cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.3.3.0 (x64) [Jun 13 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 06/15/2016 08:45:21

¤¤¤ Processus : 2 ¤¤¤
[VT.SystemHealer (fs)] HealerConsole.exe(6104) -- C:\Program Files (x86)\SystemHealer\HealerConsole.exe[7] -> Tué(e) [TermProc]
[Suspicious.Path] BCUSched.exe(6196) -- C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe[7] -> Tué(e) [TermProc]

¤¤¤ Registre : 5 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\ByteFence -> Supprimé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Supprimé(e)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 500 (Driver: Chargé) ¤¤¤
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192cc8770
[IRP:Addr] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80192d0c4c0
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80392af4a00
[Filter] \Driver\kbdclass @ : SpyshelterKb.sys @ (\??\C:\Program Files (x86)\SpyShelter Free Anti-keylogger\SpyshelterKb.sys)
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ea640
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56e6ef0
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56acd10
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!LdrLoadDll : Unknown @ 0x7fffe5670148 (jmp 0xfffffffffd08f928)
[IAT:Addr] (explorer.exe @ avcuf64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ avcuf64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ avcuf64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ avcuf64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ avcuf64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e760
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe8678570
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ ccavguard64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ ccavguard64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7fffe4951a10
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x7fffe5670110 (jmp 0xfffffffffcffa2e0)
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7fffe864fea0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe8648ef0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe85daa80
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe864c050
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ KeyCrypt64(1).dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56b0c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56e6ef0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d8d40
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe5746c50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe57470d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe8620d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d3d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fffe85f74c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7fffe85f73f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7fffe86421f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe420
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85da7b0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d7c80
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ebb70
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d0610
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85d6ed0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85dae40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85da3f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe8678570
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e760
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e770
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fffe85fd760
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fffe85f3790
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ad620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ad6a0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ea640
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56e63c0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d3d20
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d3d20
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe569bb10
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fffe86421f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fffe862bd20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7fffe86380f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d3d20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fffe8623e50
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a70
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7fffe8619910
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ DropboxExt64.34.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe8678570
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e770
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e760
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe8620d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe8620d20
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7fffe4951a10
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe8620d20
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7fffe861e760
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fffe8623e50
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a70
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7fffe86198c0
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ RarExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ RarExt.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7fffe4951a10
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7fffe862c2a0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7fffe8649010
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ SnagitShellExt64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7fffe4951a10
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56b4150
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe8620d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85da7b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe864c050
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fffe85d9120
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85da3f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85da650
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7fffe85d77e0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85dae40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe85daa80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7fffe8648ef0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7fffe85d4a40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85d4b60
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe8653220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85d6ed0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe420
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7fffe864f160
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fffe861c860
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7fffe8642970
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7fffe86421c0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7fffe4951a10
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674b00
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ad610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56b0be0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fffe861c860
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56b4150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d0610
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a30
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7fffe86198c0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a70
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7fffe8623b50
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fffe8623e50
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56acd10
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe863ced0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe86299d0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe600
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7fffe85feb00
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fffe85f3790
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7fffe85fd760
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56d7c80
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56ebb70
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85dae40
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85fe420
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85d6ed0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7fffe85da7b0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!SetThreadpoolTimerEx : C:\Windows\System32\ntdll.dll @ 0x7fffe85dae50
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7fffe85da650
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7fffe85da3f0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7fffe85eb780
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f39f0
[IAT:Addr] (explorer.exe @ wpdshext.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7fffe861c860
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7fffe86198c0
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a70
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7fffe8623b50
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7fffe8623e50
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!EventActivityIdControl : C:\Windows\System32\ntdll.dll @ 0x7fffe8640d40
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7fffe8617a20
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7fffe8623ce0
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e20
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7fffe8651e60
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7fffe86516a0
[IAT:Addr] (explorer.exe @ wpdshext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7fffe8617bf0
[IAT:Addr] (explorer.exe @ wpdshext.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe8642780
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7fffe862c630
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7fffe8674a40
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7fffe8601a70
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!GetCurrentPackageInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7fffe56b4230
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7fffe85f52d0

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 52aebf543b7cbeaf57fc2e788695ed81
[BSP] 020206d51f264a563d8cb350ddfffc9f : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 938983 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
--- User ---
[MBR] e87e08c1965c11f968b7a2d0a16a9a89
[BSP] b016245aef1f36fdc25638ef69fa9a30 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
1 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
2 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
3 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 1167373 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: FixMeStick USB Device +++++
--- User ---
[MBR] 25d26b7361daffce84ceafb139365d38
[BSP] 5c5f20dd5139dc2e55aab34a1f6a3955 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] BOOTUS (0x45) [VISIBLE] Offset (sectors): 1936286752 | Size: 2092206 MB
1 - [XXXXXX] UNKNOWN (0x65) [VISIBLE] Offset (sectors): 1853169786 | Size: 913028 MB
2 - [XXXXXX] UNKNOWN (0x20) [VISIBLE] Offset (sectors): 1701978226 | Size: 798128 MB
3 - [XXXXXX] UNKNOWN (0xd) [VISIBLE] Offset (sectors): 0 | Size: 1693717 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: FUJITSU MJA2500BH G2 USB Device +++++
--- User ---
[MBR] cfcf8bfc816e52e7a3a74904770a9069
[BSP] 9498aa5885dd9fe1147be463e1ca9ae7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM] | Offset (sectors): 2048 | Size: 1023 MB
1 - | Offset (sectors): 2097152 | Size: 360 MB
2 - | Offset (sectors): 2834432 | Size: 128 MB
3 - | Offset (sectors): 3096576 | Size: 334228 MB
4 - Basic data partition | Offset (sectors): 687597568 | Size: 17984 MB
5 - | Offset (sectors): 724430072 | Size: 123214 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] 66dd8372c0076289aa31638c7ac73594
[BSP] 01e39d5591cce60f60045e14737ad070 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 8129 | Size: 7385 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: General USB Flash Disk USB Device +++++
--- User ---
[MBR] 0f2aaf141ebd085f46940fe2e8305719
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 30751 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] e603486357b443cec59a7b42d746d906
[BSP] b6f58b9976d7b7d9b0a169c783f82f36 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 8192 | Size: 30731 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] 14e1329e36e5aa5da17aba97aedb1841
[BSP] 3fab0dc8f8592463897362a03edd8ac2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953835 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité