RKreport-DEL-01202017-205524.log

Document joint : GBouiXKdDs7_RKreport-DEL-01202017-205524.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.9.4.0 [Jan 16 2017] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : widen-finalis [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Suppression -- Date : 01/20/2017 19:14:02 (Durée : 01:40:59)

¤¤¤ Processus : 1 ¤¤¤
[Suspicious.Path] (SVC) HWiNFO32 -- \??\C:\Users\WIDEN-~1\AppData\Local\Temp\HWiNFO32.SYS[x] -> Arrêté(e)

¤¤¤ Registre : 4 ¤¤¤
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9} (C:\PROGRA~1\DRIVER~1\DRIVER~1\CLMULT~1.OCX) -> Supprimé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HWiNFO32 (\??\C:\Users\WIDEN-~1\AppData\Local\Temp\HWiNFO32.SYS) -> Supprimé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\HWiNFO32 (\??\C:\Users\WIDEN-~1\AppData\Local\Temp\HWiNFO32.SYS) -> Supprimé(e)
[PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Supprimé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 1153 (Driver: Chargé) ¤¤¤
[SSDT:Inl] ZwDeleteAtom[99] : C:\Windows\System32\win32k.sys @ 0xffffffff90e98261 (call dword [0x81f4ad14])
[SSDT:Inl] ZwFlushWriteBuffer[129] : C:\Windows\System32\halmacpi.dll @ 0xffffffff82247468 (call dword [0x81e200b4])
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86d008ce
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86d008ce
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_READ[3] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_WRITE[4] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cec47c
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cec44e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cec4aa
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cfbdb2
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cfbd7e
[IRP:Addr(Microsoft)] \Driver\atapi - DriverUnload[29] : C:\Windows\System32\drivers\ataport.sys @ 0xffffffff86cfbde6
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86d9739f
[IRP:Addr(Microsoft)] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xffffffff86dae92b
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntkrnlpa.exe @ 0xffffffff81ed500e
[IAT:Addr] (explorer.exe) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe) ADVAPI32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x778c1bf9
[IAT:Addr] (explorer.exe) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Inl] (explorer.exe) kernel32!SetLastError : C:\Windows\System32\ntdll.dll @ 0x778e2d13 (jmp dword [0x777b1db8])
[IAT:Addr] (explorer.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Inl] (explorer.exe) GDI32!StretchBlt : C:\Windows\System32\cssguard32.dll @ 0x7573a870 (jmp 0xfe0cb440)
[IAT:Inl] (explorer.exe) GDI32!BitBlt : C:\Windows\System32\cssguard32.dll @ 0x7573a4d0 (jmp 0xfe0d3210)
[IAT:Inl] (explorer.exe) GDI32!GdiAlphaBlend : C:\Windows\System32\cssguard32.dll @ 0x7573b740 (jmp 0xfe0d342e)
[IAT:Inl] (explorer.exe) GDI32!DeleteDC : C:\Windows\System32\cssguard32.dll @ 0x7573bdc0 (jmp 0xfe0d4f16)
[IAT:Inl] (explorer.exe) USER32!SetThreadDesktop : C:\Windows\System32\cssguard32.dll @ 0x75741480 (jmp 0xffb25c8f)
[IAT:Inl(McAfee)] (explorer.exe) SHELL32!SHFileOperationW : C:\Program Files\Unlocker\UnlockerHook.dll @ 0x3b61102 (jmp 0x8d4d7a92)
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ADVAPI32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ GDI32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ GDI32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ GDI32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ GDI32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Inl] (explorer.exe @ USER32.dll) GDI32!GetPixel : C:\Windows\System32\cssguard32.dll @ 0x7573baf0 (jmp 0xfe0cec69)
[IAT:Inl] (explorer.exe @ USER32.dll) GDI32!CreateDCW : C:\Windows\System32\cssguard32.dll @ 0x7573a3b0 (jmp 0xfe0cdbe3)
[IAT:Addr] (explorer.exe @ USER32.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ USP10.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!FreeLibraryAndExitThread : C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll @ 0x10001f00
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!CreateThread : C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll @ 0x10002ac0
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ SHLWAPI.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Inl] (explorer.exe @ SHELL32.dll) USER32!SetClipboardData : C:\Windows\System32\cssguard32.dll @ 0x75741b80 (jmp 0xffb0f24e)
[IAT:Inl] (explorer.exe @ SHELL32.dll) USER32!GetClipboardData : C:\Windows\System32\cssguard32.dll @ 0x75741c10 (jmp 0xffb0f099)
[IAT:Inl] (explorer.exe @ SHELL32.dll) GDI32!PlgBlt : C:\Windows\System32\cssguard32.dll @ 0x7573afe0 (jmp 0xfe0b9b78)
[IAT:Inl] (explorer.exe @ SHELL32.dll) GDI32!GdiTransparentBlt : C:\Windows\System32\cssguard32.dll @ 0x7573b390 (jmp 0xfe0cbbd3)
[IAT:Addr] (explorer.exe @ SHELL32.dll) kernel32!LoadLibraryA : C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll @ 0x100011d0
[IAT:Addr] (explorer.exe @ SHELL32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ SHELL32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Inl] (explorer.exe @ SHELL32.dll) kernel32!GetSystemWow64DirectoryW : C:\Windows\System32\ntdll.dll @ 0x778e2d13 (call dword [0x777b1610])
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778b463d
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!InitOnceInitialize : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ OLEAUT32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x778c1bf9
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Inl] (explorer.exe @ DUser.dll) GDI32!CreateDCA : C:\Windows\System32\cssguard32.dll @ 0x7573a200 (jmp 0xfe0d0613)
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x778e98b4
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x778f5de9
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e97cb
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ DUser.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x778e2d41
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ DUI70.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Inl] (explorer.exe @ IMM32.dll) USER32!keybd_event : C:\Windows\System32\cssguard32.dll @ 0x757419a0 (jmp 0xffad2cdd)
[IAT:Addr] (explorer.exe @ IMM32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MSCTF.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSCTF.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSCTF.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ UxTheme.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ POWRPROF.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ POWRPROF.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ POWRPROF.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ POWRPROF.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ SETUPAPI.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x778b30c8
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ CFGMGR32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ slc.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ gdiplus.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Inl(Microsoft)] (explorer.exe @ PROPSYS.dll) kernel32!GetCalendarInfoW : C:\Windows\System32\KERNELBASE.dll @ 0x759e5493 (jmp dword [0x777b1ce0])
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ PROPSYS.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x778f5de9
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x778e2d41
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e97cb
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e6737
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ cssguard32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ CRYPT32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WINSTA.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINSTA.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WINSTA.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WINSTA.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Inl] (explorer.exe @ comctl32.dll) GDI32!MaskBlt : C:\Windows\System32\cssguard32.dll @ 0x7573ac20 (jmp 0xfe0cde2c)
[IAT:Inl] (explorer.exe @ comctl32.dll) USER32!SendInput : C:\Windows\System32\cssguard32.dll @ 0x75741810 (jmp 0xffafa827)
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Inl] (explorer.exe @ apphelp.dll) kernel32!BaseDumpAppcompatCache : C:\Windows\System32\ntdll.dll @ 0x778d5000 (call dword [0x777b114c])
[IAT:Addr] (explorer.exe @ CLBCatQ.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ CLBCatQ.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ CLBCatQ.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ CLBCatQ.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlay.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ psdprotect.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ sysenv.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ XmlLite.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ EhStorShell.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!RtlMoveMemory : C:\Windows\System32\ntdll.dll @ 0x778c5860
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!CloseThreadpoolCleanupGroupMembers : C:\Windows\System32\ntdll.dll @ 0x77899a9f
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!CloseThreadpoolCleanupGroup : C:\Windows\System32\ntdll.dll @ 0x77899961
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MMDevApi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ATL.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ATL.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ATL.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ATL.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ATL.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ntmarta.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ WLDAP32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WLDAP32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WLDAP32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ WLDAP32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WLDAP32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MsftEdit.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ CRYPTUI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ CRYPTUI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ CRYPTUI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ CRYPTUI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ CRYPTUI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ RContextMenu.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ MPR.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MPR.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MPR.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7789f28b
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778ab5fb
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!RtlMoveMemory : C:\Windows\System32\ntdll.dll @ 0x778c5860
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778b8c2b
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77908abd
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!DeleteProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x759c97a0
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!UpdateProcThreadAttribute : C:\Windows\System32\KERNELBASE.dll @ 0x759d43fb
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!InitializeProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x759d43a0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteBoundaryDescriptor : C:\Windows\System32\ntdll.dll @ 0x778e5541
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x779089a5
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7789e928
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x778acf1c
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!RtlMoveMemory : C:\Windows\System32\ntdll.dll @ 0x778c5860
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778b463d
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77908abd
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778ab5fb
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778b8c2b
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7789f28b
[IAT:Addr] (explorer.exe @ WININET.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x778a22c9
[IAT:Addr] (explorer.exe @ msutb.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ msutb.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ msutb.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ BatMeter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ BatMeter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ BatMeter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ BatMeter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINTRUST.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WINTRUST.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINTRUST.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WINTRUST.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WINTRUST.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ NetworkExplorer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e97cb
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e6737
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ Incinerator32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ WINMM.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ wdmaud.drv) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ ksuser.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!InterlockedCompareExchange64 : C:\Windows\System32\ntdll.dll @ 0x778c56ac
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!CloseThreadpoolCleanupGroup : C:\Windows\System32\ntdll.dll @ 0x77899961
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) kernel32!CloseThreadpoolCleanupGroupMembers : C:\Windows\System32\ntdll.dll @ 0x77899a9f
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x779097c4
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ AUDIOSES.DLL) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ MSACM32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSACM32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSACM32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ MSACM32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ prnfldr.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ WINSPOOL.DRV) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WINSPOOL.DRV) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WINSPOOL.DRV) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WINSPOOL.DRV) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WINSPOOL.DRV) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ es.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ es.dll) kernel32!InterlockedCompareExchange64 : C:\Windows\System32\ntdll.dll @ 0x778c56ac
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ dxp.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ dxp.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ dxp.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ dxp.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ dxp.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ dxp.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ Syncreg.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ netshell.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x778b30c8
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ nlaapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x779097c4
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ PortableDeviceTypes.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ AltTab.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ AltTab.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ AltTab.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ AltTab.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ pnidui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x778c1bf9
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ pnidui.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ QUtil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778b463d
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x778a22c9
[IAT:Addr] (explorer.exe @ wevtapi.dll) kernel32!CloseThreadpoolCleanupGroup : C:\Windows\System32\ntdll.dll @ 0x77899961
[IAT:Addr] (explorer.exe @ bthprops.cpl) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ bthprops.cpl) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ bthprops.cpl) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ bthprops.cpl) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ bthprops.cpl) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ srchadmin.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x778f5de9
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e97cb
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x778e98b4
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x778e2d41
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x778b30c8
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x759caea3
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77908abd
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e6737
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Inl] (explorer.exe @ ieframe.dll) USER32!PrintWindow : C:\Windows\System32\cssguard32.dll @ 0x7573bcc0 (jmp 0xffac6ead)
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ Actioncenter.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ Actioncenter.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ Actioncenter.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ Actioncenter.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ fxsst.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ FXSAPI.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ imapi2.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ hgcpl.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ hgcpl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ hgcpl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ hgcpl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ hgcpl.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ hgcpl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ provsvc.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ provsvc.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ netprofm.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ twext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ UIAnimation.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ UIAnimation.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ UIAnimation.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ UIAnimation.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x779097c4
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ UIAnimation.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ chext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ libchcore32u.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ sqlite3_32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e6737
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x778e2d41
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x778e98b4
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x778e97cb
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x778f5de9
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ MSVCR120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ MSVCP120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ MSVCP120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ MSVCP120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSVCP120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSVCP120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ Wlanapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ wwanapi.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77908abd
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wwanapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ QAgent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ShredderContextMenu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ShredderContextMenu.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ShredderContextMenu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ShredderContextMenu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ FrameUtility.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ LibFrame.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ LibFrame.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ LibFrame.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ LibFrame.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ MSVCP90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSVCP90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSVCP90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSVCP90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ MSVCR90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ OLEACC.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ OLEACC.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ OLEACC.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ OLEACC.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ ATL90.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ TERACO~1.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ EUSyncExtMenu.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ shellext.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ mpclient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x779097c4
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ mpclient.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ ncrypt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ ncrypt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ ncrypt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ ncrypt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ ncrypt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ bcrypt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ bcrypt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ bcrypt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ bcrypt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ bcrypt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ bcryptprimitives.dll) kernel32!RtlMoveMemory : C:\Windows\System32\ntdll.dll @ 0x778c5860
[IAT:Addr] (explorer.exe @ bcryptprimitives.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ bcryptprimitives.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ bcryptprimitives.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ bcryptprimitives.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ msxml6.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ mwlshellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ mwlshellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ mwlshellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ mwlshellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ mwlshellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x778bf515
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ MSVCR80.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ syncui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ SYNCENG.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ SYNCENG.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ SYNCENG.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ msxml3.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e2ed4
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x778e9a68
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wscinterop.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ WSCAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ WSCAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ WSCAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ WSCAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ WSCAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x778ac0bf
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778ac167
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!IsThreadpoolTimerSet : C:\Windows\System32\ntdll.dll @ 0x778babcb
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x778b89ef
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x778b463d
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7789f28b
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x778ffba6
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77908abd
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778ab5fb
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778b8c2b
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ werconcpl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x778ed853
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x778bd5c7
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ werconcpl.dll) ADVAPI32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x778f5a0a
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x778bb095
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x778b868e
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x778b8ac6
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x778b8b2f
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x778b8b65
[IAT:Addr] (explorer.exe @ wercplsupport.dll) ADVAPI32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x778be337
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ wercplsupport.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x778ecb78
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778ab5fb
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7789f28b
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x778b8c2b
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a2189
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x778a271d
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x778ea0fd
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fef
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x778e2fa6
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f3c
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x778e2f66
[IAT:Addr] (explorer.exe @ hcproviders.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x778e97fd
[IAT:Addr] (explorer.exe @ MLANG.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x778e29ee
[IAT:Addr] (explorer.exe @ MLANG.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d7310
[IAT:Addr] (explorer.exe @ MLANG.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778d72d0
[IAT:Addr] (explorer.exe @ MLANG.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9941
[IAT:Addr] (explorer.exe @ MLANG.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x778e9fb6

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545025B9A300 +++++
--- User ---
[MBR] c6c991b1da30398c16377c51eb4023f1
[BSP] 0edec84e8e2fb61e6f78a74364de4571 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 27265024 | Size: 4196 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 35860417 | Size: 220962 MB
User = LL1 ... OK
User = LL2 ... OK

Signaler le contenu de ce document