cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.3.5.0 (x64) [Jun 22 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 06/27/2016 07:03:39

¤¤¤ Processus : 1 ¤¤¤
[VT.Generic14_c.CLNO] processclose_1.0.0.3.exe(12312) -- C:\Users\jean-\Downloads\processclose_1.0.0.3.exe[-] -> Tué(e) [TermProc]

¤¤¤ Registre : 2 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} (C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll) -> Supprimé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> Supprimé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 692 (Driver: Chargé) ¤¤¤
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b8808770
[IRP:Addr] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff801b884c4c0
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802408e36dc
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87492cd10
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874966f10
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87496a660
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ guard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ guard64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ user32.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ff878260200
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff878259240
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8781eab50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff87825c3b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr(Hook.IEAT)] (explorer.exe @ shlwapi.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ole32.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874930c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874966f10
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ shell32.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr(Hook.IEAT)] (explorer.exe @ uxtheme.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ dwmapi.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ msctf.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874958d60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ explorerframe.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ twinui.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ TaskbarBand64.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ GdiPlus.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ApplicationFrame.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87492d620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8749663e0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87492d6a0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ntshrui.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874953d40
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874953d40
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87491bb10
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff878252540
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff87823c070
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff878248440
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874953d40
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8782341a0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff878227e40
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ff878229ce0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8749c6c40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff8749c70c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874953d40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8782077c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8782076f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff878252540
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff87820e720
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874957ca0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87496bb90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874950630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8781e6f90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781eaf10
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea4c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff87820da60
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff878203a90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ieframe.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ stobject.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ batmeter.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87492d610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874930be0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ authui.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff87822cc30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874934150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874950630
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr(Hook.IEAT)] (explorer.exe @ hgcpl.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ duser.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ werconcpl.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!GetCurrentPackageInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874934230
[IAT:Addr(Hook.IEAT)] (explorer.exe @ Windows.Internal.Shell.Broker.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87492cd10
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ prnfldr.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ comsvcs.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874958d60
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8782341a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff878227e40
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff878229c90
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ IObitSmartDefragExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr(Hook.IEAT)] (explorer.exe @ IObitSmartDefragExtension.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff878203a90
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff87820da60
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!GetCurrentProcessorNumber : C:\Windows\System32\ntdll.dll @ 0x7ff878284cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781eaf10
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea4c0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!FlushProcessWriteBuffers : C:\Windows\System32\ntdll.dll @ 0x7ff878286c40
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ff8782529a0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ff8782622e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff878229c90
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff878227e40
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8782341a0
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ff878229ce0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ff878229ce0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ UninstallMenuRight.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr(Hook.IEAT)] (explorer.exe @ UninstallMenuRight.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ IMFShellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr(Hook.IEAT)] (explorer.exe @ IMFShellExt.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ FPSysExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ FPSysExtension.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr(Hook.IEAT)] (explorer.exe @ shellext.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea880
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff87825c3b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff8781e91f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff8781e78a0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781eaf10
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff8781eab50
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff878259240
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ff8781e4b00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8781e4c20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff878263590
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8781e6f90
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff87820e720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ff87825f4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff87822cc30
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff878259360
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ cavshell.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr(Hook.IEAT)] (explorer.exe @ cavshell.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr(Hook.IEAT)] (explorer.exe @ syncui.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284e90
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ ASCExtMenu_64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ASCExtMenu_64.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff878252ad0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff87823c980
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff878229c90
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff878227e40
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ff878233ea0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8782341a0
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ dui70.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ tiptsf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ EPTBL.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ EPTBL.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ EPTBL.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comdlg32.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ff878260200
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781eaf10
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea720
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff8781ea4c0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874934150
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff87823c5f0
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ UninstallExplorer.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff8782310f0
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ UninstallExplorer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff878229c90
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ff878233ea0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff8782341a0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff878227e40
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff87822cc30
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr(Hook.IEAT)] (explorer.exe @ UIRibbon.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff878252cc0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb40
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8782077c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff8782076f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff87820da60
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff878203a90
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874953d40
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff878252540
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ff874957ca0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ff87496bb90
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff878288900
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff87822eb30
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff878252510
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff878284dc0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff878284dd0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ NetworkExplorer.dll) gdi32!DeleteDC : Unknown @ 0x7ff8765d0000
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff878211dc0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff878227df0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff878234030
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff878262190
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff8782621d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff878261a00
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff878227fc0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff8782055d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff878203cf0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff8781fba80
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820e900
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff878239d20
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87824d220
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff87820ee00

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 52aebf543b7cbeaf57fc2e788695ed81
[BSP] 020206d51f264a563d8cb350ddfffc9f : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 565830 MB
4 - Basic data partition | Offset (sectors): 1161916416 | Size: 36822 MB
5 - Basic data partition | Offset (sectors): 1237327872 | Size: 336331 MB
6 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SDXC Card +++++
--- User ---
[MBR] 1594ecd6416c64d637647a2dbd1eb805
[BSP] cec432cdca1e3c3b7be20bd8d35ac1d7 : Legit.Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 60918 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] 14e1329e36e5aa5da17aba97aedb1841
[BSP] 3fab0dc8f8592463897362a03edd8ac2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953835 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité