RKreport-DEL-07192016-132336.log

Document joint : FGtnA0JVd2R_RKreport-DEL-07192016-132336.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.4.0.0 (x64) [Jul 18 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode sans échec prise en charge réseau
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 07/19/2016 13:23:36

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 3 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow\Software\adawarebp -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow\Software\adawarebp -> Supprimé(e)
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Partizan (system32\drivers\Partizan.sys) -> Supprimé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 2 ¤¤¤
[Hj.Shortcut][Fichier] C:\Users\jean-\Desktop\AdsFix_Donate.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Advanced SystemCare Beta\ICONPIN64.dll -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Advanced SystemCare Beta -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\IObit Uninstaller -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\IObit Unlocker\update.ini -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\IObit Unlocker -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Downloader.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Arabic.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Belarusian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\ChineseSimp.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\ChineseTrad.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Czech.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Danish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Dinka.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Dutch.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\English.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Finnish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Flemish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\French.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\German.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Greek.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Hebrew.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Hungarian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Indonesia.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Italian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Japanese.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Korean.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Latvian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Malayalam.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Polish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Romanian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Russian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Serbian (cyrillic).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Serbian (latin).lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Slovak.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Slovenian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Spanish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Swedish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Turkish.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Ukrainian.lng -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\Language\Vietnamese.lng -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\Language -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdateSrvUpt.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\ProductUpt.log -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\system.ini -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection\Adblock\db -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection\Adblock -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection\Database -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\LiveUpdate\update\update.spt -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate\update -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\LiveUpdate -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\Adblock\AdBExtFc.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\Adblock\ADBlock.dll -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Surfing Protection\Adblock -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Surfing Protection\Database -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\FFNativeMessage.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\IObit\Surfing Protection\FFPluginCleaner.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\IObit\Surfing Protection -> Supprimé(e)

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 561 (Driver: Non chargé [0xc000035f]) ¤¤¤
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa2529cd10
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252d6f10
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252da660
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!LdrLoadDll : Unknown @ 0x7ffa25260148 (jmp 0xfffffffffd18f618)
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ ccavguard64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ ccavguard64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffa24441a10
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffa28140200
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa28139240
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa280cab50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa2813c3b0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x7ffa25260110 (jmp 0xfffffffffd0f9f50)
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252a0c60
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252d6f10
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252c8d60
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa2529d620
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252d63e0
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa2529d6a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa25336c40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa253370c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252c3d40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffa280e77c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffa280e76f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffa28132540
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee720
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252c7ca0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252dbb90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffa28139360
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252c0630
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa280c6f90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280caf10
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca4c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffa280eda60
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3a90
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffa28139360
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ DropboxExt64.38.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa2529d610
[IAT:Addr] (explorer.exe @ Windows.UI.Shell.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252a0be0
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ Syncreg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ Syncreg.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffa2810cc30
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x7ffa28112f00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffa2810cc30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252a4150
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252c0630
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dc0
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ QtCore4.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ mfc90u.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ PinToStartMenuX.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ WPShellExt64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffa281141a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffa28107e40
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffa28109c90
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ WSCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ TeraCopyExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!GetNamedPipeInfo : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa25332470
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ImageSh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3a90
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffa280eda60
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffa28139360
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!GetCurrentProcessorNumber : C:\Windows\System32\ntdll.dll @ 0x7ffa28164cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280caf10
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca4c0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!FlushProcessWriteBuffers : C:\Windows\System32\ntdll.dll @ 0x7ffa28166c40
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffa281329a0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffa281422e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffa28109c90
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffa28107e40
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffa281141a0
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffa28109ce0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb40
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffa28109ce0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ creator-context-menu.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa28168900
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb40
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffa2810eb30
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ msvcr110.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ msvcp110.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ encoding-conversion.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ atom.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ logger.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ brand.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ notification-service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ root-service-provider.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ support.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ISCM64.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ hmpshext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ EUSyncExtMenux64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa281110f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca880
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa2813c3b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffa280c91f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ffa280c78a0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280caf10
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa280cab50
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffa28139240
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ffa280c4b00
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa280c4c20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa28143590
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa280c6f90
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee720
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ffa2813f4c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffa2810cc30
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffa28107fc0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffa28114030
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffa281421d0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffa28107df0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffa28141a00
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffa28142190
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffa28139360
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ DTShl64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffa24441a10
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c5f0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ ShellExtension.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffa28140200
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280caf10
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca720
[IAT:Addr] (explorer.exe @ comdlg32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffa280ca4c0
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffa252a4150
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffa28132cc0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffa28132510
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffa24441a10
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ CLVDShellExt10.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164e90
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffa280dba80
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e3cf0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa2812d220
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280eee00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa280ee900
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffa28119d20
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffa280e55d0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffa28109c90
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffa28107e40
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffa28113ea0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffa281141a0
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffa28164dd0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa28132ad0
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffa2811c980
[IAT:Addr] (explorer.exe @ wscui.cpl) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffa280f1dc0

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 893980bed388c556b2366cd39027128a
[BSP] 020206d51f264a563d8cb350ddfffc9f : Empty MBR Code
Partition table:
0 - [SYSTEM] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 565830 MB
4 - Basic data partition | Offset (sectors): 1161916416 | Size: 30146 MB
5 - Basic data partition | Offset (sectors): 1223656570 | Size: 6675 MB
6 - | Offset (sectors): 1237327872 | Size: 256170 MB
7 - | Offset (sectors): 1761964032 | Size: 76501 MB
8 - | Offset (sectors): 1918638080 | Size: 3660 MB
9 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 12747 MB
10 - Basic data partition | Offset (sectors): 1952239616 | Size: 627 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD My Passport 0827 USB Device +++++
Error reading User MBR! ([57] Paramètre incorrect. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Sony Card R/W -CF USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Sony Card R/W -SM/xD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Sony Card R/W -SD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Sony Card R/W -MS USB Device +++++
--- User ---
[MBR] 1594ecd6416c64d637647a2dbd1eb805
[BSP] cec432cdca1e3c3b7be20bd8d35ac1d7 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 60918 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: FixMeStick USB Device +++++
--- User ---
[MBR] 25d26b7361daffce84ceafb139365d38
[BSP] 5c5f20dd5139dc2e55aab34a1f6a3955 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] BOOTUS (0x45) [VISIBLE] Offset (sectors): 1936286752 | Size: 2092206 MB
1 - [XXXXXX] UNKNOWN (0x65) [VISIBLE] Offset (sectors): 1853169786 | Size: 913028 MB
2 - [XXXXXX] UNKNOWN (0x20) [VISIBLE] Offset (sectors): 1701978226 | Size: 798128 MB
3 - [XXXXXX] UNKNOWN (0xd) [VISIBLE] Offset (sectors): 0 | Size: 1693717 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: SDHC Card +++++
--- User ---
[MBR] 8a82eff7c59f648e700c6216ec265868
[BSP] 5a814a908188e2c8d7b3e0f7408344a0 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8192 | Size: 15189 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Signaler le contenu de ce document