RKreport-DEL-11012016-192101.log

Document joint : FKbt5HSbRyA_RKreport-DEL-11012016-192101.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.7.3.0 (x64) [Oct 17 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.14393) 64 bits version
Démarré en : Mode normal
Utilisateur : jean- [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 11/01/2016 13:31:08 (Durée : 05:49:20)

¤¤¤ Processus : 3 ¤¤¤
[Suspicious.Path] AQNotif.exe(8076) -- C:\Users\jean-\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe[7] -> Tué(e) [TermProc]
[Suspicious.Path] (SVC) SLEE_19_DRIVER -- \??\C:\WINDOWS\Sleen1964.sys[7] -> Arrêté(e)
[Suspicious.Path] (SVC) HWiNFO32 -- \??\C:\Users\jean-\AppData\Local\Temp\HWiNFO64A.SYS[7] -> Arrêté(e)

¤¤¤ Registre : 10 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\simplitec -> Supprimé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\AppDataLow\Software\adawarebp -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\AppDataLow\Software\adawarebp -> Supprimé(e)
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | DelaypluginInstall : C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [7] -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Windows\CurrentVersion\Run | Avanquest Message : "C:\Users\jean-\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe" [7] -> Supprimé(e)
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Windows\CurrentVersion\Run | Avanquest Message : "C:\Users\jean-\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe" [7] -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HWiNFO32 (\??\C:\Users\jean-\AppData\Local\Temp\HWiNFO64A.SYS) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLEE_19_DRIVER (\??\C:\WINDOWS\Sleen1964.sys) -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)

¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] \Boost -- C:\Users\jean-\AppData\Roaming\Reason\Boost\boost.exe (/autostart) -> Supprimé(e)

¤¤¤ Fichiers : 2 ¤¤¤
[PUP][Répertoire] C:\ProgramData\simplitec -> Supprimé(e)
[Hj.Shortcut][Fichier] C:\Program Files (x86)\Pre_Scan_Donate.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN -> Supprimé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 533 (Driver: Chargé) ¤¤¤
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad34f90
[IRP:Addr] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff8078ad7d210
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IRP:Addr] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff802818fbe60
[IAT:Addr] (explorer.exe) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8ce610
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8e0870
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8ce170
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8cc600
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!LdrLoadDll : Unknown @ 0x7ff80b8b0260 (jmp 0xfffffffffcc863f0)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenKey : Unknown @ 0x7ff80b8b01f0 (jmp 0xfffffffffcbeb170)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtSetInformationFile : Unknown @ 0x7ff80b8b0110 (jmp 0xfffffffffcbeadf0)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateKey : Unknown @ 0x7ff80b8b01b8 (jmp 0xfffffffffcbeafd8)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenProcess : Unknown @ 0x7ff80b8b0148 (jmp 0xfffffffffcbeae48)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x7ff80b8b0180 (jmp 0xfffffffffcbe8f70)
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac20
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ CcavGuard64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc8730
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ff80eca3ef0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec72ff0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec706c0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6ec70
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x7ff80b8b0228 (jmp 0xfffffffffcbea2f8)
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ KeyCrypt64(2).dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ IseGuard64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc8730
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8d09f0
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8e0870
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90d970
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8ccb40
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8ccb80
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8ccfb0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90fe50
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90fe50
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b928ca0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff80ec92020
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff80ec82570
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8c250
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90fe50
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32810
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e800
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ff80ec80030
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ EverySyncExplorerOverlayX64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc8730
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac30
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac20
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ ClientTelemetry.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ ShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ ShellExtension.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8dfc00
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8d0970
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff80ec80990
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8dfc00
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b98aab0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b98af30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90fe50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff80ec64d50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ff80ec64c70
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ff80ec92020
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6fa50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6e6a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b90d970
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff80ec70ea0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6eb50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc8730
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8ac30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff80ec51490
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ff80ec551c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6dcf0
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventWriteEx : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7ffe0
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ff80ec325c0
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ Rebit-Pro-NSE.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ cqt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ QtCore4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ QtCore4.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ QtSql4.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ mfc90u.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ mfc90u.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ zipfldr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ catchcopy64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ catchcopy64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ catchcopy64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ catchcopy64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ TeraCopy64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ chartv.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ SolutionExplorer.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ff80ec859f0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ff80ec9bb50
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ NeroShellExt.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.dll @ 0x7ff80a9e19c0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32810
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e800
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec80070
[IAT:Addr] (explorer.exe @ WorkfoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ shellext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ shellext.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6e6a0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpool : C:\Windows\System32\ntdll.dll @ 0x7ff80eca1e70
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6ec70
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolIoCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff80eca5cf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6e5c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec706c0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff80ec70ea0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff80ec70540
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ff80ec71a90
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolThreadMaximum : C:\Windows\System32\ntdll.dll @ 0x7ff80ec72640
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6dcf0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6eb50
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ff80ec65380
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6e080
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ff80ec72ff0
[IAT:Addr] (explorer.exe @ MpClient.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ff80ec6fa50
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ff80ec80990
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e7b0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32740
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ff80eca4870
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ff80eca48b0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ff80eca41a0
[IAT:Addr] (explorer.exe @ MpClient.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7f460
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ff80ec5bba0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec55350
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96d20
[IAT:Addr] (explorer.exe @ ccavhelper64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ff80ec96a40
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4b40
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ff80ecc4c00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec951e0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec85f20
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec7e800
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ff80ec325c0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ff80ec32810
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ff80ec80070
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec367f0
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec36320
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50610
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec50880
[IAT:Addr] (explorer.exe @ Rebit-Pro-Shell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ff80ec57370
[IAT:Addr] (explorer.exe @ daxexec.dll) kernel32!FormatApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8d2f80
[IAT:Addr] (explorer.exe @ daxexec.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ff80b8e0870
[IAT:Addr] (explorer.exe @ NPSMDesktopProvider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ff80ec8a930

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 987a20eb6d55bc3078c5efd1241af19e
[BSP] 650b38a94fbd229d42467acd7aaf9e1f : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 360 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 739328 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1001472 | Size: 952588 MB
3 - [MAN-MOUNT] Basic data partition | Offset (sectors): 1951901696 | Size: 792 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Sony Card R/W -CF USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Sony Card R/W -SM/xD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Sony Card R/W -SD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Sony Card R/W -MS USB Device +++++
--- User ---
[MBR] d4dc63f45825a00c5bc2e106da88d44c
[BSP] bd8afb207721830eef33f8f31f964043 : Empty MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 119831 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: SDXC Card +++++
--- User ---
[MBR] fc629731a5fbb91f453d377e92aaf01f
[BSP] eddb18f5cd586fc00837da1fa8d66104 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 488145 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: WD My Passport 0827 USB Device +++++
Error reading User MBR! ([57] Paramètre incorrect. )
Error reading LL1 MBR! ([79] Le délai de temporisation de sémaphore a expiré. )
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: Generic STORAGE DEVICE USB Device +++++
--- User ---
[MBR] 79d197715caa48278f08bfc62f3e5c55
[BSP] 12aca254e24775462922ae20697bbfd1 : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x7a) [VISIBLE] Offset (sectors): 1869881445 | Size: 830732 MB
1 - [XXXXXX] UNKNOWN (0x72) [VISIBLE] Offset (sectors): 1634566756 | Size: 937134 MB
3 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 28049408 | Size: 0 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive8: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] 92e031c7a2fed1b4ef32ad126579225a
[BSP] 810cd3fa88af7b81458d7676080130c1 : Windows XP MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive9: EPSON Storage USB Device +++++
--- User ---
[MBR] e0a63c26a8e1cd27f90aee53bdafc380
[BSP] bbadeeec882bdfaffc99e8019fa622af : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 137 | Size: 1875 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive10: EPSON Storage USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Signaler le contenu de ce document