RKreport-DEL-03082016-204745.log

Document joint : FCit2fnqxbn_RKreport-DEL-03082016-204745.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.0.1.0 (x64) [Mar 7 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8 (6.2.9200) 64 bits version
Démarré en : Mode sans échec prise en charge réseau
Utilisateur : Jean-Marie [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 03/08/2016 20:47:45

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 0 ¤¤¤

¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\060184C3-9766-46a0-B258-F4518A0B2633.job -- C:\Windows\system32\cscript.exe ("C:\ProgramData\Duplicaterecord.js") -> Supprimé(e)

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 1176 (Driver: Non chargé [0x0]) ¤¤¤
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870c74
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f83a5e0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870d30
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ab60
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wtsapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ actxprxy.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ wpncore.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f82bd44
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb1405c
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb23860
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!UpdateProcThreadAttribute : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb216a0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb217c8
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ slc.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ slc.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ sppc.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ dxgi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!InitOnceInitialize : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ ELSCore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ InputSwitch.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ elslad.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ elslad.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ batmeter.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ batmeter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ batmeter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ batmeter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ batmeter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ prnfldr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ urlmon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ DXP.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825ae0
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ec0
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DXP.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fd4f8a28e0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x7fd4f864578
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ AltTab.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ AltTab.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ NcaApi.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ NcaApi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ NcaApi.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ Actioncenter.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ab60
[IAT:Addr] (explorer.exe @ Actioncenter.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ Actioncenter.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ linkinfo.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fd4f8a28e0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ sqmapi.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ sqmapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ sqmapi.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (explorer.exe @ sqmapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ sqmapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ sqmapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11620
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ NetworkExplorer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ wpnprv.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ mdnsNSP.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ ShellExtension.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wscapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ec0
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825ae0
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!IsThreadpoolTimerSet : C:\Windows\System32\ntdll.dll @ 0x7fd4f82c70c
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f82bd44
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb1405c
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ werconcpl.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ werconcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ wercplsupport.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ ninput.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ SearchFolder.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ oledlg.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ WINMMBASE.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ WINMMBASE.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ec0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825480
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825af0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825ae0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ec10
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ K7TSSExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ DefragglerShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821b95
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ synceng.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ synceng.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ synceng.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ synceng.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ RUExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ sfc_os.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870c74
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f83a5e0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870d30
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ explorerframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ab60
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ explorerframe.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ actxprxy.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ NetworkExplorer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ linkinfo.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ dlnashext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ dlnashext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (explorer.exe @ StructuredQuery.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ WINMMBASE.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ WINMMBASE.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (explorer.exe @ wtsapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ ShellExtension.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f82bd44
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb1405c
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb23860
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!UpdateProcThreadAttribute : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb216a0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb217c8
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ SearchFolder.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ SearchFolder.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (explorer.exe @ urlmon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (explorer.exe @ apprepapi.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (explorer.exe @ apprepapi.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (firefox.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fd4f833f80
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ec0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825480
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825af0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825ae0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ec10
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ winmm.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870c74
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f83a5e0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fd4f870d30
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ WINMMBASE.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ WINMMBASE.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f8278e0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ec10
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ec0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825ae0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fd4f825480
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!SetCriticalSectionSpinCount : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d640
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7fd4f89efb0
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fd4f8a28e0
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (firefox.exe @ icuin55.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ icuin55.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ icuuc55.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ icuuc55.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ icuuc55.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ icuuc55.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ icuuc55.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ ole32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ wtsapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe @ pdh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x7fd4f864578
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (firefox.exe @ pdh.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fd4f8a28e0
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d8c4
[IAT:Addr] (firefox.exe @ NapiNSP.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ NapiNSP.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ NapiNSP.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ NapiNSP.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ nlaapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ winrnr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ mdnsNSP.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ dxgi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ mscms.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ Wpc.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (firefox.exe @ Wpc.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7fd4f87cf98
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb7fff4
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f82bd44
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ Wpc.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ wevtapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ explorerframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ab60
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (firefox.exe @ explorerframe.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (firefox.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ab8
[IAT:Addr] (firefox.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ dui70.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fd4f82bd44
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb11be0
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fd4f82eff0
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb1405c
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f876a60
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fd4f82d950
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f876ea8
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ce58
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ca00
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f842290
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f876280
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fd4f843cec
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fd4f8763b8
[IAT:Addr] (firefox.exe @ wininet.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fd4f842f1c
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f82acd0
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!DeleteProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb23860
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!UpdateProcThreadAttribute : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb216a0
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!InitializeProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fd4cb217c8
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f841d88
[IAT:Addr] (firefox.exe @ iertutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fd4f82b4d0
[IAT:Addr] (firefox.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fd4f827740
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825290
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f8254d0
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fd4f825260
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fd4f825490
[IAT:Addr] (firefox.exe @ mfcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ evr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ evr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ evr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ evr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ evr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ evr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fd4f8643e8
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0ec
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fd4f8407fc
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d0b0
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fd4f86d11c
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fd4f8428f0
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (firefox.exe @ evr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ quartz.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fd4f840594
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fd4f85760c
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7fd4f82ab60
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fd4f842bb8
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fd4f825670
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f827860
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821010
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f821060
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fd4f82f160
[IAT:Addr] (firefox.exe @ qasf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9
[IAT:Addr] (firefox.exe @ linkinfo.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fd4f83f8b0
[IAT:Addr] (firefox.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fd4f821ac9

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] d8cd0d135dab489fc27707361f7d91a6
[BSP] 921c16db8e2729252f5298a5b0f07e55 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 938983 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
--- User ---
[MBR] a9c7ad7c5cacdaef050a2bc5ffe9be51
[BSP] 2995b0fbf3d51898c15356c556deae6e : Compressed BootMgr|VT.Unknown MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: SanDisk Wireless Stick USB Device +++++
--- User ---
[MBR] 3e35b5da3dc83d27236a118301e81e04
[BSP] a3656be45f8986c7fa7d82a59a22f9ae : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 32768 | Size: 121910 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Verbatim SECURE PRO USB Device +++++
--- User ---
[MBR] 38bf3f8f720510eb4c1cecd89e677556
[BSP] 23d6b28bdd44c014151fb0a55e00ca71 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 8064 | Size: 59020 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] 506def410dd750fdcbd11026e753657a
[BSP] c1e2e8a178b3490787352f2d2548c048 : HP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 127 | Size: 59043 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] 978e8658e72cf28bae84c9be1a2f11e4
[BSP] 9ab224430cae5d4642efe916dd8f39b0 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 123140273 | Size: 596 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] 542ab4d6e4b507d1b758de07a9aa3fe4
[BSP] 3fab0dc8f8592463897362a03edd8ac2 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM] | Offset (sectors): 2048 | Size: 1023 MB
1 - | Offset (sectors): 2097152 | Size: 360 MB
2 - | Offset (sectors): 2834432 | Size: 128 MB
3 - | Offset (sectors): 3096576 | Size: 593500 MB
4 - Basic data partition | Offset (sectors): 1218584576 | Size: 39688 MB
5 - Basic data partition | Offset (sectors): 1299865600 | Size: 39262 MB
6 - Basic data partition | Offset (sectors): 1380274176 | Size: 255238 MB
7 - pozer@go | Offset (sectors): 1903001600 | Size: 44 MB
8 - | Offset (sectors): 1903091712 | Size: 46 MB
9 - Basic data partition | Offset (sectors): 1903185920 | Size: 24544 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] 44ba9bb56d58f857b803bd90e41b3751
[BSP] 6baca5550ff3a4ec5818077949aa3286 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 59045 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive8: FUJITSU MJA2500BH G2 USB Device +++++
--- User ---
[MBR] 09d2efa86045735c8e6ca630e52632b0
[BSP] 9498aa5885dd9fe1147be463e1ca9ae7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] | Offset (sectors): 2834432 | Size: 128 MB
3 - | Offset (sectors): 3096576 | Size: 304352 MB
4 - Basic data partition | Offset (sectors): 626413568 | Size: 55734 MB
5 - Basic data partition | Offset (sectors): 740556800 | Size: 115340 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive9: HP Photosmart C3170 USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Signaler le contenu de ce document