 = ##### Begin waiting Mutex to release process #####
22:16:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:16:18 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
22:16:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:16:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:16:21 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:16:21 = s1.
22:16:21 = s2.
22:16:25 = Start show animate
22:16:25 = Shell Excutute VerifyHost
22:17:3 = begin close Process
22:17:3 = Terminate Process
22:17:4 = end close Process
22:17:4 = DLL_PROCESS_DETACH
23:6:59 = Process Attach
23:6:59 = end process attach
23:6:59 = ***** NULL == SampleProvider *****
23:6:59 = ##### Begin waiting Mutex to release process #####
23:6:59 = hWnd = 0x000e0500; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
23:6:59 =
ow.
x=0, y=0,
23:6:59 =
x=0, y=0,
23:6:59 =
x=0, y=0,
23:7:10 =
23:7:10 =

width=1366, height=768
hWnd = 0x000b053c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00090516; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000f0540; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

23:7:10 = ##### Get event and release process #####

23:7:10 = begin close Process
23:7:10 = end close Process
23:7:10 = ##### Get event and release process end #####
23:7:10 = hWnd = 0x007e00d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:7:10 = hWnd = 0x000500b4; ClassName:
ow.
x=0, y=0, width=1, height=1
23:7:10 = hWnd = 0x000200c2; ClassName:
x=0, y=0, width=0, height=0
23:7:10 = hWnd = 0x00040054; ClassName:
x=0, y=0, width=0, height=0
10:59:59 = Process Attach
10:59:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:59:59 = * NULL == SampleProvider *

11:0:0 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:0:0 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
11:0:1 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:0:1 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:0:3 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:0:3 = s1.
11:0:3 = s2.
11:0:9 = Start show animate
11:0:9 = Shell Excutute VerifyHost
11:0:46 = begin close Process
11:0:46 = Terminate Process
11:0:47 = end close Process
11:0:47 = DLL_PROCESS_DETACH
14:57:27 = Process Attach
14:57:27 = end process attach
14:57:27 = ***** NULL == SampleProvider *****

14:57:27 = ##### Begin waiting Mutex to release process #####

14:57:27 = hWnd = 0x000604f2; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:57:27 = hWnd = 0x000a0502; ClassName:
dow.
x=0, y=0, width=1, height=1
14:57:27 = hWnd = 0x000906c4; ClassName:
x=0, y=0, width=0, height=0
14:57:27 = hWnd = 0x000b0380; ClassName:
x=0, y=0, width=0, height=0
14:57:37 = Process Attach
14:57:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:57:37 = * NULL == SampleProvider *

14:57:37 = begin close Process
14:57:37 = end close Process
14:57:37 = ##### Get event and release process end #####
14:57:37 = hWnd = 0x004f0054; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
14:57:37 = hWnd = 0x000200bc; ClassName:
dow.
x=0, y=0, width=1, height=1
14:57:37 = hWnd = 0x000f0100; ClassName:
x=0, y=0, width=0, height=0
14:57:37 = hWnd = 0x000200be; ClassName:
x=0, y=0, width=0, height=0
20:3:43 = Process Attach
20:3:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:3:43 = * NULL == SampleProvider *

20:3:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:3:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
20:3:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:3:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:3:49 = Need to re-create objects.
20:3:50 = s1.
20:3:50 = s2.
20:3:54
20:3:54
20:4:31
20:4:31
20:4:32
20:4:32

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:23:50 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:23:50 = end process attach

23:23:50 = ***** NULL == SampleProvider *****
23:23:50 = ##### Begin waiting Mutex to release process #####
23:23:50 = hWnd = 0x0004059a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:23:50 = hWnd = 0x000405ea; ClassName:
dow.
x=0, y=0, width=1, height=1
23:23:50 = hWnd = 0x000605a6; ClassName:
x=0, y=0, width=0, height=0
23:23:50 = hWnd = 0x0004059c; ClassName:
x=0, y=0, width=0, height=0
23:24:1 = Process Attach
23:24:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:24:1 = ##### Get event and release process #####

23:24:1 = begin close Process
23:24:1 = end close Process
23:24:1 = ##### Get event and release process end #####
23:24:1 = hWnd = 0x006400bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:24:1 = hWnd = 0x0003002c; ClassName:
ow.
x=0, y=0, width=1, height=1
23:24:1 = hWnd = 0x000a003c; ClassName:
x=0, y=0, width=0, height=0
23:24:1 = hWnd = 0x00030038; ClassName:
x=0, y=0, width=0, height=0
9:34:15 = Process Attach
9:34:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:34:15 = * NULL == SampleProvider *

9:34:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:34:16 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:34:16 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:34:16 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:34:19 = Need to re-create objects.
9:34:20 = s1.
9:34:20 = s2.
9:34:25 = Start show animate
9:34:25 = Shell Excutute VerifyHost
9:35:1 = begin close Process
9:35:1 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:35:2 = end close Process

9:35:2 = DLL_PROCESS_DETACH
10:3:14 = Process Attach
10:3:14 = end process attach
10:3:14 = ***** NULL == SampleProvider *****
10:3:14 = hWnd = 0x000d02f6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:3:14 = hWnd = 0x0009044e; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:14 = hWnd = 0x0007045c; ClassName:
x=0, y=0, width=0, height=0
10:3:14 = hWnd = 0x000a04a2; ClassName:
x=0, y=0, width=0, height=0
10:3:23 = Process Attach
10:3:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:3:23 = * NULL == SampleProvider *

10:3:23 = begin close Process
10:3:23 = end close Process
10:3:23 = ##### Get event and release process end #####
10:3:23 = hWnd = 0x0007004e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:3:23 = hWnd = 0x00040098; ClassName:
ow.
x=0, y=0, width=1, height=1
10:3:23 = hWnd = 0x00030090; ClassName:
x=0, y=0, width=0, height=0
10:3:23 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
18:17:18 = Process Attach
18:17:18 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:17:18 = * NULL == SampleProvider *

18:17:18 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:17:18 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
18:17:19 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
18:17:19 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
18:17:23 = Need to re-create objects.
18:17:23 = s1.
18:17:23 = s2.
18:17:27 = Start show animate
18:17:27 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:18:4
18:18:4
18:18:5
18:18:5

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

18:28:40 = Process Attach

18:28:40 = end process attach
18:28:40 = ***** NULL == SampleProvider *****
18:28:40 = ##### Begin waiting Mutex to release process #####
18:28:40 = hWnd = 0x0002038a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:28:40 = hWnd = 0x00030374; ClassName:
dow.
x=0, y=0, width=1, height=1
18:28:40 = hWnd = 0x00060462; ClassName:
x=0, y=0, width=0, height=0
18:28:40 = hWnd = 0x00020388; ClassName:
x=0, y=0, width=0, height=0
18:28:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:28:40 = s1.
18:28:40 = s2.
18:28:40
18:28:40
22:44:51
22:44:51
22:44:52
22:44:52

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:35:30 = Process Attach

23:35:30 = end process attach
23:35:30 = ##### Begin waiting Mutex to release process #####
23:35:30 = hWnd = 0x000205be; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:35:30 = hWnd = 0x000305bc; ClassName:
dow.
x=0, y=0, width=1, height=1
23:35:30 = hWnd = 0x000205b4; ClassName:
x=0, y=0, width=0, height=0
23:35:30 = hWnd = 0x0010031a; ClassName:
x=0, y=0, width=0, height=0
23:35:40 = Process Attach
23:35:40 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:35:40 = * NULL == SampleProvider *

23:35:40 = ##### Get event and release process #####
23:35:40 = hWnd = 0x008f00d6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

23:35:40 = end close Process

23:35:40 = hWnd = 0x000300c2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:35:40 = hWnd = 0x000400e2; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:45:41 = Process Attach
9:45:41 = end process attach
9:45:41 = ***** NULL == SampleProvider *****
9:45:42 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:45:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:45:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:45:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:45:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:45:45 = s1.
9:45:45 = s2.
9:45:50
9:45:50
9:46:28
9:46:28
9:46:29
9:46:29

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

15:51:48 = Process Attach

15:51:48 = end process attach
15:51:48 = ***** NULL == SampleProvider *****
15:51:48 = ##### Begin waiting Mutex to release process #####
15:51:48 = hWnd = 0x00050490; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:51:48 = hWnd = 0x00070492; ClassName:
dow.
x=0, y=0, width=1, height=1
15:51:48 = hWnd = 0x0007047e; ClassName:
x=0, y=0, width=0, height=0
15:51:48 = hWnd = 0x00060476; ClassName:
x=0, y=0, width=0, height=0
15:51:59 = Process Attach
15:51:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:51:59 = * NULL == SampleProvider *

15:51:59 = begin close Process
15:51:59 = end close Process
15:51:59 = ##### Get event and release process end #####
15:51:59 = hWnd = 0x000500d6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title

: Inicio de sesin en Windows.

x=0, y=0, width=1024, height=768
15:51:59 = hWnd = 0x0003002a; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:51:59 = hWnd = 0x000f00d8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:51:59 = hWnd = 0x000200b6; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:14:36 = Process Attach
23:14:36 = end process attach
23:14:36 = ***** NULL == SampleProvider *****
23:14:36 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:14:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:14:38 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:14:38 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:14:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:14:40 = s1.
23:14:40 = s2.
23:14:46
23:14:46
23:15:23
23:15:23
23:15:24
23:15:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:38:40 = Process Attach

23:38:40 = end process attach
23:38:40 = ***** NULL == SampleProvider *****
23:38:40 = ##### Begin waiting Mutex to release process #####
23:38:40 = hWnd = 0x0003059e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:38:40 = hWnd = 0x000404be; ClassName:
dow.
x=0, y=0, width=1, height=1
23:38:40 = hWnd = 0x00020596; ClassName:
x=0, y=0, width=0, height=0
23:38:40 = hWnd = 0x000e052c; ClassName:
x=0, y=0, width=0, height=0
23:38:50 = Process Attach
23:38:50 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:38:50 = ##### Get event and release process #####

23:38:50 = begin close Process

23:38:50 = end close Process

23:38:50 = ##### Get event and release process end #####
23:38:50 = ***** NULL == SampleProvider *****
23:38:50 = hWnd = 0x0035003a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:38:50 = hWnd = 0x0003009e; ClassName:
dow.
x=0, y=0, width=1, height=1
23:38:50 = hWnd = 0x000500c8; ClassName:
x=0, y=0, width=0, height=0
23:38:50 = hWnd = 0x000500b4; ClassName:
x=0, y=0, width=0, height=0
23:16:52 = Process Attach
23:16:52 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:16:52 = * NULL == SampleProvider *

23:16:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:16:53 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:16:53 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:16:53 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:16:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:16:57 = s1.
23:16:57 = s2.
23:17:2 = Start show animate
23:17:2 = Shell Excutute VerifyHost
23:17:39 = begin close Process
23:17:39 = Terminate Process
23:17:40 = end close Process
23:17:40 = DLL_PROCESS_DETACH
23:47:54 = Process Attach
23:47:54 = end process attach
23:47:54 = ***** NULL == SampleProvider *****
23:47:54 = ##### Begin waiting Mutex to release process #####
23:47:54 = hWnd = 0x0002036e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:47:54 = hWnd = 0x00020344; ClassName:
dow.
x=0, y=0, width=1, height=1
23:47:54 = hWnd = 0x0017051a; ClassName:
x=0, y=0, width=0, height=0
23:47:54 = hWnd = 0x0002034a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:48:3 = Process Attach

23:48:3 = ## ERR ## Setevent
23:48:3 = ##### Get event and release process #####
23:48:3 = begin close Process
23:48:3 = end close Process
23:48:3 = ##### Get event and release process end #####
23:48:3 = ***** NULL == SampleProvider *****
23:48:3 = hWnd = 0x0008003a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:48:3 = hWnd = 0x000200ba; ClassName:
ow.
x=0, y=0, width=1, height=1
23:48:3 = hWnd = 0x0006009a; ClassName:
x=0, y=0, width=0, height=0
23:48:3 = hWnd = 0x0005005c; ClassName:
x=0, y=0, width=0, height=0
9:28:59 = Process Attach
9:28:59 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:28:59 = * NULL == SampleProvider *

9:28:59 = ##### Begin waiting Mutex to release process #####
9:28:59 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:28:59 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
9:29:0 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:29:0 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:29:4 = Need to re-create objects.
9:29:5 = s1.
9:29:5 = s2.
9:29:9 = Start show animate
9:29:9 = Shell Excutute VerifyHost
9:29:46 = begin close Process
9:29:46 = Terminate Process
9:29:47 = end close Process
9:29:47 = DLL_PROCESS_DETACH
15:21:32 = Process Attach
15:21:32 = end process attach
15:21:32 = ***** NULL == SampleProvider *****
15:21:32 = ##### Begin waiting Mutex to release process #####
15:21:32 = hWnd = 0x00250448; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

15:21:32 = hWnd = 0x001a0444; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
15:21:32 = hWnd = 0x0013044a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:21:32 = hWnd = 0x0017043e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:21:43 = Process Attach
15:21:43 = ## ERR ## Setevent
15:21:43 = ***** NULL == SampleProvider *****
15:21:43 = begin close Process
15:21:43 = end close Process
15:21:43 = ##### Get event and release process end #####
15:21:43 = hWnd = 0x000e0100; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:21:43 = hWnd = 0x00040052; ClassName:
dow.
x=0, y=0, width=1, height=1
15:21:43 = hWnd = 0x00060106; ClassName:
x=0, y=0, width=0, height=0
15:21:43 = hWnd = 0x000200ba; ClassName:
x=0, y=0, width=0, height=0
23:22:35 = Process Attach
23:22:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:35 = * NULL == SampleProvider *

23:22:35 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:22:36 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
23:22:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
23:22:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
23:22:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:22:39 = s1.
23:22:39 = s2.
23:22:43
23:22:43
23:23:20
23:23:20
23:23:21
23:23:21

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:58:12 = Process Attach

23:58:12 = end process attach
23:58:12 = ***** NULL == SampleProvider *****

23:58:12 = ##### Begin waiting Mutex to release process #####

23:58:12 = hWnd = 0x00020506; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:58:12 = hWnd = 0x00020552; ClassName:
dow.
x=0, y=0, width=1, height=1
23:58:12 = hWnd = 0x00020550; ClassName:
x=0, y=0, width=0, height=0
23:58:12 = hWnd = 0x00030538; ClassName:
x=0, y=0, width=0, height=0
23:58:21 = Process Attach
23:58:21 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:58:21 = * NULL == SampleProvider *

23:58:21 = ##### Get event and release process #####
23:58:21 = begin close Process
23:58:21 = end close Process
23:58:21 = ##### Get event and release process end #####
23:58:21 = hWnd = 0x005b00ee; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:21 = hWnd = 0x0003003a; ClassName:
dow.
x=0, y=0, width=1, height=1
23:58:21 = hWnd = 0x000c00e8; ClassName:
x=0, y=0, width=0, height=0
23:58:21 = hWnd = 0x000200ba; ClassName:
x=0, y=0, width=0, height=0
9:55:2 = Process Attach
9:55:3 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:55:3 = * NULL == SampleProvider *

9:55:3 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:55:3 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
9:55:4 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:55:4 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:55:6 = Need to re-create objects.
9:55:6 = s1.
9:55:6 = s2.
9:55:11
9:55:11
9:55:50
9:55:50
9:55:51
9:55:51

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:14 = Process Attach

10:9:14 = end process attach
10:9:14 = ***** NULL == SampleProvider *****
10:9:14 = ##### Begin waiting Mutex to release process #####
10:9:14 = hWnd = 0x000203cc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:9:14 = hWnd = 0x0003035e; ClassName:
ow.
x=0, y=0, width=1, height=1
10:9:14 = hWnd = 0x000a03b4; ClassName:
x=0, y=0, width=0, height=0
10:9:14 = hWnd = 0x00020362; ClassName:
x=0, y=0, width=0, height=0
10:9:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:9:14 = s1.
10:9:14 = s2.
10:9:14 = Start show animate
10:9:14 = Shell Excutute VerifyHost
10:14:55 = begin close Process
10:14:55 = Terminate Process
10:14:56 = end close Process
10:14:56 = DLL_PROCESS_DETACH
10:27:23 = Process Attach
10:27:23 = end process attach
10:27:23 = ***** NULL == SampleProvider *****
10:27:23 = ##### Begin waiting Mutex to release process #####
10:27:23 = hWnd = 0x00040388; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:27:23 = hWnd = 0x000503b8; ClassName:
dow.
x=0, y=0, width=1, height=1
10:27:23 = hWnd = 0x00040390; ClassName:
x=0, y=0, width=0, height=0
10:27:23 = hWnd = 0x000502c6; ClassName:
x=0, y=0, width=0, height=0
10:27:33 = Process Attach
10:27:33 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:27:33 = * NULL == SampleProvider *

10:27:33 = begin close Process
10:27:33 = end close Process
10:27:33 = ##### Get event and release process end #####
10:27:33 = hWnd = 0x00080056; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768

10:27:33 = hWnd = 0x000400d4; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
10:27:33 = hWnd = 0x000500f0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:27:33 = hWnd = 0x000500be; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:42:34 = Process Attach
21:42:34 = end process attach
21:42:34 = ***** NULL == SampleProvider *****
21:42:34 = ##### Begin waiting Mutex to release process #####
21:42:34 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:42:34 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
21:42:34 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:42:34 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:42:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:42:41 = s1.
21:42:41 = s2.
21:42:41 = Start show animate
21:42:41 = Shell Excutute VerifyHost
21:43:2 = begin close Process
21:43:2 = Terminate Process
21:43:3 = end close Process
21:43:3 = DLL_PROCESS_DETACH
22:4:51 = Process Attach
22:4:51 = end process attach
22:4:51 = ***** NULL == SampleProvider *****
22:4:51 = ##### Begin waiting Mutex to release process #####
22:4:51 = hWnd = 0x0007029a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:4:51 = hWnd = 0x000d04ca; ClassName:
ow.
x=0, y=0, width=1, height=1
22:4:51 = hWnd = 0x000903dc; ClassName:
x=0, y=0, width=0, height=0
22:4:51 = hWnd = 0x000a04e6; ClassName:
x=0, y=0, width=0, height=0
22:5:1 = Process Attach
22:5:1 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:5:1 = * NULL == SampleProvider *

22:5:1 = begin close Process

22:5:1 = end close Process

22:5:1 = ##### Get event and release process end #####
22:5:1 = hWnd = 0x0004014c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
22:5:1 = hWnd = 0x000200c4; ClassName:
w.
x=0, y=0, width=1, height=1
22:5:1 = hWnd = 0x00050134; ClassName:
x=0, y=0, width=0, height=0
22:5:1 = hWnd = 0x00030150; ClassName:
x=0, y=0, width=0, height=0
22:4:26 = Process Attach
22:4:26 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:4:26 = ##### Begin waiting Mutex to release process #####

22:4:26 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
22:4:26 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
22:4:26 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
22:4:26 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
22:4:32 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

22:4:32 = s1.
22:4:32 = s2.
22:4:33 = Start show animate
22:4:33 = Shell Excutute VerifyHost
22:5:6 = begin close Process
22:5:6 = Terminate Process
22:5:7 = end close Process
22:5:7 = DLL_PROCESS_DETACH
23:57:52 = Process Attach
23:57:52 = end process attach
23:57:52 = ***** NULL == SampleProvider *****
23:57:52 = ##### Begin waiting Mutex to release process #####
23:57:52 = hWnd = 0x000c0902; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:57:52 = hWnd = 0x0108094a; ClassName:
dow.
x=0, y=0, width=1, height=1
23:57:52 = hWnd = 0x00190730; ClassName:
x=0, y=0, width=0, height=0
23:57:52 = hWnd = 0x00f00946; ClassName:
x=0, y=0, width=0, height=0
23:58:2 = Process Attach
23:58:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:58:2 = * NULL == SampleProvider *

23:58:2 = begin close Process
23:58:2 = end close Process
23:58:2 = ##### Get event and release process end #####
23:58:2 = hWnd = 0x00050046; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:58:2 = hWnd = 0x00030086; ClassName:
ow.
x=0, y=0, width=1, height=1
23:58:2 = hWnd = 0x0032012a; ClassName:
x=0, y=0, width=0, height=0
23:58:2 = hWnd = 0x00030078; ClassName:
x=0, y=0, width=0, height=0
7:43:57 = Process Attach
7:43:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:43:57 = * NULL == SampleProvider *

7:43:57 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:43:58 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:43:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:43:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:44:0 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:44:1 = s1.
7:44:1 = s2.
7:44:4 = Start show animate
7:44:4 = Shell Excutute VerifyHost
7:44:44 = begin close Process
7:44:44 = Terminate Process
7:44:45 = end close Process
7:44:45 = DLL_PROCESS_DETACH
7:56:54 = Process Attach
7:56:54 = end process attach
7:56:54 = ***** NULL == SampleProvider *****
7:56:54 = ##### Begin waiting Mutex to release process #####
7:56:54 = hWnd = 0x0004035e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:56:54 = hWnd = 0x00040048; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
7:56:54 = hWnd = 0x0002051a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0

7:56:54 = hWnd = 0x0006035a; ClassName: IME; Title: Default IME.

x=0, y=0, width=0, height=0
7:56:54 = Need to re-create objects.
7:56:54 = s1.
7:56:54 = s2.
7:56:54 = Start show animate
7:56:54 = Shell Excutute VerifyHost
8:1:34 = begin close Process
8:1:34 = Terminate Process
8:1:35 = end close Process
8:1:35 = DLL_PROCESS_DETACH
8:17:34 = Process Attach
8:17:34 = end process attach
8:17:34 = ***** NULL == SampleProvider *****
8:17:34 = ##### Begin waiting Mutex to release process #####
8:17:34 = hWnd = 0x000309be; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:17:34 = hWnd = 0x000309c0; ClassName:
ow.
x=0, y=0, width=1, height=1
8:17:34 = hWnd = 0x00030526; ClassName:
x=0, y=0, width=0, height=0
8:17:34 = hWnd = 0x000309bc; ClassName:
x=0, y=0, width=0, height=0
8:17:49 = Process Attach
8:17:49 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:17:49 = * NULL == SampleProvider *

8:17:49 = ##### Get event and release process #####
8:17:49 = begin close Process
8:17:49 = end close Process
8:17:49 = ##### Get event and release process end #####
8:17:49 = hWnd = 0x000400f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:17:49 = hWnd = 0x00040038; ClassName:
ow.
x=0, y=0, width=1, height=1
8:17:49 = hWnd = 0x000400e8; ClassName:
x=0, y=0, width=0, height=0
8:17:49 = hWnd = 0x000500a2; ClassName:
x=0, y=0, width=0, height=0
9:25:29 = Process Attach
9:25:29 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:29 = * NULL == SampleProvider *

9:25:29 = ##### Begin waiting Mutex to release process #####

9:25:29 = hWnd = 0x0001001c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:25:30 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:25:30 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:25:30 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:25:33 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:25:33 = s1.
9:25:33 = s2.
9:25:38
9:25:38
9:26:17
9:26:17
9:26:18
9:26:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

9:52:57 = Process Attach

9:52:57 = end process attach
9:52:57 = ***** NULL == SampleProvider *****
9:52:57 = ##### Begin waiting Mutex to release process #####
9:52:57 = hWnd = 0x000b0738; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:52:57 = hWnd = 0x00020380; ClassName:
ow.
x=0, y=0, width=1, height=1
9:52:57 = hWnd = 0x00030352; ClassName:
x=0, y=0, width=0, height=0
9:52:57 = hWnd = 0x001405f4; ClassName:
x=0, y=0, width=0, height=0
9:52:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:52:57 = s1.
9:52:57 = s2.
9:52:58 = Start show animate
9:52:58 = Shell Excutute VerifyHost
11:29:35 = begin close Process
11:29:35 = Terminate Process
11:29:36 = end close Process
11:29:36 = DLL_PROCESS_DETACH
11:29:45 = Process Attach
11:29:45 = end process attach
11:29:45 = ***** NULL == SampleProvider *****
11:29:45 = ##### Begin waiting Mutex to release process #####

11:29:45 = hWnd = 0x00050362; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:29:45 = hWnd = 0x000404cc; ClassName:
dow.
x=0, y=0, width=1, height=1
11:29:45 = hWnd = 0x000e0738; ClassName:
x=0, y=0, width=0, height=0
11:29:45 = hWnd = 0x001204ec; ClassName:
x=0, y=0, width=0, height=0
11:29:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:29:45 = s1.
11:29:45 = s2.
11:29:45 = Start show animate
11:29:45 = Shell Excutute VerifyHost
11:34:4 = begin close Process
11:34:4 = Terminate Process
11:34:5 = end close Process
11:34:5 = DLL_PROCESS_DETACH
12:24:14 = Process Attach
12:24:14 = end process attach
12:24:14 = ***** NULL == SampleProvider *****
12:24:14 = ##### Begin waiting Mutex to release process #####
12:24:14 = hWnd = 0x000b07ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:24:14 = hWnd = 0x000702e8; ClassName:
dow.
x=0, y=0, width=1, height=1
12:24:14 = hWnd = 0x001605ee; ClassName:
x=0, y=0, width=0, height=0
12:24:14 = hWnd = 0x00060480; ClassName:
x=0, y=0, width=0, height=0
12:24:14 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:24:14 = s1.
12:24:14 = s2.
12:24:14 = Start show animate
12:24:14 = Shell Excutute VerifyHost
18:2:12 = begin close Process
18:2:13 = Terminate Process
18:2:14 = end close Process
18:2:14 = DLL_PROCESS_DETACH
18:3:54 = Process Attach
18:3:54 = end process attach
18:3:54 = ***** NULL == SampleProvider *****
18:3:54 = ##### Begin waiting Mutex to release process #####

18:3:54 = hWnd = 0x00cb05f4; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:3:54 = hWnd = 0x000c09ac; ClassName:
ow.
x=0, y=0, width=1, height=1
18:3:54 = hWnd = 0x000e0292; ClassName:
x=0, y=0, width=0, height=0
18:3:54 = hWnd = 0x000a09aa; ClassName:
x=0, y=0, width=0, height=0
18:3:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:3:54 = s1.
18:3:54 = s2.
18:3:54 = Start show animate
18:3:54 = Shell Excutute VerifyHost
18:8:1 = begin close Process
18:8:1 = Terminate Process
18:8:2 = end close Process
18:8:2 = DLL_PROCESS_DETACH
18:24:7 = Process Attach
18:24:7 = end process attach
18:24:7 = ***** NULL == SampleProvider *****
18:24:7 = hWnd = 0x0013045a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:24:7 = hWnd = 0x00050962; ClassName:
ow.
x=0, y=0, width=1, height=1
18:24:7 = hWnd = 0x000709b8; ClassName:
x=0, y=0, width=0, height=0
18:24:7 = hWnd = 0x001c04a4; ClassName:
x=0, y=0, width=0, height=0
18:24:8 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:24:8 = s1.
18:24:8 = s2.
18:24:8 = Start show animate
18:24:8 = Shell Excutute VerifyHost
18:54:48 = begin close Process
18:54:48 = Terminate Process
18:54:49 = end close Process
18:54:49 = DLL_PROCESS_DETACH
19:24:30 = Process Attach
19:24:30 = end process attach
19:24:30 = ***** NULL == SampleProvider *****
19:24:30 = hWnd = 0x001b099c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:24:30 = ##### Begin waiting Mutex to release process #####

19:24:30 = hWnd = 0x00260476; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:24:30 = hWnd = 0x00080482; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
19:24:30 = hWnd = 0x000c0994; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
19:24:39 = Process Attach
19:24:39 = ## ERR ## Setevent
19:24:39 = ***** NULL == SampleProvider *****
19:24:39 = begin close Process
19:24:39 = hWnd = 0x000600d6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
19:24:39 = ##### Get event and release process end #####
19:24:39 = hWnd = 0x000700da; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:7:43 = Process Attach
21:7:43 = end process attach
21:7:43 = ***** NULL == SampleProvider *****
21:7:43 = ##### Begin waiting Mutex to release process #####
21:7:43 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:7:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
21:7:44 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:7:44 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:7:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:7:47 = s1.
21:7:47 = s2.
21:7:53
21:7:53
21:8:30
21:8:30
21:8:31
21:8:31

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:43:47 = Process Attach

23:43:47 = end process attach
23:43:47 = ##### Begin waiting Mutex to release process #####
23:43:47 = hWnd = 0x00410982; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:43:47 = hWnd = 0x00420456; ClassName: GDI+ Hook Window Class; Title: GDI+ Win

dow.
x=0, y=0, width=1, height=1
23:43:47 = hWnd = 0x0005096e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
23:43:47 = hWnd = 0x0008099e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:43:58 = Process Attach
23:43:58 = ## ERR ## Setevent
23:43:58 = ***** NULL == SampleProvider *****
23:43:58 = begin close Process
23:43:58 = end close Process
23:43:58 = ##### Get event and release process end #####
23:43:58 = hWnd = 0x005500d8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:43:58 = hWnd = 0x000200b6; ClassName:
dow.
x=0, y=0, width=1, height=1
23:43:58 = hWnd = 0x00110094; ClassName:
x=0, y=0, width=0, height=0
23:43:58 = hWnd = 0x000200b8; ClassName:
x=0, y=0, width=0, height=0
7:32:12 = Process Attach
7:32:12 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:32:12 = * NULL == SampleProvider *

7:32:12 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:32:12 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:32:12 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:32:12 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:32:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:32:20 = s1.
7:32:20 = s2.
7:32:20
7:32:20
7:32:35
7:32:35
7:32:36
7:32:36

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:42:58 = Process Attach

7:42:58 = end process attach
7:42:58 = ***** NULL == SampleProvider *****
7:42:58 = ##### Begin waiting Mutex to release process #####

7:42:58 = hWnd = 0x000c03fc; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:42:58 = hWnd = 0x0003045c; ClassName:
ow.
x=0, y=0, width=1, height=1
7:42:58 = hWnd = 0x0002045e; ClassName:
x=0, y=0, width=0, height=0
7:42:58 = hWnd = 0x00080450; ClassName:
x=0, y=0, width=0, height=0
7:42:59 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:42:59 = s1.
7:42:59 = s2.
7:42:59 = Start show animate
7:42:59 = Shell Excutute VerifyHost
8:11:7 = begin close Process
8:11:7 = Terminate Process
8:11:8 = end close Process
8:11:8 = DLL_PROCESS_DETACH
8:29:16 = Process Attach
8:29:16 = end process attach
8:29:16 = ***** NULL == SampleProvider *****
8:29:16 = ##### Begin waiting Mutex to release process #####
8:29:16 = hWnd = 0x000a0280; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:29:16 = hWnd = 0x00070762; ClassName:
ow.
x=0, y=0, width=1, height=1
8:29:16 = hWnd = 0x000609de; ClassName:
x=0, y=0, width=0, height=0
8:29:16 = hWnd = 0x000505d0; ClassName:
x=0, y=0, width=0, height=0
8:29:26 = Process Attach
8:29:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:29:26 = ##### Get event and release process #####

8:29:26 = begin close Process
8:29:26 = end close Process
8:29:26 = ##### Get event and release process end #####
8:29:26 = hWnd = 0x000400e2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:29:26 = hWnd = 0x000400c0; ClassName:
ow.
x=0, y=0, width=1, height=1
8:29:26 = hWnd = 0x000400ec; ClassName:
x=0, y=0, width=0, height=0
8:29:26 = hWnd = 0x000400d0; ClassName:
x=0, y=0, width=0, height=0
12:13:12 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:13:12 = end process attach

12:13:12 = ***** NULL == SampleProvider *****
12:13:12 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:13:13 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:13:13 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:13:13 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:13:16 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:13:16 = s1.
12:13:16 = s2.
12:13:20 = Start show animate
12:13:20 = Shell Excutute VerifyHost
12:13:59 = begin close Process
12:13:59 = Terminate Process
12:14:0 = end close Process
12:14:0 = DLL_PROCESS_DETACH
15:22:56 = Process Attach
15:22:56 = end process attach
15:22:56 = ***** NULL == SampleProvider *****
15:22:56 = ##### Begin waiting Mutex to release process #####
15:22:56 = hWnd = 0x00020604; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:22:56 = hWnd = 0x000705ca; ClassName:
dow.
x=0, y=0, width=1, height=1
15:22:56 = hWnd = 0x000505e6; ClassName:
x=0, y=0, width=0, height=0
15:22:56 = hWnd = 0x000e04f6; ClassName:
x=0, y=0, width=0, height=0
15:23:6 = Process Attach
15:23:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:23:6 = * NULL == SampleProvider *

15:23:6 = begin close Process
15:23:6 = end close Process
15:23:6 = ##### Get event and release process end #####
15:23:6 = hWnd = 0x0008002a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:23:6 = hWnd = 0x0003002c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
15:23:6 = hWnd = 0x0008009a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0,
15:23:6 =
x=0, y=0,
9:30:33 =
9:30:33 =

width=0, height=0
hWnd = 0x000200be; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

9:30:33 = * NULL == SampleProvider *

9:30:33 = ##### Begin waiting Mutex to release process #####
9:30:33 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:30:33 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:30:33 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:30:33 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:30:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:30:39 = s1.
9:30:39 = s2.
9:30:39 = Start show animate
9:30:39 = Shell Excutute VerifyHost
9:31:6 = begin close Process
9:31:6 = Terminate Process
9:31:7 = end close Process
9:31:7 = DLL_PROCESS_DETACH
11:19:24 = Process Attach
11:19:24 = end process attach
11:19:24 = ***** NULL == SampleProvider *****
11:19:24 = ##### Begin waiting Mutex to release process #####
11:19:24 = hWnd = 0x0007049a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:19:24 = hWnd = 0x0002035a; ClassName:
dow.
x=0, y=0, width=1, height=1
11:19:24 = hWnd = 0x00060610; ClassName:
x=0, y=0, width=0, height=0
11:19:24 = hWnd = 0x000c0a90; ClassName:
x=0, y=0, width=0, height=0
11:19:25 = Need to re-create objects.
11:19:25 = s1.
11:19:25 = s2.
11:19:25 = Start show animate
11:19:25 = Shell Excutute VerifyHost
12:5:36 = begin close Process
12:5:36 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:5:37 = end close Process

12:5:37 = DLL_PROCESS_DETACH
12:26:55 = Process Attach
12:26:55 = end process attach
12:26:55 = ***** NULL == SampleProvider *****
12:26:55 = hWnd = 0x000d057c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:26:55 = hWnd = 0x00120594; ClassName:
dow.
x=0, y=0, width=1, height=1
12:26:55 = hWnd = 0x000904c6; ClassName:
x=0, y=0, width=0, height=0
12:26:55 = hWnd = 0x000c057a; ClassName:
x=0, y=0, width=0, height=0
12:28:6 = Process Attach
12:28:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:28:6 = * NULL == SampleProvider *

12:28:6 = begin close Process
12:28:6 = end close Process
12:28:6 = ##### Get event and release process end #####
12:28:6 = hWnd = 0x004f007a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:28:6 = hWnd = 0x00720124; ClassName:
ow.
x=0, y=0, width=1, height=1
12:28:6 = hWnd = 0x00050096; ClassName:
x=0, y=0, width=0, height=0
12:28:6 = hWnd = 0x000a00de; ClassName:
x=0, y=0, width=0, height=0
12:30:57 = Process Attach
12:30:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:30:57 = * NULL == SampleProvider *

12:30:57 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:30:57 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:30:58 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:30:58 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:31:0 = Need to re-create objects.
12:31:1 = s1.
12:31:1 = s2.
12:31:4 = Start show animate
12:31:4 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:31:43
12:31:43
12:31:44
12:31:44

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

17:32:27 = Process Attach

17:32:27 = end process attach
17:32:27 = ***** NULL == SampleProvider *****
17:32:27 = hWnd = 0x00040b96; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:32:27 = hWnd = 0x006c08f0; ClassName:
dow.
x=0, y=0, width=1, height=1
17:32:27 = hWnd = 0x00030b46; ClassName:
x=0, y=0, width=0, height=0
17:32:27 = hWnd = 0x00030252; ClassName:
x=0, y=0, width=0, height=0
17:32:31 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:32:31 = s1.
17:32:31 = s2.
17:46:11
17:46:11
17:46:28
17:46:28
17:46:28

=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
end close Process
DLL_PROCESS_DETACH

17:48:34 = Process Attach

17:48:34 = end process attach
17:48:37 = ##### Begin waiting Mutex to release process #####
17:48:37 = ***** NULL == SampleProvider *****
17:48:37 = hWnd = 0x000b0a7e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:48:37 = hWnd = 0x000b0b6c; ClassName:
dow.
x=0, y=0, width=1, height=1
17:48:37 = hWnd = 0x00110994; ClassName:
x=0, y=0, width=0, height=0
17:48:37 = hWnd = 0x000809ca; ClassName:
x=0, y=0, width=0, height=0
17:48:37 = Need to re-create objects.
17:48:37 = s1.
17:48:37 = s2.
17:48:38 = Start show animate
17:48:38 = Shell Excutute VerifyHost
21:31:6 = begin close Process
21:31:6 = Terminate Process
21:31:7 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:31:7 = DLL_PROCESS_DETACH
23:40:15 = Process Attach
23:40:15 = end process attach
23:40:15 = ##### Begin waiting Mutex to release process #####
23:40:15 = ***** NULL == SampleProvider *****
23:40:15 = hWnd = 0x00031218; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:40:15 = hWnd = 0x001b0520; ClassName:
dow.
x=0, y=0, width=1, height=1
23:40:15 = hWnd = 0x00040dfc; ClassName:
x=0, y=0, width=0, height=0
23:40:15 = hWnd = 0x00040ea8; ClassName:
x=0, y=0, width=0, height=0
23:41:55 = Process Attach
23:41:55 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:41:55 = ##### Get event and release process #####

23:41:55 = begin close Process
23:41:55 = end close Process
23:41:55 = ##### Get event and release process end #####
23:41:55 = ***** NULL == SampleProvider *****
23:41:55 = hWnd = 0x000b00ce; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:41:55 = hWnd = 0x000d00f0; ClassName:
dow.
x=0, y=0, width=1, height=1
23:41:55 = hWnd = 0x000600dc; ClassName:
x=0, y=0, width=0, height=0
23:41:55 = hWnd = 0x000800da; ClassName:
x=0, y=0, width=0, height=0
6:38:34 = Process Attach
6:38:34 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:38:34 = * NULL == SampleProvider *

6:38:35 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:38:36 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:38:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:38:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:38:38 = Need to re-create objects.
6:38:39 = s1.
6:38:39 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:38:43
6:38:43
6:39:21
6:39:21
6:39:22
6:39:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:16:51 = Process Attach

7:16:51 = end process attach
7:16:51 = ***** NULL == SampleProvider *****
7:16:51 = ##### Begin waiting Mutex to release process #####
7:16:51 = hWnd = 0x000302fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:16:51 = hWnd = 0x000202f6; ClassName:
ow.
x=0, y=0, width=1, height=1
7:16:51 = hWnd = 0x0007050e; ClassName:
x=0, y=0, width=0, height=0
7:16:51 = hWnd = 0x000302fc; ClassName:
x=0, y=0, width=0, height=0
7:16:56 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:16:57 = s1.
7:16:57 = s2.
7:44:24 = Start show animate
7:44:24 = Shell Excutute VerifyHost
7:45:7 = begin close Process
7:45:7 = Terminate Process
7:45:8 = end close Process
7:45:8 = DLL_PROCESS_DETACH
9:38:56 = Process Attach
9:38:57 = end process attach
9:38:57 = ***** NULL == SampleProvider *****
9:38:57 = ##### Begin waiting Mutex to release process #####
9:38:57 = hWnd = 0x001404fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:38:57 = hWnd = 0x0019051a; ClassName:
ow.
x=0, y=0, width=1, height=1
9:38:57 = hWnd = 0x0006055c; ClassName:
x=0, y=0, width=0, height=0
9:38:57 = hWnd = 0x000d014c; ClassName:
x=0, y=0, width=0, height=0
9:38:57 = Need to re-create objects.
9:38:57 = s1.
9:38:57 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:38:57
9:38:57
9:48:14
9:48:14
9:48:15
9:48:15

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:53:57 = Process Attach

10:53:57 = end process attach
10:53:57 = ***** NULL == SampleProvider *****
10:53:57 = ##### Begin waiting Mutex to release process #####
10:53:57 = hWnd = 0x0009057c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:53:57 = hWnd = 0x00060468; ClassName:
dow.
x=0, y=0, width=1, height=1
10:53:57 = hWnd = 0x00040474; ClassName:
x=0, y=0, width=0, height=0
10:53:57 = hWnd = 0x00080588; ClassName:
x=0, y=0, width=0, height=0
11:5:44 = Process Attach
11:5:44 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:44 = * NULL == SampleProvider *

11:5:44 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:5:44 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
11:5:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
11:5:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
11:5:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:5:47 = s1.
11:5:47 = s2.
11:5:52
11:5:52
11:6:32
11:6:32
11:6:33
11:6:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

11:59:55 = Process Attach

11:59:55 = end process attach
11:59:55 = ***** NULL == SampleProvider *****
11:59:55 = ##### Begin waiting Mutex to release process #####

11:59:55 = hWnd = 0x00030472; ClassName:

: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:59:55 = hWnd = 0x00030434; ClassName:
dow.
x=0, y=0, width=1, height=1
11:59:55 = hWnd = 0x0003040e; ClassName:
x=0, y=0, width=0, height=0
11:59:55 = hWnd = 0x0003042a; ClassName:
x=0, y=0, width=0, height=0
12:0:0 = Process Attach
12:0:0 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:0:0 = * NULL == SampleProvider *

12:0:0 = begin close Process
12:0:0 = end close Process
12:0:0 = ##### Get event and release process end #####
12:0:0 = hWnd = 0x0006008a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:0:0 = hWnd = 0x000300de; ClassName:
w.
x=0, y=0, width=1, height=1
12:0:0 = hWnd = 0x000400d8; ClassName:
x=0, y=0, width=0, height=0
12:0:0 = hWnd = 0x0005005e; ClassName:
x=0, y=0, width=0, height=0
20:31:23 = Process Attach
20:31:23 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:31:23 = * NULL == SampleProvider *

20:31:23 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:31:24 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
20:31:24 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
20:31:24 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
20:31:26 = Need to re-create objects.
20:31:26 = s1.
20:31:26 = s2.
20:31:30 = Start show animate
20:31:30 = Shell Excutute VerifyHost
20:32:7 = begin close Process
20:32:7 = Terminate Process
20:32:8 = end close Process
20:32:8 = DLL_PROCESS_DETACH
0:18:17 = Process Attach
0:18:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:18:17 = * NULL == SampleProvider *

0:18:17 = ##### Begin waiting Mutex to release process #####
0:18:17 =
ow.
x=0, y=0,
0:18:17 =
x=0, y=0,
0:18:17 =
x=0, y=0,
0:19:27 =
0:19:27 =

hWnd = 0x00040b52; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00030452; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00030b4e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:19:27 = * NULL == SampleProvider *

0:19:27 = begin close Process
0:19:27 = end close Process
0:19:27 = ##### Get event and release process end #####
0:19:27 = hWnd = 0x0003009c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:19:27 = hWnd = 0x000a002a; ClassName:
ow.
x=0, y=0, width=1, height=1
0:19:27 = hWnd = 0x000300b8; ClassName:
x=0, y=0, width=0, height=0
0:19:27 = hWnd = 0x000300a8; ClassName:
x=0, y=0, width=0, height=0
6:45:37 = Process Attach
6:45:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:45:37 = ##### Begin waiting Mutex to release process #####

6:45:37 = ***** NULL == SampleProvider *****
6:45:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:45:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:45:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:45:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:45:43 = Need to re-create objects.
6:45:43 = s1.
6:45:43 = s2.
6:45:45
6:45:45
6:46:17
6:46:17
6:46:18
6:46:18

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:11:1 = Process Attach

7:11:1 = end process attach
7:11:1 = ***** NULL == SampleProvider *****
7:11:1 = ##### Begin waiting Mutex to release process #####
7:11:1 = hWnd = 0x00020482; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:11:1 = hWnd = 0x00020450; ClassName:
w.
x=0, y=0, width=1, height=1
7:11:1 = hWnd = 0x00020458; ClassName:
x=0, y=0, width=0, height=0
7:11:1 = hWnd = 0x00020456; ClassName:
x=0, y=0, width=0, height=0
7:13:13 = Process Attach
7:13:13 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:13:13 = * NULL == SampleProvider *

7:13:13 = ##### Get event and release process #####
7:13:13 = hWnd = 0x000200ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:13:13 = end close Process
7:13:13 = hWnd = 0x000200a6; ClassName:
ow.
x=0, y=0, width=1, height=1
7:13:13 = hWnd = 0x000200ee; ClassName:
x=0, y=0, width=0, height=0
7:13:13 = hWnd = 0x000200e6; ClassName:
x=0, y=0, width=0, height=0
7:17:15 = Process Attach
7:17:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind

MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:17:15 = * NULL == SampleProvider *

7:17:15 = ##### Begin waiting Mutex to release process #####
7:17:16 =
ow.
x=0, y=0,
7:17:16 =
x=0, y=0,
7:17:16 =
x=0, y=0,
7:17:18 =

7:17:18 = s1.
7:17:18 = s2.
7:17:23 = Start show animate
7:17:23 = Shell Excutute VerifyHost
7:17:59 = begin close Process
7:17:59 = Terminate Process
7:18:0 = end close Process

7:18:0 = DLL_PROCESS_DETACH
7:38:33 = Process Attach
7:38:33 = end process attach
7:38:33 = ***** NULL == SampleProvider *****
7:38:33 = ##### Begin waiting Mutex to release process #####
7:38:33 = hWnd = 0x0002042e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:38:33 = hWnd = 0x000202fa; ClassName:
ow.
x=0, y=0, width=1, height=1
7:38:33 = hWnd = 0x00030568; ClassName:
x=0, y=0, width=0, height=0
7:38:33 = hWnd = 0x0002042c; ClassName:
x=0, y=0, width=0, height=0
7:38:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:38:34 = s1.
7:38:34 = s2.
7:38:40 = Start show animate
7:38:40 = Shell Excutute VerifyHost
8:7:51 = begin close Process
8:7:51 = Terminate Process
8:7:52 = end close Process
8:7:52 = DLL_PROCESS_DETACH
13:21:43 = Process Attach
13:21:44 = end process attach
13:21:44 = ***** NULL == SampleProvider *****
13:21:44 = ##### Begin waiting Mutex to release process #####
13:21:44 = hWnd = 0x001a04aa; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:21:44 = hWnd = 0x00150490; ClassName:
dow.
x=0, y=0, width=1, height=1
13:21:44 = hWnd = 0x000404a8; ClassName:
x=0, y=0, width=0, height=0
13:21:44 = hWnd = 0x000404f0; ClassName:
x=0, y=0, width=0, height=0
13:21:47 = Need to re-create objects.
13:21:47 = s1.
13:21:47 = s2.
13:21:48 = Start show animate
13:21:48 = Shell Excutute VerifyHost
15:55:5 = begin close Process
15:55:5 = Terminate Process
15:55:6 = end close Process

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:55:6 = DLL_PROCESS_DETACH
1:18:13 = Process Attach
1:18:13 = end process attach
1:18:14 = ***** NULL == SampleProvider *****
1:18:14 = ##### Begin waiting Mutex to release process #####
1:18:14 = hWnd = 0x0010158c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:18:14 = hWnd = 0x001015e6; ClassName:
ow.
x=0, y=0, width=1, height=1
1:18:14 = hWnd = 0x000f1526; ClassName:
x=0, y=0, width=0, height=0
1:18:14 = hWnd = 0x001915aa; ClassName:
x=0, y=0, width=0, height=0
1:19:26 = Process Attach
1:19:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:19:26 = * NULL == SampleProvider *

1:19:26 = begin close Process
1:19:26 = end close Process
1:19:26 = ##### Get event and release process end #####
1:19:26 = hWnd = 0x001100d6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:19:26 = hWnd = 0x0005002e; ClassName:
ow.
x=0, y=0, width=1, height=1
1:19:26 = hWnd = 0x002300f2; ClassName:
x=0, y=0, width=0, height=0
1:19:26 = hWnd = 0x000a00bc; ClassName:
x=0, y=0, width=0, height=0
6:29:37 = Process Attach
6:29:37 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:29:37 = * NULL == SampleProvider *

6:29:37 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:29:37 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
6:29:37 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
6:29:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
6:29:42 = Need to re-create objects.
6:29:42 = s1.
6:29:42 = s2.
6:29:42 = Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

6:29:42
6:30:13
6:30:13
6:30:14
6:30:14

=
=
=
=
=

Shell Excutute VerifyHost

begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

6:48:4 = Process Attach

6:48:4 = end process attach
6:48:4 = ***** NULL == SampleProvider *****
6:48:4 = ##### Begin waiting Mutex to release process #####
6:48:4 = hWnd = 0x000502ee; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
6:48:17 = hWnd = 0x0004033c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
6:48:17 = hWnd = 0x00040404; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
6:48:17 = hWnd = 0x0002033e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
6:48:18 = Need to re-create objects.
6:48:18 = s1.
6:48:18 = s2.
6:48:18 = Start show animate
6:48:18 = Shell Excutute VerifyHost
8:2:49 = begin close Process
8:2:49 = Terminate Process
8:2:50 = end close Process
8:2:50 = DLL_PROCESS_DETACH
9:9:27 = Process Attach
9:9:27 = end process attach
9:9:27 = ##### Begin waiting Mutex to release process #####
9:9:27 = ***** NULL == SampleProvider *****
9:9:33 = hWnd = 0x00050456; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:9:33 = hWnd = 0x000304aa; ClassName:
w.
x=0, y=0, width=1, height=1
9:9:33 = hWnd = 0x00090794; ClassName:
x=0, y=0, width=0, height=0
9:9:33 = hWnd = 0x0005087a; ClassName:
x=0, y=0, width=0, height=0
9:11:2 = Process Attach
9:11:2 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:2 = ##### Get event and release process #####

9:11:2 = begin close Process
9:11:2 = end close Process

9:11:2 = ##### Get event and release process end #####

9:11:2 = hWnd = 0x000200c6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
9:11:2 = hWnd = 0x000200c4; ClassName:
w.
x=0, y=0, width=1, height=1
9:11:2 = hWnd = 0x00030060; ClassName:
x=0, y=0, width=0, height=0
9:11:2 = hWnd = 0x000200c2; ClassName:
x=0, y=0, width=0, height=0
9:13:41 = Process Attach
9:13:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:13:41 = * NULL == SampleProvider *

9:13:41 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:13:42 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:13:42 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:13:42 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:13:44 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:13:44 = s1.
9:13:44 = s2.
9:13:48
9:13:48
9:14:26
9:14:26
9:14:27
9:14:27

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:13:45 = Process Attach

13:13:45 = end process attach
13:13:45 = ***** NULL == SampleProvider *****
13:13:45 = ##### Begin waiting Mutex to release process #####
13:13:45 = hWnd = 0x00030764; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:13:45 = hWnd = 0x000a0848; ClassName:
dow.
x=0, y=0, width=1, height=1
13:13:45 = hWnd = 0x00d3097e; ClassName:
x=0, y=0, width=0, height=0
13:13:45 = hWnd = 0x0004057e; ClassName:
x=0, y=0, width=0, height=0
13:14:37 = Process Attach
13:14:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:14:37 = * NULL == SampleProvider *

13:14:37 = begin close Process
13:14:37 = end close Process
13:14:37 = ##### Get event and release process end #####
13:14:37 = hWnd = 0x000300cc; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:14:37 = hWnd = 0x000300d0; ClassName:
dow.
x=0, y=0, width=1, height=1
13:14:37 = hWnd = 0x0005007e; ClassName:
x=0, y=0, width=0, height=0
13:14:37 = hWnd = 0x000300ca; ClassName:
x=0, y=0, width=0, height=0
16:36:41 = Process Attach
16:36:41 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:41 = * NULL == SampleProvider *

16:36:41 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
16:36:41 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
16:36:41 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
16:36:41 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
16:36:41 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

16:36:41 = s1.
16:36:41 = s2.
16:36:41
16:36:41
16:37:13
16:37:13
16:37:14
16:37:14

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:10:10 = Process Attach

0:10:10 = end process attach
0:10:10 = ***** NULL == SampleProvider *****
0:10:10 = ##### Begin waiting Mutex to release process #####
0:10:10 = hWnd = 0x000704fe; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:10:10 = hWnd = 0x00050474; ClassName:
ow.
x=0, y=0, width=1, height=1
0:10:10 = hWnd = 0x0003049e; ClassName:
x=0, y=0, width=0, height=0
0:10:10 = hWnd = 0x000304a0; ClassName:

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

x=0, y=0, width=0, height=0

0:10:40 = Process Attach
0:10:40 = ## ERR ## Setevent
0:10:40 = ***** NULL == SampleProvider *****
0:10:40 = begin close Process
0:10:40 = end close Process
0:10:40 = ##### Get event and release process end #####
0:10:40 = hWnd = 0x000400fa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:10:40 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
0:10:40 = hWnd = 0x000800e4; ClassName:
x=0, y=0, width=0, height=0
0:10:40 = hWnd = 0x000400f8; ClassName:
x=0, y=0, width=0, height=0
7:8:48 = Process Attach
7:8:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:8:48 = * NULL == SampleProvider *

7:8:48 = ##### Begin waiting Mutex to release process #####
7:8:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:8:48 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
7:8:48 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
7:8:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:8:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:8:48 = s1.
7:8:48 = s2.
7:8:48
7:8:48
7:9:11
7:9:11
7:9:12
7:9:12

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:49:13 = Process Attach

7:49:13 = end process attach
7:49:13 = ***** NULL == SampleProvider *****
7:49:13 = ##### Begin waiting Mutex to release process #####
7:49:13 = hWnd = 0x000205e4; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768

7:49:13 =
ow.
x=0, y=0,
7:49:13 =
x=0, y=0,
7:49:13 =
x=0, y=0,
7:49:13 =

hWnd = 0x000705e2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000205ec; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000205e6; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

7:49:13 = s1.
7:49:13 = s2.
7:49:13
7:49:13
7:50:23
7:50:23
7:50:24
7:50:24

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:50:43 = Process Attach

7:50:43 = end process attach
7:50:43 = ***** NULL == SampleProvider *****
7:50:43 = ##### Begin waiting Mutex to release process #####
7:50:43 = hWnd = 0x000f04d4; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:50:43 = hWnd = 0x00080570; ClassName:
ow.
x=0, y=0, width=1, height=1
7:50:43 = hWnd = 0x00060444; ClassName:
x=0, y=0, width=0, height=0
7:50:43 = hWnd = 0x0006073c; ClassName:
x=0, y=0, width=0, height=0
7:50:43 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:50:43 = s1.
7:50:43 = s2.
7:50:43 = Start show animate
7:50:43 = Shell Excutute VerifyHost
8:31:4 = begin close Process
8:31:4 = Terminate Process
8:31:5 = end close Process
8:31:5 = DLL_PROCESS_DETACH
8:42:52 = Process Attach
8:42:52 = end process attach
8:42:52 = ***** NULL == SampleProvider *****
8:42:52 = ##### Begin waiting Mutex to release process #####
8:42:54 = Need to re-create objects.
8:42:54 = s1.

8:42:54 = s2.
8:43:1 = Start show animate
8:43:1 = Shell Excutute VerifyHost
8:44:30 = Process Attach
8:44:30 = ## ERR ## Setevent
8:44:30 = ***** NULL == SampleProvider *****
8:44:30 = ##### Get event and release process #####
8:44:30 = begin close Process
8:44:30 = Terminate Process
8:44:30 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:44:30 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
8:44:30 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
8:44:30 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
8:44:31 = end close Process
8:44:31 = ##### Get event and release process end #####
8:44:32 = Need to re-create objects.
8:44:32 = s1.
8:44:32 = s2.
8:44:33
8:44:33
8:44:53
8:44:53
8:44:54
8:44:54

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:45:4 = begin close Process

8:45:4 = end close Process
8:45:4 = DLL_PROCESS_DETACH
11:1:39 = Process Attach
11:1:39 = end process attach
11:1:39 = ##### Begin waiting Mutex to release process #####
11:1:39 = hWnd = 0x000717d2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
11:1:39 = hWnd = 0x001c0722; ClassName:
ow.
x=0, y=0, width=1, height=1
11:1:39 = hWnd = 0x001d043e; ClassName:
x=0, y=0, width=0, height=0
11:1:39 = hWnd = 0x000c17d0; ClassName:
x=0, y=0, width=0, height=0
11:1:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

11:1:41 = s1.
11:1:41 = s2.
11:1:43
11:1:43
11:1:56
11:1:56
11:1:57
11:1:57

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:23:59 = Process Attach

13:24:0 = end process attach
13:24:0 = ***** NULL == SampleProvider *****
13:24:0 = ##### Begin waiting Mutex to release process #####
13:24:0 = hWnd = 0x00080442; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:24:0 = hWnd = 0x000b08b2; ClassName:
ow.
x=0, y=0, width=1, height=1
13:24:0 = hWnd = 0x000409d4; ClassName:
x=0, y=0, width=0, height=0
13:24:0 = hWnd = 0x000a073c; ClassName:
x=0, y=0, width=0, height=0
13:24:1 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:24:2 = s1.
13:24:2 = s2.
13:24:2 = Start show animate
13:24:2 = Shell Excutute VerifyHost
17:53:43 = begin close Process
17:53:43 = Terminate Process
17:53:44 = end close Process
17:53:44 = DLL_PROCESS_DETACH
19:18:34 = Process Attach
19:18:34 = end process attach
19:18:34 = ***** NULL == SampleProvider *****
19:18:34 = ##### Begin waiting Mutex to release process #####
19:18:34 = hWnd = 0x000812b6; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:18:34 = hWnd = 0x001309da; ClassName:
dow.
x=0, y=0, width=1, height=1
19:18:34 = hWnd = 0x000b0be6; ClassName:
x=0, y=0, width=0, height=0
19:18:34 = hWnd = 0x001b1164; ClassName:
x=0, y=0, width=0, height=0
19:19:3 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:19:3 = ## ERR ## Setevent

19:19:3 = ***** NULL == SampleProvider *****
19:19:3 = begin close Process
19:19:3 = hWnd = 0x001d00fc; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:19:3 = ##### Get event and release process end #####
19:19:3 =
ow.
x=0, y=0,
19:19:3 =
x=0, y=0,
19:19:3 =
x=0, y=0,
21:21:2 =
21:21:2 =

hWnd = 0x00110104; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x00060106; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x001a0102; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

21:21:2 = * NULL == SampleProvider *

21:21:2 = ##### Begin waiting Mutex to release process #####
21:21:2 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:21:2 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
21:21:2 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
21:21:2 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
21:21:10 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:21:10 = s1.
21:21:10 = s2.
21:21:12
21:21:12
21:22:33
21:22:33
21:22:34
21:22:34

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:21:28 = Process Attach

1:21:28 = end process attach
1:21:28 = ***** NULL == SampleProvider *****
1:21:28 = ##### Begin waiting Mutex to release process #####
1:21:28 = hWnd = 0x09e9048e; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
1:21:28 = hWnd = 0x0c89049c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1

1:21:28 =
x=0, y=0,
1:21:28 =
x=0, y=0,
1:21:39 =
1:21:39 =

hWnd = 0x000a04d2; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

width=0, height=0
hWnd = 0x045d04a0; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:21:39 = ##### Get event and release process #####

1:21:39 = begin close Process
1:21:39 = end close Process
1:21:39 = ##### Get event and release process end #####
1:21:39 = hWnd = 0x00080056; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:21:39 = hWnd = 0x000700d0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:21:39 = hWnd = 0x000c0126; ClassName:
x=0, y=0, width=0, height=0
1:21:39 = hWnd = 0x0006010e; ClassName:
x=0, y=0, width=0, height=0
9:11:35 = Process Attach
9:11:35 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:35 = * NULL == SampleProvider *

9:11:35 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:11:35 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:11:36 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:11:36 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:11:36 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:36 = s1.
9:11:36 = s2.
9:11:36
9:11:36
9:12:40
9:12:40
9:12:41
9:12:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:22:2 = Process Attach

10:22:2 = end process attach
10:22:2 = ***** NULL == SampleProvider *****
10:22:2 = ##### Begin waiting Mutex to release process #####
10:22:2 = hWnd = 0x00020426; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768

10:22:2 = hWnd = 0x000603ca; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:22:2 = hWnd = 0x00040264; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:22:2 = hWnd = 0x00060402; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:23:10 = Process Attach
10:23:10 = ## ERR ## Setevent
10:23:10 = ##### Get event and release process #####
10:23:10 = begin close Process
10:23:10 = end close Process
10:23:10 = ##### Get event and release process end #####
10:23:10 = hWnd = 0x000500ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:23:10 = hWnd = 0x00050038; ClassName:
dow.
x=0, y=0, width=1, height=1
10:23:10 = hWnd = 0x000c00e0; ClassName:
x=0, y=0, width=0, height=0
10:23:10 = hWnd = 0x0003005c; ClassName:
x=0, y=0, width=0, height=0
10:29:11 = Process Attach
10:29:11 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:11 = * NULL == SampleProvider *

10:29:11 = hWnd = 0x00020016; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:29:11 = hWnd = 0x00020018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:29:11 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
10:29:11 = hWnd = 0x0002001a; ClassName:
x=0, y=0, width=0, height=0
10:29:11 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:29:11 = s1.
10:29:11 = s2.
10:29:11
10:29:11
10:31:24
10:31:24
10:31:25
10:31:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:47:1 = Process Attach

10:47:1 = end process attach
10:47:1 = ***** NULL == SampleProvider *****

10:47:1 = ##### Begin waiting Mutex to release process #####

10:47:1 = hWnd = 0x000304e2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
10:47:1 = hWnd = 0x00020518; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
10:47:1 = hWnd = 0x00050526; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
10:48:57 = Process Attach
10:48:57 = ## ERR ## Setevent
10:48:57 = ***** NULL == SampleProvider *****
10:48:57 = begin close Process
10:48:57 = end close Process
10:48:57 = ##### Get event and release process end #####
10:48:57 = hWnd = 0x000a007a; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:48:57 = hWnd = 0x000200ac; ClassName:
dow.
x=0, y=0, width=1, height=1
10:48:57 = hWnd = 0x000800de; ClassName:
x=0, y=0, width=0, height=0
10:48:57 = hWnd = 0x000500b6; ClassName:
x=0, y=0, width=0, height=0
10:50:36 = Process Attach
10:50:36 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:50:36 = * NULL == SampleProvider *

10:50:37 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:50:37 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
10:50:37 = hWnd = 0x00010024; ClassName:
x=0, y=0, width=0, height=0
10:50:37 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
10:50:37 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:50:37 = s1.
10:50:37 = s2.
10:50:38 = Start show animate
10:50:38 = Shell Excutute VerifyHost
10:54:8 = begin close Process
10:54:8 = Terminate Process
10:54:9 = end close Process
10:54:9 = DLL_PROCESS_DETACH
12:47:20 = Process Attach
12:47:20 = end process attach
12:47:20 = ##### Begin waiting Mutex to release process #####

12:47:20 = * NULL == SampleProvider *

12:47:20 = hWnd = 0x0003130e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:47:20 = hWnd = 0x0008124c; ClassName:
dow.
x=0, y=0, width=1, height=1
12:47:20 = hWnd = 0x002f1264; ClassName:
x=0, y=0, width=0, height=0
12:47:20 = hWnd = 0x00091238; ClassName:
x=0, y=0, width=0, height=0
12:48:44 = Process Attach
12:48:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:48:44 = ##### Get event and release process #####

12:48:44 = ***** NULL == SampleProvider *****
12:48:44 = end close Process
12:48:44 = ##### Get event and release process end #####
12:48:44 = hWnd = 0x00040028; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
12:48:44 = hWnd = 0x00040094; ClassName:
dow.
x=0, y=0, width=1, height=1
12:48:44 = hWnd = 0x0006005c; ClassName:
x=0, y=0, width=0, height=0
12:48:44 = hWnd = 0x00030034; ClassName:
x=0, y=0, width=0, height=0
12:50:39 = Process Attach
12:50:39 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:50:39 = ##### Begin waiting Mutex to release process #####

12:50:39 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
12:50:39 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
12:50:39 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
12:50:39 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
12:50:40 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

12:50:40 = s1.
12:50:40 = s2.
12:50:40 = Start show animate
12:50:40 = Shell Excutute VerifyHost
15:21:7 = Process Attach
15:21:7 = end process attach
15:21:7 = ***** NULL == SampleProvider *****

15:21:7 = ##### Begin waiting Mutex to release process #####

15:21:7 = hWnd = 0x00051192; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
15:21:7 = hWnd = 0x000811b4; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
15:21:7 = hWnd = 0x00051178; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
15:21:29 = Process Attach
15:21:29 = ## ERR ## Setevent
15:21:29 = ***** NULL == SampleProvider *****
15:21:29 = ##### Get event and release process #####
15:21:29 = begin close Process
15:21:29 = end close Process
15:21:29 = ##### Get event and release process end #####
15:21:29 = hWnd = 0x000f0070; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:21:29 = hWnd = 0x000200b2; ClassName:
dow.
x=0, y=0, width=1, height=1
15:21:29 = hWnd = 0x000500ec; ClassName:
x=0, y=0, width=0, height=0
15:21:29 = hWnd = 0x000300bc; ClassName:
x=0, y=0, width=0, height=0
20:44:57 = Process Attach
20:44:57 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

20:44:57 = * NULL == SampleProvider *

20:44:57 = ##### Begin waiting Mutex to release process #####
20:44:57 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
20:44:57 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
20:45:1 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
20:45:4 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
20:45:6 = Need to re-create objects.
20:45:6 = s1.
20:45:6 = s2.
20:45:7 = Start show animate
20:45:7 = Shell Excutute VerifyHost
20:46:16 = begin close Process
20:46:16 = Terminate Process
20:46:17 = end close Process
20:46:17 = DLL_PROCESS_DETACH

1:30:8 = Process Attach

1:30:8 = end process attach
1:30:8 = ***** NULL == SampleProvider *****
1:30:8 = ##### Begin waiting Mutex to release process #####
1:30:8 = hWnd = 0x00020446; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
1:30:8 = hWnd = 0x0002046c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:30:8 = hWnd = 0x00020440; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:30:43 = Process Attach
1:30:43 = ## ERR ## Setevent
1:30:43 = ***** NULL == SampleProvider *****
1:30:43 = begin close Process
1:30:43 = end close Process
1:30:43 = ##### Get event and release process end #####
1:30:43 = hWnd = 0x00060094; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:30:43 = hWnd = 0x000400c0; ClassName:
ow.
x=0, y=0, width=1, height=1
1:30:43 = hWnd = 0x000b0070; ClassName:
x=0, y=0, width=0, height=0
1:30:43 = hWnd = 0x000200c2; ClassName:
x=0, y=0, width=0, height=0
7:19:17 = Process Attach
7:19:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:19:17 = * NULL == SampleProvider *

7:19:17 = ##### Begin waiting Mutex to release process #####
7:19:17 =
ow.
x=0, y=0,
7:19:21 =
x=0, y=0,
7:19:24 =
x=0, y=0,
7:19:26 =

7:19:26 = s1.
7:19:26 = s2.
7:19:27 = Start show animate
7:19:27 = Shell Excutute VerifyHost
7:20:3 = begin close Process
7:20:3 = Terminate Process
7:20:4 = end close Process
7:20:4 = DLL_PROCESS_DETACH

7:51:18 = Process Attach

7:51:18 = end process attach
7:51:18 = ***** NULL == SampleProvider *****
7:51:18 = ##### Begin waiting Mutex to release process #####
7:51:18 = hWnd = 0x0008044c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:51:18 = hWnd = 0x0002045e; ClassName:
ow.
x=0, y=0, width=1, height=1
7:51:18 = hWnd = 0x000204c6; ClassName:
x=0, y=0, width=0, height=0
7:51:18 = hWnd = 0x000304b4; ClassName:
x=0, y=0, width=0, height=0
7:51:26 = Process Attach
7:51:26 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:51:26 = * NULL == SampleProvider *

7:51:26 = begin close Process
7:51:26 = end close Process
7:51:26 = ##### Get event and release process end #####
7:51:26 = hWnd = 0x00050038; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:51:26 = hWnd = 0x000300ba; ClassName:
ow.
x=0, y=0, width=1, height=1
7:51:26 = hWnd = 0x00020060; ClassName:
x=0, y=0, width=0, height=0
7:51:26 = hWnd = 0x000200bc; ClassName:
x=0, y=0, width=0, height=0
7:52:43 = Process Attach
7:52:43 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:52:43 = * NULL == SampleProvider *

7:52:43 = ##### Begin waiting Mutex to release process #####
7:52:43 = hWnd = 0x0001001e; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:52:43 = hWnd = 0x0001001a; ClassName:
ow.
x=0, y=0, width=1, height=1
7:52:43 = hWnd = 0x00010024; ClassName:
x=0, y=0, width=0, height=0
7:52:43 = hWnd = 0x0001001c; ClassName:
x=0, y=0, width=0, height=0
7:52:43 = Need to re-create objects.
7:52:43 = s1.
7:52:43 = s2.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:52:43
7:52:43
7:53:15
7:53:15
7:53:16
7:53:16

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

8:5:9 = Process Attach

8:5:9 = end process attach
8:5:9 = ***** NULL == SampleProvider *****
8:5:9 = ##### Begin waiting Mutex to release process #####
8:5:9 = hWnd = 0x00050350; ClassName:
nicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:5:9 = hWnd = 0x00060352; ClassName:
.
x=0, y=0, width=1, height=1
8:5:9 = hWnd = 0x00060302; ClassName:
x=0, y=0, width=0, height=0
8:5:9 = hWnd = 0x00040314; ClassName:
x=0, y=0, width=0, height=0
8:5:18 = Process Attach
8:5:18 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title: I

GDI+ Hook Window Class; Title: GDI+ Window
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:5:18 = * NULL == SampleProvider *

8:5:18 = begin close Process
8:5:18 = end close Process
8:5:18 = ##### Get event and release process end #####
8:5:18 = hWnd = 0x00040098; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
8:5:18 = hWnd = 0x00050042; ClassName:
w.
x=0, y=0, width=1, height=1
8:5:18 = hWnd = 0x00040068; ClassName:
x=0, y=0, width=0, height=0
8:5:18 = hWnd = 0x0003003c; ClassName:
x=0, y=0, width=0, height=0
8:51:19 = Process Attach
8:51:19 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:51:19 = * NULL == SampleProvider *

8:51:19 = ##### Begin waiting Mutex to release process #####
8:51:19 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:51:20 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:51:20 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:51:20 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:51:23 = Need to re-create objects.

8:51:23 = s1.
8:51:23 = s2.
8:51:27
8:51:27
8:52:24
8:52:24
8:52:25
8:52:25

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:38:10 = Process Attach

13:38:10 = end process attach
13:38:10 = ***** NULL == SampleProvider *****
13:38:10 = ##### Begin waiting Mutex to release process #####
13:38:10 = hWnd = 0x000202f6; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1
13:38:10 = hWnd = 0x0004032a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:38:10 = hWnd = 0x00040050; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:38:10 = Need to re-create objects.
13:38:10 = s1.
13:38:10 = s2.
13:38:12
13:38:12
18:10:32
18:10:32
18:10:33
18:10:33

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

19:26:46 = Process Attach

19:26:46 = end process attach
19:26:46 = ***** NULL == SampleProvider *****
19:26:46 = ##### Begin waiting Mutex to release process #####
19:26:46 = hWnd = 0x000c09f4; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:26:46 = hWnd = 0x002109f0; ClassName:
dow.
x=0, y=0, width=1, height=1
19:26:46 = hWnd = 0x001e09ac; ClassName:
x=0, y=0, width=0, height=0
19:26:46 = hWnd = 0x00090ef6; ClassName:
x=0, y=0, width=0, height=0
19:27:11 = Process Attach
19:27:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:27:11 = ##### Get event and release process #####

19:27:11 = begin close Process
19:27:11 = end close Process
19:27:11 = ##### Get event and release process end #####
19:27:11 = ***** NULL == SampleProvider *****
19:27:11 = hWnd = 0x0004009c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
19:27:11 = hWnd = 0x000600a0; ClassName:
dow.
x=0, y=0, width=1, height=1
19:27:11 = hWnd = 0x000400a8; ClassName:
x=0, y=0, width=0, height=0
19:27:11 = hWnd = 0x000400a6; ClassName:
x=0, y=0, width=0, height=0
21:31:9 = Process Attach
21:31:9 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

21:31:9 = * NULL == SampleProvider *

21:31:9 = ##### Begin waiting Mutex to release process #####
21:31:9 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
21:31:9 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
21:31:10 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
21:31:10 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
21:31:12 = Need to re-create objects.
21:31:12 = s1.
21:31:12 = s2.
21:31:15
21:31:15
21:33:21
21:33:21
21:33:22
21:33:22

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:29:38 = Process Attach

0:29:38 = end process attach
0:29:38 = ***** NULL == SampleProvider *****
0:29:38 = ##### Begin waiting Mutex to release process #####
0:29:38 = hWnd = 0x00020a9a; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:29:38 = hWnd = 0x00020aa2; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0, width=1, height=1

0:29:38 = hWnd = 0x00020a8e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
0:29:38 = hWnd = 0x00020a9e; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
0:30:8 = Process Attach
0:30:8 = ## ERR ## Setevent
0:30:8 = ***** NULL == SampleProvider *****
0:30:8 = ##### Get event and release process #####
0:30:8 = begin close Process
0:30:8 = end close Process
0:30:8 = ##### Get event and release process end #####
0:30:8 = hWnd = 0x000c00e6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:30:8 = hWnd = 0x00030088; ClassName:
w.
x=0, y=0, width=1, height=1
0:30:8 = hWnd = 0x00030032; ClassName:
x=0, y=0, width=0, height=0
0:30:8 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
7:41:15 = Process Attach
7:41:15 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:41:15 = ##### Begin waiting Mutex to release process #####

7:41:15 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:41:15 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
7:41:15 = hWnd = 0x00010024; ClassName:
x=0, y=0, width=0, height=0
7:41:15 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
7:41:22 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:41:22 = s1.
7:41:22 = s2.
7:41:22
7:41:22
7:42:48
7:42:48
7:42:49
7:42:49

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

10:7:19 = Process Attach

10:7:19 = end process attach
10:7:19 = ***** NULL == SampleProvider *****
10:7:19 = ##### Begin waiting Mutex to release process #####

10:7:19 =
ow.
x=0, y=0,
10:7:19 =
x=0, y=0,
10:7:19 =
x=0, y=0,
10:7:51 =
10:7:51 =

hWnd = 0x00120600; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0007045e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00080526; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

10:7:51 = * NULL == SampleProvider *

10:7:51 = begin close Process
10:7:51 = end close Process
10:7:51 = ##### Get event and release process end #####
10:7:51 = hWnd = 0x000500ba; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:7:51 = hWnd = 0x000200b0; ClassName:
ow.
x=0, y=0, width=1, height=1
10:7:51 = hWnd = 0x000700fc; ClassName:
x=0, y=0, width=0, height=0
10:7:51 = hWnd = 0x000400fe; ClassName:
x=0, y=0, width=0, height=0
19:55:54 = Process Attach
19:55:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:55:54 = * NULL == SampleProvider *

19:55:54 = ##### Begin waiting Mutex to release process #####
19:55:54 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:55:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:55:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:55:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:55:54 = Need to re-create objects.
19:55:54 = s1.
19:55:54 = s2.
19:55:58 = Start show animate
19:55:58 = Shell Excutute VerifyHost
20:4:50 = begin close Process
20:4:50 = Terminate Process
20:4:51 = end close Process
20:4:51 = DLL_PROCESS_DETACH
0:59:28 = Process Attach
0:59:28 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:59:28 = * NULL == SampleProvider *

0:59:28 = ##### Begin waiting Mutex to release process #####
0:59:28 = hWnd = 0x00020462; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:59:28 = hWnd = 0x0002045c; ClassName:
ow.
x=0, y=0, width=1, height=1
0:59:28 = hWnd = 0x000e18a4; ClassName:
x=0, y=0, width=0, height=0
0:59:28 = hWnd = 0x00020472; ClassName:
x=0, y=0, width=0, height=0
1:0:20 = Process Attach
1:0:20 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

1:0:20 = ##### Get event and release process #####

1:0:20 = begin close Process
1:0:20 = end close Process
1:0:20 = ##### Get event and release process end #####
1:0:20 = ***** NULL == SampleProvider *****
1:0:20 = hWnd = 0x000300bc; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:0:20 = hWnd = 0x000400b2; ClassName:
w.
x=0, y=0, width=1, height=1
1:0:20 = hWnd = 0x000700c8; ClassName:
x=0, y=0, width=0, height=0
1:0:20 = hWnd = 0x000a0066; ClassName:
x=0, y=0, width=0, height=0
8:15:7 = Process Attach
8:15:7 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:7 = * NULL == SampleProvider *

8:15:7 = ##### Begin waiting Mutex to release process #####
8:15:7 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:15:7 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:15:7 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:15:7 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:15:7 = Need to re-create objects.
8:15:7 = s1.
8:15:7 = s2.
8:15:10 = Start show animate
8:15:10 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:15:48
8:15:48
8:15:49
8:15:49

=
=
=
=

begin close Process

Terminate Process
end close Process
DLL_PROCESS_DETACH

8:28:54 = Process Attach

8:28:54 = end process attach
8:28:54 = ***** NULL == SampleProvider *****
8:28:54 = ##### Begin waiting Mutex to release process #####
8:28:54 = hWnd = 0x00050332; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:28:54 = hWnd = 0x00020330; ClassName:
ow.
x=0, y=0, width=1, height=1
8:28:54 = hWnd = 0x000402f4; ClassName:
x=0, y=0, width=0, height=0
8:28:54 = hWnd = 0x00090302; ClassName:
x=0, y=0, width=0, height=0
8:28:54 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:28:54 = s1.
8:28:54 = s2.
8:28:54
8:28:54
8:40:39
8:40:39
8:40:40
8:40:40

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:6:19 = Process Attach

13:6:19 = end process attach
13:6:19 = ***** NULL == SampleProvider *****
13:6:19 = ##### Begin waiting Mutex to release process #####
13:6:19 = hWnd = 0x000805aa; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:6:19 = hWnd = 0x00050616; ClassName:
ow.
x=0, y=0, width=1, height=1
13:6:19 = hWnd = 0x000504f6; ClassName:
x=0, y=0, width=0, height=0
13:6:19 = hWnd = 0x000305ec; ClassName:
x=0, y=0, width=0, height=0
13:7:6 = Process Attach
13:7:6 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:7:6 = * NULL == SampleProvider *

13:7:6 = begin close Process
13:7:6 = end close Process
13:7:6 = ##### Get event and release process end #####

13:7:6 = hWnd = 0x000600d6; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:7:6 = hWnd = 0x00040086; ClassName:
w.
x=0, y=0, width=1, height=1
13:7:6 = hWnd = 0x000d00b4; ClassName:
x=0, y=0, width=0, height=0
13:7:6 = hWnd = 0x0004004c; ClassName:
x=0, y=0, width=0, height=0
13:13:45 = Process Attach
13:13:45 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:13:45 = * NULL == SampleProvider *

13:13:45 = ##### Begin waiting Mutex to release process #####
13:13:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:13:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:13:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:13:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:13:45 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:13:45 = s1.
13:13:45 = s2.
13:13:49
13:13:49
13:14:36
13:14:36
13:14:37
13:14:37

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:17:57 = Process Attach

13:17:57 = end process attach
13:17:57 = ***** NULL == SampleProvider *****
13:17:57 = ##### Begin waiting Mutex to release process #####
13:17:57 = hWnd = 0x00060346; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:17:57 = hWnd = 0x0005033a; ClassName:
dow.
x=0, y=0, width=1, height=1
13:17:57 = hWnd = 0x00070366; ClassName:
x=0, y=0, width=0, height=0
13:17:57 = hWnd = 0x0005033c; ClassName:
x=0, y=0, width=0, height=0
13:17:57 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:17:57 = s1.
13:17:57 = s2.
13:17:57
13:17:57
15:27:40
15:27:40
15:27:41
15:27:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

4:9:44 = Process Attach

4:9:44 = end process attach
4:9:44 = ***** NULL == SampleProvider *****
4:9:44 = ##### Begin waiting Mutex to release process #####
4:9:56 = hWnd = 0x000f0366; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
4:9:56 = hWnd = 0x000804d2; ClassName:
w.
x=0, y=0, width=1, height=1
4:9:56 = hWnd = 0x000604a2; ClassName:
x=0, y=0, width=0, height=0
4:9:56 = hWnd = 0x000604d4; ClassName:
x=0, y=0, width=0, height=0
4:11:37 = Process Attach
4:11:37 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

4:11:37 = * NULL == SampleProvider *

4:11:37 = hWnd = 0x000a00f2; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
4:11:37 = hWnd = 0x0008006c; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
4:11:37 = hWnd = 0x002000e0; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
4:11:37 = hWnd = 0x00030054; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
4:11:37 = ##### Get event and release process #####
4:11:37 = begin close Process
4:11:37 = end close Process
4:11:37 = ##### Get event and release process end #####
9:3:26 = Process Attach
9:3:26 = end process attach
9:3:26 = ***** NULL == SampleProvider *****
9:3:26 = ##### Begin waiting Mutex to release process #####
9:3:27 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:3:27 = hWnd = 0x00010022; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0

9:3:27 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:3:29 = Need to re-create objects.
9:3:29 = s1.
9:3:29 = s2.
9:3:32 = Start show animate
9:3:32 = Shell Excutute VerifyHost
9:16:18 = begin close Process
9:16:18 = Terminate Process
9:16:19 = end close Process
9:16:19 = DLL_PROCESS_DETACH
13:7:29 = Process Attach
13:7:29 = end process attach
13:7:29 = ***** NULL == SampleProvider *****
13:7:29 = ##### Begin waiting Mutex to release process #####
13:7:29 =
ow.
x=0, y=0,
13:7:29 =
x=0, y=0,
13:7:29 =
x=0, y=0,
13:7:43 =
13:7:43 =

hWnd = 0x0002041e; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x0005040e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00030420; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

13:7:43 = ##### Get event and release process #####

13:7:43 = begin close Process
13:7:43 = end close Process
13:7:43 = ##### Get event and release process end #####
13:7:43 = hWnd = 0x000f00f2; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:7:43 = hWnd = 0x000400fa; ClassName:
ow.
x=0, y=0, width=1, height=1
13:7:43 = hWnd = 0x001500ea; ClassName:
x=0, y=0, width=0, height=0
13:7:43 = hWnd = 0x000f00e8; ClassName:
x=0, y=0, width=0, height=0
23:24:56 = Process Attach
23:24:56 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:24:56 = * NULL == SampleProvider *

23:24:56 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:24:56 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.
x=0, y=0, width=1, height=1

23:24:56 = hWnd = 0x00010024; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
23:24:56 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
23:25:0 = Need to re-create objects.
23:25:0 = s1.
23:25:0 = s2.
23:25:1 = Start show animate
23:25:1 = Shell Excutute VerifyHost
23:25:56 = begin close Process
23:25:56 = Terminate Process
23:25:57 = end close Process
23:25:57 = DLL_PROCESS_DETACH
3:3:44 = Process Attach
3:3:44 = end process attach
3:3:44 = ***** NULL == SampleProvider *****
3:3:44 = ##### Begin waiting Mutex to release process #####
3:3:49 = hWnd = 0x000604b6; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
3:3:49 = hWnd = 0x000d04c4; ClassName:
w.
x=0, y=0, width=1, height=1
3:3:49 = hWnd = 0x00080486; ClassName:
x=0, y=0, width=0, height=0
3:3:49 = hWnd = 0x000604ba; ClassName:
x=0, y=0, width=0, height=0
3:5:11 = Process Attach
3:5:11 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

3:5:11 = ##### Get event and release process #####

3:5:11 = begin close Process
3:5:11 = hWnd = 0x000700d6; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
3:5:11 = ##### Get event and release process end #####
3:5:11 = hWnd = 0x0008010a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
3:5:11 = hWnd = 0x00030042; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:44:32 = Process Attach
9:44:32 = end process attach
9:44:32 = ***** NULL == SampleProvider *****
9:44:32 = ##### Begin waiting Mutex to release process #####
9:44:32 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:44:32 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

ow.
x=0, y=0,
9:44:32 =
x=0, y=0,
9:44:32 =
x=0, y=0,
9:44:33 =

width=1, height=1
hWnd = 0x00010024; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

9:44:33 = s1.
9:44:33 = s2.
9:44:34
9:44:34
9:45:21
9:45:21
9:45:23
9:45:23

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

1:55:48 = Process Attach

1:55:48 = end process attach
1:55:48 = ***** NULL == SampleProvider *****
1:55:48 = ##### Begin waiting Mutex to release process #####
1:55:48 =
ow.
x=0, y=0,
1:55:48 =
x=0, y=0,
1:55:48 =
x=0, y=0,
1:56:39 =
1:56:39 =

hWnd = 0x01b90550; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000e0a82; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x000f049e; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

1:56:39 = * NULL == SampleProvider *

1:56:39 = begin close Process
1:56:39 = end close Process
1:56:39 = ##### Get event and release process end #####
1:56:39 = hWnd = 0x000600ea; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:56:39 = hWnd = 0x00040094; ClassName:
ow.
x=0, y=0, width=1, height=1
1:56:39 = hWnd = 0x000d00b8; ClassName:
x=0, y=0, width=0, height=0
1:56:39 = hWnd = 0x0003009a; ClassName:
x=0, y=0, width=0, height=0
9:0:54 = Process Attach
9:0:54 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:0:54 = * NULL == SampleProvider *

9:0:54 = ##### Begin waiting Mutex to release process #####
9:0:54 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:

Inicio de sesin en Windows.

x=0, y=0, width=1366, height=768
9:0:54 = hWnd = 0x00010018; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1
9:0:54 = hWnd = 0x00010024; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
9:0:54 = hWnd = 0x0001001a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
9:1:12 = Need to re-create objects.
9:1:12 = s1.
9:1:12 = s2.
9:1:12 = Start show animate
9:1:12 = Shell Excutute VerifyHost
9:2:1 = begin close Process
9:2:1 = Terminate Process
9:2:2 = end close Process
9:2:2 = DLL_PROCESS_DETACH
10:27:27 = Process Attach
10:27:27 = end process attach
10:27:27 = ##### Begin waiting Mutex to release process #####
10:27:27 = ***** NULL == SampleProvider *****
10:27:27 = hWnd = 0x0003044e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
10:27:27 = hWnd = 0x00050444; ClassName:
dow.
x=0, y=0, width=1, height=1
10:27:27 = hWnd = 0x0007004e; ClassName:
x=0, y=0, width=0, height=0
10:27:27 = hWnd = 0x024a047e; ClassName:
x=0, y=0, width=0, height=0
10:27:59 = Process Attach
10:27:59 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

10:27:59 = * NULL == SampleProvider *

10:27:59 = begin close Process
10:27:59 = end close Process
10:27:59 = ##### Get event and release process end #####
10:27:59 = hWnd = 0x000a002e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
10:27:59 = hWnd = 0x000200ba; ClassName:
dow.
x=0, y=0, width=1, height=1
10:27:59 = hWnd = 0x000800e0; ClassName:
x=0, y=0, width=0, height=0
10:27:59 = hWnd = 0x0007003e; ClassName:
x=0, y=0, width=0, height=0
19:36:17 = Process Attach
19:36:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:36:17 = * NULL == SampleProvider *

19:36:17 = ##### Begin waiting Mutex to release process #####
19:36:17 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
19:36:17 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
19:36:17 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
19:36:17 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
19:36:24 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

19:36:24 = s1.
19:36:24 = s2.
19:36:25
19:36:25
19:37:10
19:37:10
19:37:11
19:37:11

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:21:50 = Process Attach

0:21:50 = end process attach
0:21:50 = ***** NULL == SampleProvider *****
0:21:50 = ##### Begin waiting Mutex to release process #####
0:21:50 = hWnd = 0x00030446; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
0:21:50 = hWnd = 0x00030450; ClassName:
ow.
x=0, y=0, width=1, height=1
0:21:50 = hWnd = 0x000c0554; ClassName:
x=0, y=0, width=0, height=0
0:21:50 = hWnd = 0x00030454; ClassName:
x=0, y=0, width=0, height=0
0:22:8 = Process Attach
0:22:8 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:22:8 = * NULL == SampleProvider *

0:22:8 = begin close Process
0:22:8 = end close Process
0:22:8 = ##### Get event and release process end #####
0:22:8 = hWnd = 0x000200be; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:22:8 = hWnd = 0x000200bc; ClassName: GDI+ Hook Window Class; Title: GDI+ Windo
w.
x=0, y=0, width=1, height=1

0:22:8 = hWnd = 0x001000d8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

x=0, y=0, width=0, height=0
0:22:8 = hWnd = 0x000500ca; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
14:39:44 = Process Attach
14:39:44 = end process attach
14:39:44 = ***** NULL == SampleProvider *****
14:39:44 = ##### Begin waiting Mutex to release process #####
14:39:45 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
14:39:45 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
14:39:45 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
14:39:45 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
14:39:47 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

14:39:47 = s1.
14:39:47 = s2.
14:39:50 = Start show animate
14:39:50 = Shell Excutute VerifyHost
14:45:9 = begin close Process
14:45:9 = Terminate Process
14:45:10 = end close Process
14:45:10 = DLL_PROCESS_DETACH
15:8:24 = Process Attach
15:8:25 = end process attach
15:8:25 = ##### Begin waiting Mutex to release process #####
15:8:25 = ***** NULL == SampleProvider *****
15:8:25 = hWnd = 0x00020440; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:8:25 = hWnd = 0x0002043a; ClassName:
ow.
x=0, y=0, width=1, height=1
15:8:25 = hWnd = 0x0004047e; ClassName:
x=0, y=0, width=0, height=0
15:8:25 = hWnd = 0x00020450; ClassName:
x=0, y=0, width=0, height=0
15:9:57 = Process Attach
15:9:57 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:9:57 = ##### Get event and release process #####

15:9:57 = begin close Process
15:9:57 = end close Process
15:9:57 = ##### Get event and release process end #####

15:9:57 = hWnd = 0x0003008c; ClassName:

Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
15:9:57 = hWnd = 0x000400a2; ClassName:
ow.
x=0, y=0, width=1, height=1
15:9:57 = hWnd = 0x000200b2; ClassName:
x=0, y=0, width=0, height=0
15:9:57 = hWnd = 0x0004008a; ClassName:
x=0, y=0, width=0, height=0
15:11:31 = Process Attach
15:11:31 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:11:31 = * NULL == SampleProvider *

15:11:31 = ##### Begin waiting Mutex to release process #####
15:11:31 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
15:11:31 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
15:11:31 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
15:11:31 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
15:11:34 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

15:11:34 = s1.
15:11:34 = s2.
15:11:38
15:11:38
16:37:52
16:37:52
16:37:53
16:37:53

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

23:31:27 = Process Attach

23:31:27 = end process attach
23:31:27 = ***** NULL == SampleProvider *****
23:31:27 = ##### Begin waiting Mutex to release process #####
23:31:27 = hWnd = 0x000e04a8; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
23:31:27 = hWnd = 0x0006069c; ClassName:
dow.
x=0, y=0, width=1, height=1
23:31:27 = hWnd = 0x00060846; ClassName:
x=0, y=0, width=0, height=0
23:31:27 = hWnd = 0x00060a5a; ClassName:
x=0, y=0, width=0, height=0
23:32:23 = Process Attach
23:32:23 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

23:32:23 = * NULL == SampleProvider *

23:32:23 = ##### Get event and release process #####
23:32:23 = begin close Process
23:32:23 = end close Process
23:32:23 = ##### Get event and release process end #####
23:32:23 = hWnd = 0x000300ba; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
23:32:23 = hWnd = 0x000d0044; ClassName:
dow.
x=0, y=0, width=1, height=1
23:32:23 = hWnd = 0x000b0042; ClassName:
x=0, y=0, width=0, height=0
23:32:23 = hWnd = 0x000200b6; ClassName:
x=0, y=0, width=0, height=0
8:41:48 = Process Attach
8:41:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:41:48 = * NULL == SampleProvider *

8:41:48 = ##### Begin waiting Mutex to release process #####
8:41:48 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:41:49 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
8:41:49 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:41:49 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:41:51 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:41:51 = s1.
8:41:51 = s2.
8:41:54
8:41:54
8:42:34
8:42:34
8:42:35
8:42:35

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:23:7 = Process Attach

13:23:7 = end process attach
13:23:7 = ***** NULL == SampleProvider *****
13:23:7 = ##### Begin waiting Mutex to release process #####
13:23:7 = hWnd = 0x00070108; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:23:7 = hWnd = 0x00020302; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.

x=0, y=0,
13:23:7 =
x=0, y=0,
13:23:7 =
x=0, y=0,
13:23:7 =

width=1, height=1
hWnd = 0x000c06b8; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00030412; ClassName: IME; Title: Default IME.
width=0, height=0
Need to re-create objects.

13:23:7 = s1.
13:23:7 = s2.
13:23:8 = Start show animate
13:23:8 = Shell Excutute VerifyHost
17:20:32 = begin close Process
17:20:32 = Terminate Process
17:20:34 = end close Process
17:20:36 = DLL_PROCESS_DETACH
18:57:39 = Process Attach
18:57:39 = end process attach
18:57:39 = ***** NULL == SampleProvider *****
18:57:39 = ##### Begin waiting Mutex to release process #####
18:57:39 = hWnd = 0x001e084e; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
18:57:39 = hWnd = 0x00070e1e; ClassName:
dow.
x=0, y=0, width=1, height=1
18:57:39 = hWnd = 0x000f072c; ClassName:
x=0, y=0, width=0, height=0
18:57:39 = hWnd = 0x00230726; ClassName:
x=0, y=0, width=0, height=0
18:57:39 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

18:57:39 = s1.
18:57:39 = s2.
18:57:39
18:57:39
22:38:45
22:38:45
22:38:46
22:38:46

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

0:30:53 = ##### Get event and release process #####

0:30:53 = begin close Process
0:30:53 = hWnd = 0x00020124; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:30:53 = ##### Get event and release process end #####
0:30:53 =
ow.
x=0, y=0,
0:30:53 =
x=0, y=0,
0:30:53 =
x=0, y=0,
7:11:39 =
7:11:39 =

hWnd = 0x00020126; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000c005a; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00020122; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
end process attach

7:11:39 = * NULL == SampleProvider *

7:11:39 = ##### Begin waiting Mutex to release process #####
7:11:39 = hWnd = 0x0001001c; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title:
Inicio de sesin en Windows.

x=0, y=0,
7:11:40 =
ow.
x=0, y=0,
7:11:40 =
x=0, y=0,
7:11:40 =
x=0, y=0,
7:11:44 =

7:11:44 = s1.
7:11:44 = s2.
7:11:47
7:11:47
7:13:40
7:13:40
7:13:41
7:13:41

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

7:22:41 = Process Attach

7:22:41 = end process attach
7:22:41 = ***** NULL == SampleProvider *****
7:22:41 = ##### Begin waiting Mutex to release process #####
7:22:41 = hWnd = 0x00020418; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
7:22:41 = hWnd = 0x00020412; ClassName:
ow.
x=0, y=0, width=1, height=1
7:22:41 = hWnd = 0x000503bc; ClassName:
x=0, y=0, width=0, height=0
7:22:41 = hWnd = 0x00040414; ClassName:
x=0, y=0, width=0, height=0
7:22:45 = Process Attach
7:22:45 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

7:22:45 = * NULL == SampleProvider *

7:22:45 = begin close Process
7:22:45 = end close Process
7:22:45 = ##### Get event and release process end #####
7:22:45 = hWnd = 0x00030068; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
7:22:45 = hWnd = 0x000500da; ClassName:
ow.
x=0, y=0, width=1, height=1
7:22:45 = hWnd = 0x0002008a; ClassName:
x=0, y=0, width=0, height=0
7:22:45 = hWnd = 0x000500dc; ClassName:
x=0, y=0, width=0, height=0
17:43:48 = Process Attach
17:43:48 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:43:48 = ##### Begin waiting Mutex to release process #####

17:43:48 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
17:43:48 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
17:43:48 = hWnd = 0x00010024; ClassName:
x=0, y=0, width=0, height=0
17:43:48 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
17:43:48 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

17:43:48 = s1.
17:43:48 = s2.
17:43:51
17:43:51
17:44:55
17:44:55
17:44:56
17:44:56

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

0:41:59 = Process Attach

0:41:59 = end process attach
0:41:59 = ***** NULL == SampleProvider *****
0:41:59 = ##### Begin waiting Mutex to release process #####
0:41:59 =
ow.
x=0, y=0,
0:41:59 =
x=0, y=0,
0:41:59 =
x=0, y=0,
0:42:20 =
0:42:20 =

hWnd = 0x000604ce; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
width=1, height=1
hWnd = 0x000f058c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
width=0, height=0
hWnd = 0x00060614; ClassName: IME; Title: Default IME.
width=0, height=0
Process Attach
## ERR ## Setevent

0:42:20 = * NULL == SampleProvider *

0:42:20 = begin close Process
0:42:20 = end close Process
0:42:20 = ##### Get event and release process end #####
0:42:20 = hWnd = 0x001c008a; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
0:42:20 = hWnd = 0x000200ae; ClassName:
ow.
x=0, y=0, width=1, height=1
0:42:20 = hWnd = 0x001a0088; ClassName:
x=0, y=0, width=0, height=0
0:42:20 = hWnd = 0x000300b8; ClassName:
x=0, y=0, width=0, height=0
8:1:17 = Process Attach
8:1:17 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:1:17 = * NULL == SampleProvider *

8:1:17 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
8:1:17 = hWnd = 0x00010018; ClassName:
w.
x=0, y=0, width=1, height=1
8:1:18 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
8:1:18 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
8:1:20 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

8:1:20 = s1.
8:1:20 = s2.
8:1:23 = Start show animate
8:1:23 = Shell Excutute VerifyHost
8:31:57 = begin close Process
8:31:57 = Terminate Process
8:31:58 = end close Process
8:31:58 = DLL_PROCESS_DETACH
1:15:17 = Process Attach
1:15:17 = end process attach
1:15:17 = ***** NULL == SampleProvider *****
1:15:17 = ##### Begin waiting Mutex to release process #####
1:15:17 = hWnd = 0x000404ac; ClassName: GDI+ Hook Window Class; Title: GDI+ Wind
ow.
x=0, y=0, width=1, height=1
1:15:17 = hWnd = 0x001b0a3c; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
1:15:17 = hWnd = 0x00060498; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
1:16:6 = Process Attach
1:16:6 = ## ERR ## Setevent
1:16:6 = ***** NULL == SampleProvider *****
1:16:6 = begin close Process
1:16:6 = end close Process
1:16:6 = ##### Get event and release process end #####
1:16:6 = hWnd = 0x001e0060; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
1:16:6 = hWnd = 0x000600d6; ClassName:
w.
x=0, y=0, width=1, height=1
1:16:6 = hWnd = 0x001000de; ClassName:
x=0, y=0, width=0, height=0
1:16:6 = hWnd = 0x003500d8; ClassName:
x=0, y=0, width=0, height=0
9:11:50 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Windo
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:50 = end process attach

9:11:50 = ***** NULL == SampleProvider *****
9:11:50 = ##### Begin waiting Mutex to release process #####
9:11:50 = hWnd = 0x0001001c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
9:11:51 = hWnd = 0x00010018; ClassName:
ow.
x=0, y=0, width=1, height=1
9:11:51 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
9:11:51 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
9:11:53 = Need to re-create objects.

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

9:11:54 = s1.
9:11:54 = s2.
9:11:57
9:11:57
9:15:27
9:15:27
9:15:28
9:15:28

=
=
=
=
=
=

Start show animate

Shell Excutute VerifyHost
begin close Process
Terminate Process
end close Process
DLL_PROCESS_DETACH

13:13:6 = Process Attach

13:13:6 = end process attach
13:13:6 = ***** NULL == SampleProvider *****
13:13:6 = ##### Begin waiting Mutex to release process #####
13:13:6 = hWnd = 0x0003061c; ClassName:
Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:13:6 = hWnd = 0x0004061e; ClassName:
ow.
x=0, y=0, width=1, height=1
13:13:6 = hWnd = 0x00030440; ClassName:
x=0, y=0, width=0, height=0
13:13:6 = hWnd = 0x00030450; ClassName:
x=0, y=0, width=0, height=0
13:13:46 = Process Attach
13:13:46 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title:

GDI+ Hook Window Class; Title: GDI+ Wind
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

13:13:46 = * NULL == SampleProvider *

13:13:46 = begin close Process
13:13:46 = end close Process
13:13:46 = ##### Get event and release process end #####
13:13:46 = hWnd = 0x00040086; ClassName: AUTHUI.DLL: LogonUI Logon Window; Title
: Inicio de sesin en Windows.
x=0, y=0, width=1024, height=768
13:13:46 = hWnd = 0x000400d2; ClassName: GDI+ Hook Window Class; Title: GDI+ Win
dow.

x=0, y=0, width=1, height=1

13:13:46 = hWnd = 0x00060034; ClassName: MSCTFIME UI; Title: MSCTFIME UI.
x=0, y=0, width=0, height=0
13:13:46 = hWnd = 0x0004007a; ClassName: IME; Title: Default IME.
x=0, y=0, width=0, height=0
13:55:51 = Process Attach
13:55:51 = end process attach
13:55:51 = ***** NULL == SampleProvider *****
13:55:53 = hWnd = 0x0001001c; ClassName:
: Inicio de sesin en Windows.
x=0, y=0, width=1366, height=768
13:55:54 = hWnd = 0x00010018; ClassName:
dow.
x=0, y=0, width=1, height=1
13:55:54 = hWnd = 0x00010022; ClassName:
x=0, y=0, width=0, height=0
13:55:54 = hWnd = 0x0001001a; ClassName:
x=0, y=0, width=0, height=0
13:56:1 = Need to re-create objects.
13:56:2 = s1.
13:56:2 = s2.
13:56:2 = Start show animate
13:56:2 = Shell Excutute VerifyHost
16:12:46 = begin close Process
16:12:46 = Terminate Process
16:12:47 = end close Process
16:12:47 = DLL_PROCESS_DETACH

AUTHUI.DLL: LogonUI Logon Window; Title

GDI+ Hook Window Class; Title: GDI+ Win
MSCTFIME UI; Title: MSCTFIME UI.
IME; Title: Default IME.

Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet
The Windows Process Journey
No ratings yet
The Windows Process Journey
28 pages
Windows 1693667965753
No ratings yet
Windows 1693667965753
57 pages
The Windows Process Journey v6 0 Aug2023 1691726739
No ratings yet
The Windows Process Journey v6 0 Aug2023 1691726739
53 pages
The Windows Process Journey: by Dr. Shlomi Boutnaru
No ratings yet
The Windows Process Journey: by Dr. Shlomi Boutnaru
39 pages
Bug Report
No ratings yet
Bug Report
7 pages
Malware
No ratings yet
Malware
23 pages
1 Report
No ratings yet
1 Report
57 pages
Setup Log
No ratings yet
Setup Log
18 pages
Bug Report
No ratings yet
Bug Report
8 pages
Bugreport 20210422230441 9576
No ratings yet
Bugreport 20210422230441 9576
20 pages
Bug Report
No ratings yet
Bug Report
37 pages
Bugreport
No ratings yet
Bugreport
10 pages
TheWindowsProcessJourney v9.0 March2024
No ratings yet
TheWindowsProcessJourney v9.0 March2024
70 pages
Bug Report
No ratings yet
Bug Report
6 pages
Core Windows Processes 1677920846
No ratings yet
Core Windows Processes 1677920846
17 pages
The Windows Process Journey
No ratings yet
The Windows Process Journey
28 pages
Bug Report
No ratings yet
Bug Report
7 pages
Assignmnet No 3
No ratings yet
Assignmnet No 3
12 pages
AA - 3.2.11 - Exploring Processes, Threads, Handles, and Windows Registry
No ratings yet
AA - 3.2.11 - Exploring Processes, Threads, Handles, and Windows Registry
12 pages
Bug Report
No ratings yet
Bug Report
7 pages
Bugreport 20211005161816 6340
No ratings yet
Bugreport 20211005161816 6340
12 pages
The Windows Process Journey 2025 1736239026
No ratings yet
The Windows Process Journey 2025 1736239026
155 pages
Intrusion Detection Systems
No ratings yet
Intrusion Detection Systems
53 pages
Bugreport 20211005161816 11008
No ratings yet
Bugreport 20211005161816 11008
12 pages
3.2.11
No ratings yet
3.2.11
9 pages
report-f11948edf3ad78021e0d404c10b56ab4
No ratings yet
report-f11948edf3ad78021e0d404c10b56ab4
36 pages
Bugreport 20210429181048 8936
No ratings yet
Bugreport 20210429181048 8936
12 pages
CapstonelLog-1 2 0
No ratings yet
CapstonelLog-1 2 0
283 pages
Autoztemon
No ratings yet
Autoztemon
17 pages
Threat Hunting
No ratings yet
Threat Hunting
126 pages
3.2.11 Lab - Exploring Processes, Threads, Handles, and Windows Registry
No ratings yet
3.2.11 Lab - Exploring Processes, Threads, Handles, and Windows Registry
4 pages
Mapviewoffile (: Maps A File Into Memory and Makes The Contents of The File Accessible Via Memory Addresses)
No ratings yet
Mapviewoffile (: Maps A File Into Memory and Makes The Contents of The File Accessible Via Memory Addresses)
4 pages
Untitled
No ratings yet
Untitled
32 pages
Threat Analysis Report: Hash Values File Details Environment
No ratings yet
Threat Analysis Report: Hash Values File Details Environment
25 pages
Process Hacker Processes
No ratings yet
Process Hacker Processes
4 pages
Bug Report
No ratings yet
Bug Report
7 pages
Laporan Tugas 2 - Kelompok 1 D
No ratings yet
Laporan Tugas 2 - Kelompok 1 D
61 pages
Bug Report
No ratings yet
Bug Report
11 pages
Analyzing Malicious Windows Programs
No ratings yet
Analyzing Malicious Windows Programs
21 pages
A Bit Away From Kernel
No ratings yet
A Bit Away From Kernel
5 pages
Ultra Virus Killer Log
No ratings yet
Ultra Virus Killer Log
8 pages
WaitClassification WatchFunctions
No ratings yet
WaitClassification WatchFunctions
3 pages
Mitre ATT@CK Matrix - Windows Logging - Basic: High Confidence or Covereage Medium Confidence or Coverage
No ratings yet
Mitre ATT@CK Matrix - Windows Logging - Basic: High Confidence or Covereage Medium Confidence or Coverage
27 pages
WaitClassification WatchFunctions
No ratings yet
WaitClassification WatchFunctions
3 pages
RFA Bugreport
No ratings yet
RFA Bugreport
27 pages
Structs
No ratings yet
Structs
4 pages
Win Menu C
No ratings yet
Win Menu C
3 pages
Bugreport
No ratings yet
Bugreport
11 pages
GF Excpt
No ratings yet
GF Excpt
22 pages
Windows Programming Tutorial
No ratings yet
Windows Programming Tutorial
27 pages
Program Menu
No ratings yet
Program Menu
3 pages
Bugreport
No ratings yet
Bugreport
34 pages
Lab 12
No ratings yet
Lab 12
12 pages
Global Verdict Report 4
No ratings yet
Global Verdict Report 4
35 pages
Threat Analysis Report: Hash Values File Details Environment
No ratings yet
Threat Analysis Report: Hash Values File Details Environment
24 pages
Win32K
No ratings yet
Win32K
24 pages
Bugreport 20210429181039 9588
No ratings yet
Bugreport 20210429181039 9588
12 pages
Microsoft Visual Basic Interview Questions: Microsoft VB Certification Review
From Everand
Microsoft Visual Basic Interview Questions: Microsoft VB Certification Review
Equity Press
No ratings yet
Computer Engineering Laboratory Solution Primer
From Everand
Computer Engineering Laboratory Solution Primer
Karan Bhandari
No ratings yet
DIALux Shortcuts
No ratings yet
DIALux Shortcuts
2 pages
vipin sir
No ratings yet
vipin sir
1 page
A320-Slats Fault in Approach
No ratings yet
A320-Slats Fault in Approach
9 pages
Engineering Problem Solving with C Delores M. Etter instant download
100% (1)
Engineering Problem Solving with C Delores M. Etter instant download
54 pages
didi cv
No ratings yet
didi cv
2 pages
How To Used PC To Update V7 V8 Box PDF
No ratings yet
How To Used PC To Update V7 V8 Box PDF
7 pages
Buy ebook Coaching Evoking Excellence in Others 2 edition Edition Flaherty J. cheap price
100% (8)
Buy ebook Coaching Evoking Excellence in Others 2 edition Edition Flaherty J. cheap price
27 pages
Introduction To Python Scripting For Maya Artists
No ratings yet
Introduction To Python Scripting For Maya Artists
63 pages
Yeacomm YF-P21 User Manual: 1、Main Technology Parameters
No ratings yet
Yeacomm YF-P21 User Manual: 1、Main Technology Parameters
2 pages
The Parts & Functions of MS Word
No ratings yet
The Parts & Functions of MS Word
3 pages
Up1 Form 4 Bi Smi Al Irsyad 2023
No ratings yet
Up1 Form 4 Bi Smi Al Irsyad 2023
12 pages
Synopsis Education Data Analysis and Prediction of Student Performance Using ML
No ratings yet
Synopsis Education Data Analysis and Prediction of Student Performance Using ML
3 pages
TD - Train 18 Gangway
No ratings yet
TD - Train 18 Gangway
54 pages
Instance Based Learning
No ratings yet
Instance Based Learning
21 pages
EXCEL-Switch Excel Column Heading To Number or Alphabets
No ratings yet
EXCEL-Switch Excel Column Heading To Number or Alphabets
8 pages
DT Lab Observation - Mod1
No ratings yet
DT Lab Observation - Mod1
24 pages
MN GPX User Pidsx en
No ratings yet
MN GPX User Pidsx en
156 pages
6th Sem Syllabus
No ratings yet
6th Sem Syllabus
41 pages
Thesis Image Compression
100% (3)
Thesis Image Compression
5 pages
Internship Report On Ananash Travel
64% (14)
Internship Report On Ananash Travel
41 pages
Solar Charge Controller User Manual: I Functional Characteristics
No ratings yet
Solar Charge Controller User Manual: I Functional Characteristics
5 pages
Rab Komputer
No ratings yet
Rab Komputer
2 pages
Oop Answers
No ratings yet
Oop Answers
14 pages
preprocessing-an-image
No ratings yet
preprocessing-an-image
6 pages
PR Creation
No ratings yet
PR Creation
27 pages
Daesungids Control: User Manual
No ratings yet
Daesungids Control: User Manual
53 pages
UCSD Cognitive Science Specializations
100% (1)
UCSD Cognitive Science Specializations
2 pages
Inventor Drawing Resource Transfer V3 PDF
No ratings yet
Inventor Drawing Resource Transfer V3 PDF
4 pages
Gopal Resume
No ratings yet
Gopal Resume
5 pages
Blind XPath Injection
No ratings yet
Blind XPath Injection
11 pages

Face Prov

Uploaded by

Face Prov

Uploaded by

13:53:42 = Process Attach

13:53:42 = end process attach

AUTHUI.DLL: LogonUI Logon Window; Title

13:53:51 = ##### Get event and release process #####

AUTHUI.DLL: LogonUI Logon Window; Title

14:2:0 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title:

14:2:7 = Shell Excutute VerifyHost

AUTHUI.DLL: LogonUI Logon Window; Title

15:40:9 = ##### Get event and release process #####

AUTHUI.DLL: LogonUI Logon Window; Title:

15:46:1 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title:

15:48:44 = ## ERR ## Setevent

AUTHUI.DLL: LogonUI Logon Window; Title

15:52:40 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

x=0, y=0, width=1, height=1

AUTHUI.DLL: LogonUI Logon Window; Title

16:43:59 = ***** NULL == SampleProvider *****

ClassName: GDI+ Hook Window Class; Title: GDI+ Wind

x=0, y=0, width=1366, height=768

AUTHUI.DLL: LogonUI Logon Window; Title

21:36:19 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

22:45:29 = ##### Begin waiting Mutex to release process #####

AUTHUI.DLL: LogonUI Logon Window; Title

22:45:36 = ##### Get event and release process #####

AUTHUI.DLL: LogonUI Logon Window; Title

22:50:10 = ***** NULL == SampleProvider *****

Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

AUTHUI.DLL: LogonUI Logon Window; Title:

0:0:54 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title:

15:24:40 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

Shell Excutute VerifyHost

2:11:34 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

Start show animate

2:36:56 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

2:37:52 = Terminate Process

AUTHUI.DLL: LogonUI Logon Window; Title:

2:38:23 = ##### Get event and release process #####

AUTHUI.DLL: LogonUI Logon Window; Title:

11:30:26 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

AUTHUI.DLL: LogonUI Logon Window; Title

15:25:41 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

15:27:17 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title

15:29:1 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title:

hWnd = 0x000c055e; ClassName: MSCTFIME UI; Title: MSCTFIME UI.

3:58:48 = ##### Get event and release process #####

AUTHUI.DLL: LogonUI Logon Window; Title:

12:39:36 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title

Start show animate

22:43:56 = Process Attach

: Inicio de sesin en Windows.

AUTHUI.DLL: LogonUI Logon Window; Title

22:48:2 = ***** NULL == SampleProvider *****

Start show animate

2:42:8 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

2:42:8 = ***** NULL == SampleProvider *****

AUTHUI.DLL: LogonUI Logon Window; Title:

2:42:20 = ##### Get event and release process #####

Start show animate

AUTHUI.DLL: LogonUI Logon Window; Title

3:18:1 = Process Attach

AUTHUI.DLL: LogonUI Logon Window; Title:

14:2:0 = * NULL == SampleProvider *

15:46:1 = * NULL == SampleProvider *

15:52:40 = * NULL == SampleProvider *

16:43:59 = * NULL == SampleProvider *

21:36:19 = * NULL == SampleProvider *

22:50:10 = * NULL == SampleProvider *

0:0:54 = * NULL == SampleProvider *

15:24:40 = * NULL == SampleProvider *

11:30:26 = * NULL == SampleProvider *

15:25:41 = * NULL == SampleProvider *

15:29:1 = * NULL == SampleProvider *

12:39:36 = * NULL == SampleProvider *

22:48:2 = * NULL == SampleProvider *

2:42:8 = * NULL == SampleProvider *

12:2:7 = * NULL == SampleProvider *

9:16:15 = * NULL == SampleProvider *

13:12:46 = * NULL == SampleProvider *

2:26:30 = * NULL == SampleProvider *

10:48:0 = * NULL == SampleProvider *

15:50:5 = * NULL == SampleProvider *

12:2:20 = * NULL == SampleProvider *

13:22:55 = * NULL == SampleProvider *

8:53:9 = * NULL == SampleProvider *

0:28:20 = * NULL == SampleProvider *

9:21:21 = * NULL == SampleProvider *

9:55:38 = * NULL == SampleProvider *

9:57:12 = * NULL == SampleProvider *

9:1:16 = * NULL == SampleProvider *