i dont know why i cant get all these nifty problems to poke around i tried on a different computer xp-sp2 and it runs as if it never had any problems in its life
Code:
New session
File 'C:\WINDOWS\System32\calc.exe'
New process with ID 000005E0 created
Main thread with ID 00000730 created
77F97077 New thread with ID 0000039C created
01000000 Module C:\WINDOWS\System32\calc.exe
5AD70000 Module C:\WINDOWS\System32\UxTheme.dll
71950000 Module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
772D0000 Module C:\WINDOWS\system32\SHLWAPI.dll
773D0000 Module C:\WINDOWS\system32\SHELL32.dll
77C10000 Module C:\WINDOWS\system32\msvcrt.dll
77C70000 Module C:\WINDOWS\system32\GDI32.dll
77CC0000 Module C:\WINDOWS\system32\RPCRT4.dll
77D40000 Module C:\WINDOWS\system32\USER32.dll
77DD0000 Module C:\WINDOWS\system32\ADVAPI32.dll
77E60000 Module C:\WINDOWS\system32\kernel32.dll
77F50000 Module C:\WINDOWS\System32\ntdll.dll
77F7F570 Attached process paused at ntdll.DbgBreakPoint
Thread 0000039C terminated, exit code 0
Analysing calc
158 heuristical procedures
273 calls to known, 167 calls to guessed functions
91 loops, 22 switches
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 127.
hControl = 002501EE ('3',class='Button',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
77E802F4 New thread with ID 000004A0 created
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 92.
hControl = 002601BA ('+',class='Button',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 127.
hControl = 002501EE ('3',class='Button',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 112.
hControl = 003901AE ('=',class='Button',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 81.
hControl = 001E0182 ('C',class='Button',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = BN_PAINT/LBN_SELCHANGE/CBN_SELCHANGE/ACCELERATOR... ID = 129.
hControl = NULL
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = BN_PAINT/LBN_SELCHANGE/CBN_SELCHANGE/ACCELERATOR... ID = 92.
hControl = NULL
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = BN_PAINT/LBN_SELCHANGE/CBN_SELCHANGE/ACCELERATOR... ID = 130.
hControl = NULL
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = BN_PAINT/LBN_SELCHANGE/CBN_SELCHANGE/ACCELERATOR... ID = 112.
hControl = NULL
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
01006118 CALL to Assumed WinProc from USER32.77D43A5C
hWnd = 0012026C ('Calculator',class='SciCalc')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 403.
hControl = 00300250 (class='Edit',parent=0012026C)
Thread 000004A0 terminated, exit code 2A (42.)
Process terminated, exit code 0
01000000 Unload C:\WINDOWS\System32\calc.exe
5AD70000 Unload C:\WINDOWS\System32\UxTheme.dll
71950000 Unload C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
772D0000 Unload C:\WINDOWS\system32\SHLWAPI.dll
773D0000 Unload C:\WINDOWS\system32\SHELL32.dll
77C10000 Unload C:\WINDOWS\system32\msvcrt.dll
77C70000 Unload C:\WINDOWS\system32\GDI32.dll
77CC0000 Unload C:\WINDOWS\system32\RPCRT4.dll
77D40000 Unload C:\WINDOWS\system32\USER32.dll
77DD0000 Unload C:\WINDOWS\system32\ADVAPI32.dll
77E60000 Unload C:\WINDOWS\system32\kernel32.dll
77F50000 Unload C:\WINDOWS\System32\ntdll.dll
End of session
