cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.0.3.0 (x64) [Mar 21 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : Jean-Marie [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 03/26/2016 18:40:11

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 1 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\simplitec -> Supprimé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 9 ¤¤¤
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\IObit\Advanced SystemCare V7\Advanced SystemCare 9.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /manual -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\Reason\Boost\Quarantine\484e12fd-eb80-4b76-a204-5e6f870413a1 [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /manual -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare 9.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /manual -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Désinstaller Advanced SystemCare.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\unins000.exe -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Protect.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /Protect -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Speed Up.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /turboboost -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Toolbox.lnk [LNK@] C:\PROGRA~2\IObit\ADVANC~1\ASC.exe /toolbox -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare -> Supprimé(e) au redémarrage [91]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\About.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\About.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenter2.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenterDownloader.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCDownload.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCInit.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCInit.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCPromote.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.log -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCServiceLog -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCUpgrade.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AUpdate.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoCare.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoSweep.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoUpdate.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoUpdate.log -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Backup -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\BrowserCleaner.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Config\BigUpgrade.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Config\Common.ini -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Config -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\CPUIDInterface.dll -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\cpuidsdk.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\ActiveBoost.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\bing.xml -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Cus.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Def.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\defaultProgramTzm.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\File.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Folder.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\google.xml -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\HomepageBlack.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\HomepageIgnore.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\HomepageWhite.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\ignore.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Opt.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\PriTemp.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Reg.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\Restore.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\startupBlack.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\StartupDRate.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\StartupInfoBlack.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\startupService.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\startupSignature.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\startupWhite.db -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\SysSpeed.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\TurboBoostGame.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\UninstallRote.dbd -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Database\yahoo.xml -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Database -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\datastate.dll -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DefaultProgram.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\delayLoad.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DetectionEx.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DiskDefrag.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DiskMap.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DiskScan.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DiskScan.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Display.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Display_log.txt -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DNSProtect.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\DownloadApplication.xml -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_x86\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_x86 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wlh_amd64\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wlh_amd64 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wlh_x86\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wlh_x86 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wnet_amd64\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wnet_amd64 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wnet_x86\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wnet_x86 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wxp_amd64\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wxp_amd64 -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wxp_x86\RegistryDefragBootTime.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\wxp_x86 -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\drivers -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\EULA.rtf -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\fav.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\FeedBack.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\FfSweep.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Homepage.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\HomepageSvc.dll -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\InfoHelp.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Lang.dat -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Arabic.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Armenian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Belarusian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\ChineseSimp.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\ChineseTrad.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Danish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Dutch.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\English.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Finnish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Flemish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\French.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\German.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Greek.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Hebrew.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Hungarian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Indonesian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Italian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Japanese.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Korean.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Latvian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Polish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Portuguese(PT-BR).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Portuguese(PT-PT).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Romanian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Russian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Serbian(Cyrillic).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Serbian(Latin).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Slovenian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Spanish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Swedish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Thai.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Turkish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Language\Vietnamese.lng -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Language -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LatestNews\imagenews.png -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LatestNews\imagenews_B.png -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LatestNews\LatestNews.ini -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\LatestNews -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_default.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_face_a.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_face_b.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_face_c.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_letter_a.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_letter_b.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages\icon_letter_c.ico -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\LinkImages -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LiveUpdate.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LiveUpdate.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\LocalLang.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\MonitorDisk.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\NoteIcon.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\NtfsData.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\OFCommon.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\PowerConfig.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\PPUninstaller.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\QuickSettings.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Register.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\register.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Reinforce.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\repair task.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Report.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ReProcess.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\RescueCenter.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\rtl120.bpl -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Scan.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\ScreenShot.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\sdcore.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\sdlib.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SecurityHoleScan.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SendBugReportNew.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\skin\classic.rcc -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\skin\dark.rcc -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\skin\public.rcc -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\skin\readable.rcc -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\skin -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\smBootTime.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SoftUpdateTip.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SpeedUp.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SPInit.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SPSetup.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SPUrlScanner.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\sqlite3.dll -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\StartupInfo.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Suc11_RegistryCleaner.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Suc12_DiskCleaner.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Suo10_SmartRAM.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Suo11_InternetBooster.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Suo12_StartupManager.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Sur13_WinFix.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\SysRest.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\TaskHelper.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\taskmgr.dll -> Supprimé(e) au redémarrage [5]
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Download -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Armenian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Belarusian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\ChineseSimp.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\ChineseTrad.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Czech.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Danish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Dutch.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\English.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Finnish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Flemish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\French.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\German.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Greek.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Hebrew.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Hungarian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Indonesian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Italian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Japanese.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Korean.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Latvian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Polish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Portuguese(PT-BR).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Portuguese(PT-PT).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Romanian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Russian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Serbian(Cyrillic).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Serbian(Latin).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Slovenian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Spanish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Swedish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Thai.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Turkish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language\Vietnamese.lng -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Toolbox_Language -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.dat -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.msg -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\UninstallPromote.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\Freeware.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\LastCheck.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\SoftUpdater.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\Toolbox.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\Update.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update\UpdateHistory.ini -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare\Update -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Update History.txt -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\vcl120.bpl -> Supprimé(e) au redémarrage [5]
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\vclx120.bpl -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\winid.dat -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare\Wizard.exe -> Supprimé(e)

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 900 (Driver: Chargé) ¤¤¤
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f3978770
[IRP:Addr] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801f39bc4c0
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_READ[3] : C:\Windows\System32\drivers\hmpalert.sys @ 0xfffff801f5ec18d0
[IRP:Addr] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8012e161094
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d4a660
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d46f10
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d0cd10
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Inl(Hook.IEAT)] (explorer.exe) user32!GetMessageW : Unknown @ 0x7ff8913b0d5b (jmp 0xffffffffcb8ddf6b)
[IAT:Inl(Hook.IEAT)] (explorer.exe) user32!PeekMessageW : Unknown @ 0x7ff8913b0cdb (jmp 0xffffffffcb8e466b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtMapViewOfSection : Unknown @ 0x7ff8913b0ed6 (jmp 0xffffffffc967b916)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtUnmapViewOfSection : Unknown @ 0x7ff8913b0e96 (jmp 0xffffffffc967b896)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!LdrLoadDll : Unknown @ 0x7ff8913b0e55 (jmp 0xffffffffc9710325)
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02510
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02cc0
[IAT:Addr] (explorer.exe @ hmpalert.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d10c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d46f10
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d10200
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09240
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9ab50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d0c3b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KeyCrypt64(2).dll) user32!GetMessageA : Unknown @ 0x7ff8913b0d9b (jmp 0xffffffffcb8e42cb)
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Inl(Hook.IEAT)] (explorer.exe @ msctf.dll) user32!PeekMessageA : Unknown @ 0x7ff8913b0d1b (jmp 0xffffffffcb8e47db)
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d38d60
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d10200
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9af10
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a720
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a4c0
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d0d620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d0d6a0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d4a660
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d463e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4da6c40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4da70c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d33d40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb77c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb76f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02540
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe720
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d37ca0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d4bb90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d30630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c96f90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9af10
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a4c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02cc0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02510
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbda60
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3a90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d33d40
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02cc0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb40
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02510
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d33d40
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4cfbb10
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09360
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02540
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec070
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cf8440
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d33d40
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce41a0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7e40
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd9ce0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d0d610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb77c0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbda60
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb76f0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3a90
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02540
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ ClassicStartMenuDLL.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdcc30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d14150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d30630
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!GetCurrentPackageInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d14230
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ Windows.UI.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ FileMarkerShlExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ imapi2fs.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ imapi2fs.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34db0
[IAT:Addr] (explorer.exe @ fontext.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ zipfldr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ zlavscan.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ zlavscan.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ zlavscan.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ zlavscan.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce41a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7e40
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd9c90
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ UnlockerExtension64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ TRIntegration.x64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ ShellEx64_103.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ ShellEx64_103.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec5f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02cc0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb40
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02510
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce10f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cc1dc0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a880
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d0c3b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c991f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9a720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c978a0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9af10
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c9ab50
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d09240
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c94b00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c94c20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d13590
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8c7c96f90
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d0f4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdcc30
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34e80
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cec980
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02ad0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d388f0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cdeb30
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d02540
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3a90
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbda60
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb76f0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb77c0
[IAT:Addr] (explorer.exe @ ClassicExplorer64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d34dc0
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8c4d0cd10
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7df0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce4030
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d12190
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d121d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff8c7d11a00
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cd7fc0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb55d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cb3cf0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8c7caba80
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbe900
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7ce9d20
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cfd220
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8c7cbee00
[IAT:Addr] (firefox.exe) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Inl] (firefox.exe) kernel32!GetFileAttributesW : C:\Windows\System32\KERNELBASE.dll @ 0x7637fc20 (jmp dword [0x76fb03cc])
[IAT:Inl] (firefox.exe) kernel32!SetFilePointerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7638cec0 (jmp dword [0x76fb0464])
[IAT:Inl] (firefox.exe) kernel32!ReadFile : C:\Windows\System32\KERNELBASE.dll @ 0x7637f0c0 (jmp dword [0x76fb043c])
[IAT:Inl] (firefox.exe) kernel32!CreateFileW : C:\Windows\System32\KERNELBASE.dll @ 0x7637d7b0 (jmp dword [0x76fb03fc])
[IAT:Inl] (firefox.exe) kernel32!CloseHandle : C:\Windows\System32\KERNELBASE.dll @ 0x7637e050 (jmp dword [0x76fb0504])
[IAT:Inl] (firefox.exe) kernel32!IsDebuggerPresent : C:\Windows\System32\KERNELBASE.dll @ 0x76396580 (jmp dword [0x76fb02ec])
[IAT:Inl] (firefox.exe) kernel32!RaiseException : C:\Windows\System32\KERNELBASE.dll @ 0x7638da90 (jmp dword [0x76fb0324])
[IAT:Inl] (firefox.exe) kernel32!GetLastError : C:\Windows\System32\KERNELBASE.dll @ 0x7637f370 (jmp dword [0x76fb0338])
[IAT:Inl] (firefox.exe) kernel32!GetCommandLineW : C:\Windows\System32\KERNELBASE.dll @ 0x76396540 (jmp dword [0x76fb087c])
[IAT:Addr] (firefox.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Inl] (firefox.exe) kernel32!SetLastError : C:\Windows\System32\ntdll.dll @ 0x77be9f20 (jmp dword [0x76fb121c])
[IAT:Inl] (firefox.exe) kernel32!GetProcessHeap : C:\Windows\System32\KERNELBASE.dll @ 0x7638a120 (jmp dword [0x76fb053c])
[IAT:Inl] (firefox.exe) kernel32!GetFileType : C:\Windows\System32\KERNELBASE.dll @ 0x7638e5e0 (jmp dword [0x76fb03e4])
[IAT:Addr] (firefox.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe) kernel32!GetStartupInfoW : C:\Windows\System32\KERNELBASE.dll @ 0x76392c00 (jmp dword [0x76fb096c])
[IAT:Inl] (firefox.exe) kernel32!WriteFile : C:\Windows\System32\KERNELBASE.dll @ 0x7637d0f0 (jmp dword [0x76fb0478])
[IAT:Inl] (firefox.exe) kernel32!GetSystemTimeAsFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x7638a600 (jmp dword [0x76fb0c40])
[IAT:Inl] (firefox.exe) kernel32!GetEnvironmentStringsW : C:\Windows\System32\KERNELBASE.dll @ 0x76388730 (jmp dword [0x76fb0844])
[IAT:Inl] (firefox.exe) kernel32!GetACP : C:\Windows\System32\KERNELBASE.dll @ 0x76392120 (jmp dword [0x76fb06c8])
[IAT:Inl] (firefox.exe) kernel32!GetOEMCP : C:\Windows\System32\KERNELBASE.dll @ 0x763ac9a0 (jmp dword [0x76fb0684])
[IAT:Addr] (firefox.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Inl] (firefox.exe) kernel32!RtlUnwind : C:\Windows\System32\ntdll.dll @ 0x77bf3f80 (jmp dword [0x76fb0b0c])
[IAT:Inl] (firefox.exe) kernel32!InitializeCriticalSectionAndSpinCount : C:\Windows\System32\KERNELBASE.dll @ 0x7638c7f0 (jmp dword [0x76fb0ba8])
[IAT:Inl] (firefox.exe) kernel32!Sleep : C:\Windows\System32\KERNELBASE.dll @ 0x7638a6b0 (jmp dword [0x76fb0138])
[IAT:Inl] (firefox.exe) kernel32!TlsAlloc : C:\Windows\System32\KERNELBASE.dll @ 0x7638deb0 (jmp dword [0x76fb098c])
[IAT:Addr] (firefox.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Inl] (firefox.exe) kernel32!OutputDebugStringW : C:\Windows\System32\KERNELBASE.dll @ 0x7639e330 (jmp dword [0x76fb02e4])
[IAT:Inl] (firefox.exe) kernel32!GetConsoleCP : C:\Windows\System32\KERNELBASE.dll @ 0x763eaa60 (jmp dword [0x76fb0210])
[IAT:Inl] (firefox.exe) kernel32!GetConsoleMode : C:\Windows\System32\KERNELBASE.dll @ 0x763830a0 (jmp dword [0x76fb0208])
[IAT:Addr] (firefox.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Inl] (firefox.exe) kernel32!ReadConsoleW : C:\Windows\System32\KERNELBASE.dll @ 0x763eb680 (jmp dword [0x76fb01ec])
[IAT:Inl] (firefox.exe) kernel32!FlushFileBuffers : C:\Windows\System32\KERNELBASE.dll @ 0x76380fb0 (jmp dword [0x76fb03a4])
[IAT:Inl] (firefox.exe) kernel32!WriteConsoleW : C:\Windows\System32\KERNELBASE.dll @ 0x763eb790 (jmp dword [0x76fb01e0])
[IAT:Inl] (firefox.exe) kernel32!SetEndOfFile : C:\Windows\System32\KERNELBASE.dll @ 0x763949b0 (jmp dword [0x76fb0450])
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!NtMapViewOfSection : C:\Windows\System32\hmpalert.dll @ 0x744bbd20 (jmp 0xfc8b4ed0)
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!NtUnmapViewOfSection : C:\Windows\System32\hmpalert.dll @ 0x744bc130 (jmp 0xfc8b52c0)
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Windows\System32\hmpalert.dll @ 0x744bb690 (jmp 0xfc8b45c0)
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files (x86)\Mozilla Firefox\mozglue.dll @ 0x68f5af72 (jmp 0xf137c912)
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!NtFreeVirtualMemory : C:\Windows\System32\hmpalert.dll @ 0x744bb580 (jmp 0xfc8b47d0)
[IAT:Inl] (firefox.exe @ kernel32.dll) ntdll!NtAllocateVirtualMemory : C:\Windows\System32\hmpalert.dll @ 0x744bb1e0 (jmp 0xfc8b44b0)
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!CreateEventW : C:\Windows\System32\KERNELBASE.dll @ 0x7637d270 (jmp dword [0x76fb0bc8])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!WaitForMultipleObjects : C:\Windows\System32\KERNELBASE.dll @ 0x7638a3b0 (jmp dword [0x76fb0c00])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!SetEvent : C:\Windows\System32\KERNELBASE.dll @ 0x7638c700 (jmp dword [0x76fb0b80])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetFileSize : C:\Windows\System32\KERNELBASE.dll @ 0x7638c3b0 (jmp dword [0x76fb03d4])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetTickCount : C:\Windows\System32\KERNELBASE.dll @ 0x76387080 (call dword [0x76fb0c2c])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!CreateTimerQueue : C:\Windows\System32\KERNELBASE.dll @ 0x76408060 (jmp dword [0x76fb0cb4])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!SetWaitableTimer : C:\Windows\System32\KERNELBASE.dll @ 0x76397120 (jmp dword [0x76fb0b7c])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!ResetEvent : C:\Windows\System32\KERNELBASE.dll @ 0x7638d890 (jmp dword [0x76fb0b84])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!WaitForSingleObject : C:\Windows\System32\KERNELBASE.dll @ 0x7637e120 (jmp dword [0x76fb0b70])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!OutputDebugStringA : C:\Windows\System32\KERNELBASE.dll @ 0x7639e420 (jmp dword [0x76fb02e8])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetSystemInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7638d080 (jmp dword [0x76fb0c14])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetLogicalDriveStringsW : C:\Windows\System32\KERNELBASE.dll @ 0x763ad680 (jmp dword [0x76fb0418])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!QueryDosDeviceW : C:\Windows\System32\KERNELBASE.dll @ 0x763aae60 (jmp dword [0x76fb0438])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetNativeSystemInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7638d020 (jmp dword [0x76fb0c30])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!FindFirstFileW : C:\Windows\System32\KERNELBASE.dll @ 0x763807a0 (jmp dword [0x76fb0398])
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!FindClose : C:\Windows\System32\KERNELBASE.dll @ 0x7638d3e0 (jmp dword [0x76fb03b4])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetLocalTime : C:\Windows\System32\KERNELBASE.dll @ 0x7638adf0 (jmp dword [0x76fb0c5c])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77beb8f0
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x77bf66e0
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x77bf6db0
[IAT:Inl] (firefox.exe @ hmpalert.dll) kernel32!GetCommandLineA : C:\Windows\System32\KERNELBASE.dll @ 0x76396610 (jmp dword [0x76fb0874])
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ hmpalert.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ mozglue.dll) kernel32!GetSystemTime : C:\Windows\System32\KERNELBASE.dll @ 0x7638d8f0 (jmp dword [0x76fb0c38])
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!AreFileApisANSI : C:\Windows\System32\KERNELBASE.dll @ 0x7639f840 (jmp dword [0x76fb0068])
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FindFirstFileExA : C:\Windows\System32\KERNELBASE.dll @ 0x7640d930 (jmp dword [0x76fb0390])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FindNextFileA : C:\Windows\System32\KERNELBASE.dll @ 0x76392ab0 (jmp dword [0x76fb03e0])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FindFirstFileExW : C:\Windows\System32\KERNELBASE.dll @ 0x763807c0 (jmp dword [0x76fb0394])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FindNextFileW : C:\Windows\System32\KERNELBASE.dll @ 0x7637cab0 (jmp dword [0x76fb03a0])
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77bf81b0
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FileTimeToSystemTime : C:\Windows\System32\KERNELBASE.dll @ 0x7638b0f0 (jmp dword [0x76fb0cd8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetDiskFreeSpaceA : C:\Windows\System32\KERNELBASE.dll @ 0x7640e230 (jmp dword [0x76fb03a8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetFullPathNameA : C:\Windows\System32\KERNELBASE.dll @ 0x76399a70 (jmp dword [0x76fb0410])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetFileAttributesExW : C:\Windows\System32\KERNELBASE.dll @ 0x76380690 (jmp dword [0x76fb03c8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!SetFileAttributesW : C:\Windows\System32\KERNELBASE.dll @ 0x763ab800 (jmp dword [0x76fb0458])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetFullPathNameW : C:\Windows\System32\KERNELBASE.dll @ 0x763919e0 (jmp dword [0x76fb0414])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!CreateDirectoryW : C:\Windows\System32\KERNELBASE.dll @ 0x76380110 (jmp dword [0x76fb03b8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!RemoveDirectoryW : C:\Windows\System32\KERNELBASE.dll @ 0x763968c0 (jmp dword [0x76fb044c])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetDriveTypeW : C:\Windows\System32\KERNELBASE.dll @ 0x7638d530 (jmp dword [0x76fb03bc])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!DeleteFileW : C:\Windows\System32\KERNELBASE.dll @ 0x763a9ce0 (jmp dword [0x76fb03f0])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetTempPathA : C:\Windows\System32\KERNELBASE.dll @ 0x7640e4e0 (jmp dword [0x76fb04a8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetTempPathW : C:\Windows\System32\KERNELBASE.dll @ 0x76394c70 (jmp dword [0x76fb0420])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!DuplicateHandle : C:\Windows\System32\KERNELBASE.dll @ 0x7636d390 (jmp dword [0x76fb0500])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!LocalFileTimeToFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x763a2370 (jmp dword [0x76fb042c])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!SetFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x763a33f0 (jmp dword [0x76fb0468])
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77bec980
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x77bf6db0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x77bec9a0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77bedb60
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!WaitForSingleObjectEx : C:\Windows\System32\KERNELBASE.dll @ 0x7637e140 (jmp dword [0x76fb0b6c])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!SwitchToThread : C:\Windows\System32\KERNELBASE.dll @ 0x76393870 (jmp dword [0x76fb08f4])
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77beb8f0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x77bf66e0
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!ReleaseSemaphore : C:\Windows\System32\KERNELBASE.dll @ 0x7638e4b0 (jmp dword [0x76fb0b88])
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!FileTimeToLocalFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x7639a300 (jmp dword [0x76fb03ec])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetFileInformationByHandle : C:\Windows\System32\KERNELBASE.dll @ 0x763936a0 (jmp dword [0x76fb03d0])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetNumberOfConsoleInputEvents : C:\Windows\System32\KERNELBASE.dll @ 0x763eac50 (jmp dword [0x76fb0200])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!PeekConsoleInputA : C:\Windows\System32\KERNELBASE.dll @ 0x763e9f30 (jmp dword [0x76fb01fc])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!ReadConsoleInputA : C:\Windows\System32\KERNELBASE.dll @ 0x763e9f90 (jmp dword [0x76fb01f4])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!SetConsoleMode : C:\Windows\System32\KERNELBASE.dll @ 0x763eae80 (jmp dword [0x76fb01e4])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!ReadConsoleInputW : C:\Windows\System32\KERNELBASE.dll @ 0x763ea020 (jmp dword [0x76fb01f0])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!LockFileEx : C:\Windows\System32\KERNELBASE.dll @ 0x7638e190 (jmp dword [0x76fb0434])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!UnlockFileEx : C:\Windows\System32\KERNELBASE.dll @ 0x76392170 (jmp dword [0x76fb0474])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!CreateSemaphoreW : C:\Windows\System32\KERNELBASE.dll @ 0x76396850 (jmp dword [0x76fb0c04])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!SetConsoleCtrlHandler : C:\Windows\System32\KERNELBASE.dll @ 0x76395d30 (jmp dword [0x76fb01e8])
[IAT:Inl] (firefox.exe @ msvcr120.dll) kernel32!GetUserDefaultLCID : C:\Windows\System32\KERNELBASE.dll @ 0x76388250 (jmp dword [0x76fb0604])
[IAT:Inl] (firefox.exe @ msvcp120.dll) kernel32!CopyFileW : C:\Windows\System32\KERNELBASE.dll @ 0x7639a900 (jmp dword [0x76fb04f0])
[IAT:Inl] (firefox.exe @ msvcp120.dll) kernel32!GetDiskFreeSpaceExW : C:\Windows\System32\KERNELBASE.dll @ 0x763941a0 (jmp dword [0x76fb03b0])
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!SetFilePointer : C:\Windows\System32\KERNELBASE.dll @ 0x76389bc0 (jmp dword [0x76fb0460])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77beb8f0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!UnlockFile : C:\Windows\System32\KERNELBASE.dll @ 0x763a1a20 (jmp dword [0x76fb0470])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!LockFile : C:\Windows\System32\KERNELBASE.dll @ 0x763a01e0 (jmp dword [0x76fb0430])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!GetFileAttributesA : C:\Windows\System32\KERNELBASE.dll @ 0x76383690 (jmp dword [0x76fb03c0])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!GetDiskFreeSpaceW : C:\Windows\System32\KERNELBASE.dll @ 0x7639ee80 (jmp dword [0x76fb0408])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!CreateMutexW : C:\Windows\System32\KERNELBASE.dll @ 0x7637cf70 (jmp dword [0x76fb0bf8])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!DeleteFileA : C:\Windows\System32\KERNELBASE.dll @ 0x763a85f0 (jmp dword [0x76fb03f4])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!DebugBreak : C:\Windows\System32\KERNELBASE.dll @ 0x764082a0 (jmp dword [0x76fb02f0])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!GetEnvironmentStrings : C:\Windows\System32\KERNELBASE.dll @ 0x7640d560 (jmp dword [0x76fb0860])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!SetHandleInformation : C:\Windows\System32\KERNELBASE.dll @ 0x7636c600 (jmp dword [0x76fb0508])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!GetFileAttributesExA : C:\Windows\System32\KERNELBASE.dll @ 0x76384120 (jmp dword [0x76fb03c4])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!CreateDirectoryA : C:\Windows\System32\KERNELBASE.dll @ 0x76396a50 (jmp dword [0x76fb0490])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!FindFirstFileA : C:\Windows\System32\KERNELBASE.dll @ 0x76383aa0 (jmp dword [0x76fb038c])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!GetHandleInformation : C:\Windows\System32\KERNELBASE.dll @ 0x76394660 (jmp dword [0x76fb04fc])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!RemoveDirectoryA : C:\Windows\System32\KERNELBASE.dll @ 0x7640b410 (jmp dword [0x76fb0448])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!CreateFileA : C:\Windows\System32\KERNELBASE.dll @ 0x76394bc0 (jmp dword [0x76fb0404])
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!CreateMutexA : C:\Windows\System32\KERNELBASE.dll @ 0x763a71a0 (jmp dword [0x76fb0bc4])
[IAT:Inl] (firefox.exe @ nss3.dll) kernel32!ReleaseMutex : C:\Windows\System32\KERNELBASE.dll @ 0x76389e90 (jmp dword [0x76fb0b8c])
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x77bd7610
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!SleepEx : C:\Windows\System32\KERNELBASE.dll @ 0x7638a6d0 (jmp dword [0x76fb0b78])
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!GetThreadUILanguage : C:\Windows\System32\KERNELBASE.dll @ 0x763aa190 (jmp dword [0x76fb066c])
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x77bfac60
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!GetFileSizeEx : C:\Windows\System32\KERNELBASE.dll @ 0x763940d0 (jmp dword [0x76fb03d8])
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!CompareFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x76392130 (jmp dword [0x76fb0494])
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!GetVolumeInformationW : C:\Windows\System32\KERNELBASE.dll @ 0x763aa270 (jmp dword [0x76fb0428])
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77bb6240
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77bbf470
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77bbf3d0
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!SetFileInformationByHandle : C:\Windows\System32\KERNELBASE.dll @ 0x7639eb90 (jmp dword [0x76fb045c])
[IAT:Inl] (firefox.exe @ advapi32.dll) kernel32!GetFileTime : C:\Windows\System32\KERNELBASE.dll @ 0x76393a60 (jmp dword [0x76fb03dc])
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Inl] (firefox.exe @ winmm.dll) user32!PeekMessageW : C:\Windows\System32\hmpalert.dll @ 0x744cedf0 (jmp 0xfcbd21e0)
[IAT:Inl] (firefox.exe @ winmm.dll) user32!GetMessageA : C:\Windows\System32\hmpalert.dll @ 0x744cee80 (jmp 0xfcbc0d40)
[IAT:Inl] (firefox.exe @ winmm.dll) user32!CreateWindowExA : C:\Program Files (x86)\Mozilla Firefox\xul.dll @ 0x640dfd98 (jmp 0xec7c8e58)
[IAT:Inl] (firefox.exe @ winmm.dll) user32!PeekMessageA : C:\Windows\System32\hmpalert.dll @ 0x744ced60 (jmp 0xfcbd2310)
[IAT:Addr] (firefox.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77c1ab40
[IAT:Inl] (firefox.exe @ imm32.dll) user32!CreateWindowExW : C:\Program Files (x86)\Mozilla Firefox\xul.dll @ 0x63d36dab (jmp 0xec43d53b)
[IAT:Addr] (firefox.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Inl] (firefox.exe @ imm32.dll) kernel32!RtlCaptureContext : C:\Windows\System32\ntdll.dll @ 0x77c1b6e0 (jmp dword [0x76fb0b08])
[IAT:Addr] (firefox.exe @ imm32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ imm32.dll) kernel32!GetProcessMitigationPolicy : C:\Windows\System32\KERNELBASE.dll @ 0x76393110
[IAT:Inl] (firefox.exe @ imm32.dll) kernel32!GetThreadLocale : C:\Windows\System32\KERNELBASE.dll @ 0x763931c0 (jmp dword [0x76fb060c])
[IAT:Inl] (firefox.exe @ imm32.dll) kernel32!GetSystemDefaultLCID : C:\Windows\System32\KERNELBASE.dll @ 0x76386ae0 (jmp dword [0x76fb0610])
[IAT:Addr] (firefox.exe @ imm32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x77bd7610
[IAT:Inl] (firefox.exe @ KeyCrypt32(2).dll) kernel32!OpenEventW : C:\Windows\System32\KERNELBASE.dll @ 0x7637d4d0 (jmp dword [0x76fb0b9c])
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ KeyCrypt32(2).dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ sandboxbroker.dll) advapi32!RevertToSelf : C:\Windows\System32\KERNELBASE.dll @ 0x763929c0 (jmp dword [0x76f1f4c0])
[IAT:Inl] (firefox.exe @ sandboxbroker.dll) advapi32!RegDisablePredefinedCache : C:\Windows\System32\KERNELBASE.dll @ 0x763edee0 (call dword [0x76f1f1b8])
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!GetUserDefaultLangID : C:\Windows\System32\KERNELBASE.dll @ 0x763a3c20 (jmp dword [0x76fb0608])
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!CreateEventA : C:\Windows\System32\KERNELBASE.dll @ 0x7638cac0 (jmp dword [0x76fb0bd4])
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77beb8f0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!GetTempFileNameW : C:\Windows\System32\KERNELBASE.dll @ 0x763a2830 (jmp dword [0x76fb041c])
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!GetSystemDefaultLangID : C:\Windows\System32\KERNELBASE.dll @ 0x76398d80 (jmp dword [0x76fb067c])
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x77bf66e0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77bec980
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77bedb60
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!AttachConsole : C:\Windows\System32\KERNELBASE.dll @ 0x763e9640 (jmp dword [0x76fb0254])
[IAT:Inl] (firefox.exe @ xul.dll) kernel32!AllocConsole : C:\Windows\System32\KERNELBASE.dll @ 0x763e95d0 (jmp dword [0x76fb0214])
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x77bf6db0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!SetCriticalSectionSpinCount : C:\Windows\System32\ntdll.dll @ 0x77bf58c0
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77c1ab40
[IAT:Inl] (firefox.exe @ xul.dll) user32!GetMessageW : C:\Windows\System32\hmpalert.dll @ 0x744cef10 (jmp 0xfcbb9fa0)
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77bfa040
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x77c05940
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77bc2280
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77bbb350
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.dll @ 0x748b2a60
[IAT:Inl] (firefox.exe @ xul.dll) shell32!SHAddToRecentDocs : C:\Windows\System32\windows.storage.dll @ 0x77181980 (jmp dword [0x750b2fdc])
[IAT:Addr] (firefox.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77c1ab40
[IAT:Inl] (firefox.exe @ shell32.dll) user32!IsDialogMessageW : C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll @ 0x65db40f0 (ret)
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77c1ab40
[IAT:Addr] (firefox.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Inl] (firefox.exe @ setupapi.dll) kernel32!GetSystemDefaultUILanguage : C:\Windows\System32\KERNELBASE.dll @ 0x763960d0 (jmp dword [0x76fb0160])
[IAT:Addr] (firefox.exe @ icuin56.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ icuin56.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Inl] (firefox.exe @ freebl3.dll) kernel32!GetVolumeInformationA : C:\Windows\System32\KERNELBASE.dll @ 0x7639cff0 (jmp dword [0x76fb04a4])
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ freebl3.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.dll @ 0x748b2a60
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77bf81b0
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7638c500
[IAT:Addr] (firefox.exe @ aticfx32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7638c500
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ atiuxpag.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x76407f20
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77bf2020
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77bed000
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77bf9080
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77bfc710
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77bf0070
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77befe50
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77bf81b0
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7638c500
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77bc6b50
[IAT:Addr] (firefox.exe @ atidxx32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77bca010
[IAT:Addr] (firefox.exe @ atidxx32.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77bbb590
[IAT:Addr] (firefox.exe @ atidxx32.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77bc1e30
[IAT:Addr] (firefox.exe @ atidxx32.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77bedc10
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ evr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Inl] (firefox.exe @ explorerframe.dll) shell32!SHGetFolderPathEx : C:\Windows\System32\windows.storage.dll @ 0x77218bf0 (jmp dword [0x750b302c])
[IAT:Inl] (firefox.exe @ explorerframe.dll) shell32!SHGetKnownFolderItem : C:\Windows\System32\windows.storage.dll @ 0x77256460 (jmp dword [0x750b3034])
[IAT:Inl] (firefox.exe @ explorerframe.dll) shell32!SHGetKnownFolderIDList : C:\Windows\System32\windows.storage.dll @ 0x77231440 (jmp dword [0x750b3030])
[IAT:Inl] (firefox.exe @ explorerframe.dll) kernel32!GetUserDefaultUILanguage : C:\Windows\System32\KERNELBASE.dll @ 0x7638b7b0 (jmp dword [0x76fb015c])
[IAT:Inl] (firefox.exe @ explorerframe.dll) kernel32!ReleaseActCtx : C:\Windows\System32\KERNELBASE.dll @ 0x7639d380 (jmp dword [0x76fb0b38])
[IAT:Addr] (firefox.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77c1ab40
[IAT:Addr] (firefox.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Inl] (firefox.exe @ d3dcompiler_47.dll) kernel32!GetVersion : C:\Windows\System32\KERNELBASE.dll @ 0x76394400 (jmp dword [0x76fb0c44])
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x77bd7610
[IAT:Inl] (firefox.exe @ quartz.dll) kernel32!CreateSemaphoreExW : C:\Windows\System32\KERNELBASE.dll @ 0x763805f0 (jmp dword [0x76fb0bb4])
[IAT:Inl] (firefox.exe @ quartz.dll) kernel32!WaitForMultipleObjectsEx : C:\Windows\System32\KERNELBASE.dll @ 0x7638a3e0 (jmp dword [0x76fb0b74])
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ quartz.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77bc1e30
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77bbb590
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77bedc10
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x77bf6970
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x77befe90
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77bcdc00
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9f70
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bd9ef0
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bc3680
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77bec960
[IAT:Addr] (firefox.exe @ qasf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77c1ab50

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] b0d96166a3b292456072c44cbd1b943c
[BSP] b48cb73b8fb2ce5c05079217220feea7 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 938533 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1925212160 | Size: 450 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] 14e1329e36e5aa5da17aba97aedb1841
[BSP] 3fab0dc8f8592463897362a03edd8ac2 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953835 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: HP Photosmart C3170 USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: SDXC Card +++++
--- User ---
[MBR] a9c7ad7c5cacdaef050a2bc5ffe9be51
[BSP] 2995b0fbf3d51898c15356c556deae6e : Compressed BootMgr|VT.Unknown MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: SanDisk Wireless Stick USB Device +++++
--- User ---
[MBR] b4f914100139851e558d1e31f5275c8f
[BSP] 6911965e36d01c16225123b23eea5507 : HP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 32768 | Size: 121910 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] e0a63c26a8e1cd27f90aee53bdafc380
[BSP] bbadeeec882bdfaffc99e8019fa622af : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 137 | Size: 1875 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: GENPLUS USB-MSDC DISK A USB Device +++++
--- User ---
[MBR] 9f07d74fcaa0c3fde600433bd4fd6561
[BSP] c08395ec2a50e43581b9ff1bafd26521 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 3785 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] a59ef550b0340d76678c96cc87db5bcc
[BSP] 55f0fc2264944cba60d568d40348934c : Compressed BootMgr|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x75) [VISIBLE] Offset (sectors): 1970237472 | Size: 831044 MB
1 - [XXXXXX] UNKNOWN (0x72) [VISIBLE] Offset (sectors): 1929382413 | Size: 953932 MB
3 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 27394442 | Size: 0 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité