cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.3.5.0 (x64) [Jun 22 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 06/22/2016 18:23:08

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 2 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Run | USBListener : C:\Users\jean-\AppData\Local\Temp\{438E237C-C9D2-4803-A1FE-EE77D929E548}\USBListener.exe -autorun [x][x] -> Supprimé(e)
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Run | USBListener : C:\Users\jean-\AppData\Local\Temp\{438E237C-C9D2-4803-A1FE-EE77D929E548}\USBListener.exe -autorun [x][x] -> ERROR [2]

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 1122 (Driver: Chargé) ¤¤¤
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c38770
[IRP:Addr] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff80046c7c4c0
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff8025fb4fa00
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899a640
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8996ef0
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895cd10
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8960c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8996ef0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f8ef0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28aa80
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2fc050
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffdc83a1a10
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8988d40
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895d620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895d6a0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899a640
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89963c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f6c50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f70d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae420
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a7b0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8987c80
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899bb70
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8980610
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc286ed0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc894bb10
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dbd20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2e80f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c9910
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895d610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8960be0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8964150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8980610
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895cd10
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c98c0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8964150
[IAT:Addr] (explorer.exe @ oledlg.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!GetNamedPipeInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f2480
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a7b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2fc050
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffdcc289120
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2877e0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28aa80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f8ef0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ffdcc284a40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc284b60
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc303220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc286ed0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae420
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ff160
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324b00
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ chartv.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!GetCurrentPackageInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8964230
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c98c0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3b50
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ NPSMDesktopProvider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ Windows.UI.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899a640
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8996ef0
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc895cd10
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8960c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8996ef0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f8ef0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28aa80
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2fc050
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ a2hooks64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ a2hooks64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffdc83a1a10
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8988d40
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ tiptsf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c98c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3b50
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8987c80
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899bb70
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ A2CONTMENU64.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8964150
[IAT:Addr] (explorer.exe @ oledlg.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324b00
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c98c0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ IObitUnlockerExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!GetNamedPipeInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f2480
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ atl90.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a7b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2fc050
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffdcc289120
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2877e0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28aa80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f8ef0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ffdcc284a40
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc284b60
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc303220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc286ed0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae420
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ff160
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (explorer.exe @ zipfldr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (explorer.exe @ playtomenu.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899bb70
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8987c80
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (explorer.exe @ PhotoViewer.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (explorer.exe @ d3d9.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (explorer.exe @ d3d9.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (explorer.exe @ PhotoBase.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (explorer.exe @ PhotoBase.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (explorer.exe @ PhotoBase.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (explorer.exe @ PhotoBase.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (firefox.exe @ a2hooks64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ a2hooks64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffdc83a1a10
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f8ef0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28aa80
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2fc050
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ mozglue.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ nss3.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ sandboxbroker.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ lgpllibs.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!SetCriticalSectionSpinCount : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f51b0
[IAT:Addr] (firefox.exe @ xul.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2650
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ xul.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cc860
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (firefox.exe @ xul.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffdc83a1a10
[IAT:Addr] (firefox.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ icuin56.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ icuin56.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ icuuc56.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ browsercomps.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ softokn3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ nssdbm3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ freebl3.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ freebl3.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffdc83a1a10
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ nssckbi.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (firefox.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc894bb10
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dbd20
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2e80f0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc2a0
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (firefox.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (firefox.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c9910
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ dxva2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ evr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ mozavutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ mozavcodec.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ quartz.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ quartz.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a70
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3e50
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c98c0
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c9910
[IAT:Addr] (firefox.exe @ quartz.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2cb260
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ qasf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ qasf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8988d40
[IAT:Addr] (firefox.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ffea0
[IAT:Addr] (firefox.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (firefox.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a650
[IAT:Addr] (firefox.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (firefox.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (firefox.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ tiptsf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8960c60
[IAT:Addr] (firefox.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8996ef0
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffdcc29b780
[IAT:Addr] (firefox.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (firefox.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (firefox.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7bf0
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffdcc3016a0
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e60
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffdcc301e20
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d3ce0
[IAT:Addr] (firefox.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2c7a20
[IAT:Addr] (firefox.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f6c50
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc89f70d0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d0d20
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8983d20
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a74c0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a73f0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21f0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a39f0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae420
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a7b0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2780
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8987c80
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc899bb70
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f9010
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffdc8980610
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffdcc286ed0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28ae40
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc28a3f0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc328570
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce760
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f2970
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ce770
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2f21c0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2dc630
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ad760
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a3790
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2eced0
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2d99d0
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2ae600
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2aeb00
[IAT:Addr] (firefox.exe @ d3dcompiler_47.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2a52d0
[IAT:Addr] (firefox.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffdcc2b1a70
[IAT:Addr] (firefox.exe @ Windows.UI.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40
[IAT:Addr] (firefox.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a30
[IAT:Addr] (firefox.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffdcc324a40

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 52aebf543b7cbeaf57fc2e788695ed81
[BSP] 020206d51f264a563d8cb350ddfffc9f : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 938983 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
--- User ---
[MBR] e87e08c1965c11f968b7a2d0a16a9a89
[BSP] b016245aef1f36fdc25638ef69fa9a30 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
1 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
2 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 2097152 MB
3 - [XXXXXX] UNKNOWN (0xff) [VISIBLE] Offset (sectors): 4294967295 | Size: 1167373 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: FixMeStick USB Device +++++
--- User ---
[MBR] 25d26b7361daffce84ceafb139365d38
[BSP] 5c5f20dd5139dc2e55aab34a1f6a3955 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] BOOTUS (0x45) [VISIBLE] Offset (sectors): 1936286752 | Size: 2092206 MB
1 - [XXXXXX] UNKNOWN (0x65) [VISIBLE] Offset (sectors): 1853169786 | Size: 913028 MB
2 - [XXXXXX] UNKNOWN (0x20) [VISIBLE] Offset (sectors): 1701978226 | Size: 798128 MB
3 - [XXXXXX] UNKNOWN (0xd) [VISIBLE] Offset (sectors): 0 | Size: 1693717 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] 66dd8372c0076289aa31638c7ac73594
[BSP] 01e39d5591cce60f60045e14737ad070 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 8129 | Size: 7385 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: General USB Flash Disk USB Device +++++
--- User ---
[MBR] 0f2aaf141ebd085f46940fe2e8305719
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 30751 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: FUJITSU MJA2500BH G2 USB Device +++++
--- User ---
[MBR] cfcf8bfc816e52e7a3a74904770a9069
[BSP] 9498aa5885dd9fe1147be463e1ca9ae7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM] | Offset (sectors): 2048 | Size: 1023 MB
1 - | Offset (sectors): 2097152 | Size: 360 MB
2 - | Offset (sectors): 2834432 | Size: 128 MB
3 - | Offset (sectors): 3096576 | Size: 334228 MB
4 - Basic data partition | Offset (sectors): 687597568 | Size: 17984 MB
5 - | Offset (sectors): 724430072 | Size: 123214 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] e603486357b443cec59a7b42d746d906
[BSP] b6f58b9976d7b7d9b0a169c783f82f36 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 8192 | Size: 30731 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: WD Elements 10A8 USB Device +++++
Error reading User MBR! ([1e3] Échec de la requête en raison d?une grave erreur matérielle de l?appareil. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive8: Sony Card R/W -CF USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive9: Sony Card R/W -SM/xD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive10: Sony Card R/W -SD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive11: Sony Card R/W -MS USB Device +++++
--- User ---
[MBR] 1594ecd6416c64d637647a2dbd1eb805
[BSP] cec432cdca1e3c3b7be20bd8d35ac1d7 : Legit.Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 60918 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité