cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.4.0.0 (x64) [Jul 18 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode sans échec prise en charge réseau
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 07/19/2016 11:47:48

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 3 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow\Software\adawarebp -> Non sélectionné
[PUP] (X86) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow\Software\adawarebp -> Non sélectionné
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Partizan (system32\drivers\Partizan.sys) -> Non sélectionné

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 2 ¤¤¤
[Hj.Shortcut][Fichier] C:\Users\jean-\Desktop\AdsFix_Donate.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN -> Non sélectionné
[PUP][Répertoire] C:\Program Files (x86)\IObit -> Non sélectionné

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 573 (Driver: Non chargé [0xc000035f]) ¤¤¤
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752dcd10
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75316f10
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe7531a660
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!LdrLoadDll : Unknown @ 0x7ffe752a0148 (jmp 0xfffffffffcf6f618)
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ ccavguard64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffe746a1a10
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffe783a0200
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe78399240
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe7832ab50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe7839c3b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x7ffe752a0110 (jmp 0xfffffffffced9f50)
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752e0c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75316f10
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75308d60
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752dd620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe753163e0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752dd6a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75376c40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe753770c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75303d40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffe783477c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffe783476f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffe78392540
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e720
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75307ca0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe7531bb90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffe78399360
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75300630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe78326f90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832af10
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a4c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffe7834da60
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffe78343a90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffe78399360
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752dd610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752e0be0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffe7836cc30
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x7ffe78372f00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffe7836cc30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752e4150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75300630
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dc0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ mfc90u.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ QtCore4.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffe783741a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffe78367e40
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffe78369c90
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!GetNamedPipeInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe75372470
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffe78343a90
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffe7834da60
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffe78399360
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!GetCurrentProcessorNumber : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832af10
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a4c0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!FlushProcessWriteBuffers : C:\Windows\System32\ntdll.dll @ 0x7ffe783c6c40
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffe783929a0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffe783a22e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffe78369c90
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffe78367e40
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffe783741a0
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffe78369ce0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb40
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffe78369ce0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe783c8900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb40
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffe7836eb30
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a880
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe7839c3b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffe783291f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffe783278a0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832af10
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe7832ab50
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffe78399240
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ffe78324b00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe78324c20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe783a3590
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe78326f90
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ffe7839f4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffe7836cc30
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffe78367fc0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffe78374030
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffe783a21d0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffe78367df0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffe783a1a00
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffe783a2190
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffe78399360
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ DTShl64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffe746a1a10
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c5f0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ ShellExtension.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffe783a0200
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832af10
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a720
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffe7832a4c0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752e4150
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffe78392cc0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffe78392510
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffe746a1a10
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4e90
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffe7833ba80
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe78343cf0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffe78369c90
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffe78367e40
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffe78373ea0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffe783741a0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffe752dcd10
[IAT:Addr] (explorer.exe @ Windows.Internal.Shell.Broker.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7838d220
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe78379d20
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe783710f0
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffe783455d0
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834ee00
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffe7834e900
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffe783c4dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe78392ad0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffe7837c980
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffe78351dc0

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 893980bed388c556b2366cd39027128a
[BSP] 020206d51f264a563d8cb350ddfffc9f : Empty MBR Code
Partition table:
0 - [SYSTEM] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 565830 MB
4 - Basic data partition | Offset (sectors): 1161916416 | Size: 30146 MB
5 - Basic data partition | Offset (sectors): 1223656570 | Size: 6675 MB
6 - | Offset (sectors): 1237327872 | Size: 256170 MB
7 - | Offset (sectors): 1761964032 | Size: 76501 MB
8 - | Offset (sectors): 1918638080 | Size: 3660 MB
9 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 12747 MB
10 - Basic data partition | Offset (sectors): 1952239616 | Size: 627 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD My Passport 0827 USB Device +++++
Error reading User MBR! ([57] Paramètre incorrect. )
Error reading LL1 MBR! ([79] Le délai de temporisation de sémaphore a expiré. )
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Sony Card R/W -CF USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Sony Card R/W -SM/xD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Sony Card R/W -SD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Sony Card R/W -MS USB Device +++++
--- User ---
[MBR] 1594ecd6416c64d637647a2dbd1eb805
[BSP] cec432cdca1e3c3b7be20bd8d35ac1d7 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 60918 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: FixMeStick USB Device +++++
--- User ---
[MBR] 25d26b7361daffce84ceafb139365d38
[BSP] 5c5f20dd5139dc2e55aab34a1f6a3955 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] BOOTUS (0x45) [VISIBLE] Offset (sectors): 1936286752 | Size: 2092206 MB
1 - [XXXXXX] UNKNOWN (0x65) [VISIBLE] Offset (sectors): 1853169786 | Size: 913028 MB
2 - [XXXXXX] UNKNOWN (0x20) [VISIBLE] Offset (sectors): 1701978226 | Size: 798128 MB
3 - [XXXXXX] UNKNOWN (0xd) [VISIBLE] Offset (sectors): 0 | Size: 1693717 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: SDHC Card +++++
--- User ---
[MBR] 8a82eff7c59f648e700c6216ec265868
[BSP] 5a814a908188e2c8d7b3e0f7408344a0 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8192 | Size: 15189 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité