Spawned process "rundll32.exe" with commandline ""C:\",#5" ( Show Process) Spawned process "rundll32.exe" with commandline ""C:\",#4" ( Show Process) Spawned process "rundll32.exe" with commandline ""C:\",#3" ( Show Process) Spawned process "rundll32.exe" with commandline ""C:\",#2" ( Show Process) Spawned process "rundll32.exe" with commandline ""C:\",#1" ( Show Process) Looks up procedures from modules (excluding apphelp.dll, kernel32.dll, user32.dll, gdi32.dll, ole32.dll, comctl32.dll, uxtheme.dll, oleaut32.dll, version.dll, msctfime.ime) "rundll32.exe" loaded module "EXT-MS-WIN-RTCORE-NTUSER-INTEGRATION-L1-1-0.DLL" at base 5020000 "rundll32.exe" loaded module "EXT-MS-WIN-RTCORE-NTUSER-WINDOW-EXT-L1-1-0.DLL" at base 5020000
"rundll32.exe" loaded module "RPCRT4.DLL" at base 3720000 "rundll32.exe" loaded module "OLEAUT32.DLL" at base 60e0000 "rundll32.exe" loaded module "C:\WINDOWS\SYSTEM32\OLE32.DLL" at base 5950000 "rundll32.exe" loaded module "C:\WINDOWS\SYSTEM32\MSCTF.DLL" at base 4eb0000 "rundll32.exe" loaded module "KERNE元2.DLL" at base 5ca0000 "rundll32.exe" loaded module "C:\WINDOWS\SYSTEM32\UXTHEME.DLL" at base b20000 "rundll32.exe" loaded module "C:\WINDOWS\TEMP\VXOLE64.DLL" at base f8a50000 "rundll32.exe" loaded module "API-MS-WIN-CORE-LOCALIZATION-L1-2-1" at base 2a50000 "rundll32.exe" loaded module "API-MS-WIN-CORE-FIBERS-L1-1-1" at base 2a50000 "rundll32.exe" loaded module "API-MS-WIN-CORE-SYNCH-L1-2-0" at base 2a50000 "rundll32.exe" loaded module "%WINDIR%\SYSTEM32\IMM32.DLL" at base 3870000 "rundll32.exe" loaded module "API-MS-WIN-CORE-LOCALIZATION-OBSOLETE-L1-2-0" at base 2a50000 "rundll32.exe" loaded module "API-MS-WIN-CORE-DATETIME-L1-1-1" at base 2a50000 "rundll32.exe" loaded module "API-MS-WIN-CORE-STRING-L1-1-0" at base 2a50000
"rundll32.exe" loaded module "KERNE元2" at base 5ca0000 "rundll32.exe" called "RtlGetNtProductType" with parameter (UID: 00000000-00007808)Ĭontains ability to read software policies
0 kommentar(er)
