RKreport-DEL-08072016-212139.log

Document joint : FHhtZtBPDaW_RKreport-DEL-08072016-212139.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

ÿþRogueKiller V12.4.2.0 (x64) [Aug 1 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.14393) 64 bits version
Démarré en : Mode sans échec prise en charge réseau
Utilisateur : Jean-Marie [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 08/07/2016 21:21:39

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 14 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Systweak -> Supprimé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\One System Care -> Supprimé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\systweak -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\One System Care -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\systweak -> Supprimé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 -> Supprimé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare -> Supprimé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286} -> Supprimé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion : C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [7][x] -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion : C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [7][x] -> ERROR [2]
[PUP|VT.Adware.PremierOpinion] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PremierOpinion (C:\Program Files (x86)\PremierOpinion\pmservice.exe /service) -> Supprimé(e)
[PUP|VT.Adware.PremierOpinion] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PremierOpinion (C:\Program Files (x86)\PremierOpinion\pmservice.exe /service) -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/?pc=COSP&ptag=D080716-AEC0016903F&form=CONMHP&conlogo=CT3334468 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com/?pc=COSP&ptag=D080716-AEC0016903F&form=CONMHP&conlogo=CT3334468 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)

¤¤¤ Tâches : 2 ¤¤¤
[PUP] %WINDIR%\Tasks\One System Care Task.job -- C:\PROGRA~2\ONESYS~1\SystemConsole.exe -> Supprimé(e)
[PUP] %WINDIR%\Tasks\One System CarePeriod.job -- C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe (-scan) -> Supprimé(e)

¤¤¤ Fichiers : 13 ¤¤¤
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\Lavasoft\Web Companion -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\Lavasoft\Web Companion\Options\Language.txt -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\Lavasoft\Web Companion\Options -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\One System Care -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Danish.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Dutch.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\English.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\French.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\German.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Italian.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Norwegian.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Parameters.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Portuguese.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Spanish.xml -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages\Swedish.xml -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\One System Care\Languages -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\systweak -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector\ASPLog.txt -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector\QDetail.db -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector\Settings.db -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector\Update.ini -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector\Utility_kit.ini -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\systweak\Advanced System~Protector -> Supprimé(e)
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Roaming\systweak\ssd\SSDPTstub.exe -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Roaming\systweak\ssd -> Supprimé(e)
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Local\Systweak -> Supprimé(e) au redémarrage [91]
[PUP][Fichier] C:\Users\Jean-Marie\AppData\Local\Systweak\Advanced System Protector\aspcontexthelper64.dll -> Supprimé(e) au redémarrage [5]
[PUP][Répertoire] C:\Users\Jean-Marie\AppData\Local\Systweak\Advanced System Protector -> Supprimé(e) au redémarrage [91]
[PUP][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Icons\bing.ico -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Icons -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\adblocker.log -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\pupmanager.log -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\wcassistant.log -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Logs -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\ActiveFeatures.zip -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\CurrentReleaseNotes.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\install.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\LatestReleaseNotes.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\partner.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\Statistics.txt -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\UpdateServer.txt -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Options -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector\Advanced System~Protector.lnk -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector\Désinstaller Advanced System~Protector.lnk -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector\Register Advanced System~Protector.lnk -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\Launch One System Care.lnk -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\One System Care on the Web.url -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\PremierOpinion.lnk [LNK@] C:\PROGRA~2\PREMIE~1\pmropn.exe -brandinfo:http://www.premieropinion.com/Tile.aspx -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Systweak -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Systweak\Advanced System~Protector\AddonSafelist.db -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Systweak\Advanced System~Protector\log.xslt -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Systweak\Advanced System~Protector\signatures -> Supprimé(e)
[PUP][Fichier] C:\ProgramData\Systweak\Advanced System~Protector\updates\2561completedatabase.zip -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Systweak\Advanced System~Protector\updates -> Supprimé(e)
[PUP][Répertoire] C:\ProgramData\Systweak\Advanced System~Protector -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\Advanced System Protector -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\ASP -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe.config -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\AppResource.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\asp.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\AspManager.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\aspsys.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\ASPUninstall.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\BrowserCleaner.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\BrowserCleaner.exe.config -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\categories.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Chinese_asp_ZH-CN.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Chinese_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\clamunpack\clamscan.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\clamunpack\libclamav.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\clamunpack\readme.txt -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\ASP\clamunpack -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Communication.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\danish_asp_DA.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Danish_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\dutch_asp_NL.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Dutch_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\eng_asp_en.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\eng_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\filetypehelper.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Finnish_asp_FI.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Finnish_uninst_fi.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\french_asp_FR.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\French_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\german_asp_DE.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\German_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\greek_uninst_el.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Interop.IWshRuntimeLibrary.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\italian_asp_IT.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Italian_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\japanese_asp_JA.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Japanese_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\korean_uninst_ko.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\loading_withWhiteBG.avi -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Microsoft.Win32.TaskScheduler.DLL -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\norwegian_asp_NO.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Norwegian_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\polish_uninst_pl.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\portugese_uninst_pt.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\portuguese_asp_PT-BR.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Portuguese_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\russian_asp_ru.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\russian_uninst_ru.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\scandll.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\spanish_asp_ES.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\spanish_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\swedish_asp_SV.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\swedish_uninst.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\System.Core.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\System.Data.SQLite.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\traditionalcn_uninst_zh-tw.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Turkish_uninst_tr.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\unins000.dat -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\unins000.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\unins000.msg -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\unrar.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Xceed.Compression.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Xceed.Compression.Formats.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Xceed.FileSystem.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\ASP\Xceed.Zip.dll -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\OneSystemCare -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\cancel.bmp -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\icon.ico -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\OneSystemCare.ini -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\SystemConsole.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\uninstall.bmp -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\OneSystemCare\Uninstaller.exe -> Supprimé(e)
[PUP][Répertoire] C:\Program Files (x86)\PremierOpinion -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmls.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmls64.dll -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmropn.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmropn32.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmropn64.exe -> Supprimé(e)
[PUP][Fichier] C:\Program Files (x86)\PremierOpinion\pmservice.exe -> Supprimé(e)

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 348 (Driver: Non chargé [0xc000035f]) ¤¤¤
[IAT:Addr] (explorer.exe) kernel32!ParseApplicationUserModelId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246e610
[IAT:Addr] (explorer.exe) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd62480510
[IAT:Addr] (explorer.exe) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246e170
[IAT:Addr] (explorer.exe) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246c600
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffd65b43ef0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffd65b12ff0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffd65b106c0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffd65b0ec70
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b68730
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ TaskbarBand64.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246cb40
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246cb80
[IAT:Addr] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6246cfb0
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd624709f0
[IAT:Addr] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd62480510
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1f460
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffd65b441a0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffd65b448b0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffd65b44870
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2740
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e7b0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd62470970
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffd65b441a0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffd65b20990
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffd65b44870
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffd65b448b0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e7b0
[IAT:Addr] (explorer.exe @ HelpPaneProxy.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad5b20
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e7b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2740
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffd65b44870
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffd65b448b0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffd65b441a0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1f460
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffd65b20990
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6247f8a0
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd624ad840
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e7b0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2740
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffd65b44870
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffd65b448b0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffd65b441a0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1f460
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffd65b441a0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e7b0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2740
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffd65b44870
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffd65b448b0
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2810
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e800
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b20070
[IAT:Addr] (explorer.exe @ WorkFoldersShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1f460
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6252b0e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd6252b560
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad67f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd624afd20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffd65b04d50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffd65b04c70
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffd65b32020
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffd65b0fa50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffd65b0e6a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffd65b3bb50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffd624ad840
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffd65b10ea0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b0eb50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b68730
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36d20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac30
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36a40
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffd65af1490
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffd65af51c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b0dcf0
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventWriteEx : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1ffe0
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad25c0
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ chartv.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffd65b05380
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ chartv.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ mbamext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad67f0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36d20
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36a40
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ AdAwareShellExtension.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b68730
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ mxctxMnu64.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ AQCommon64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ MXLogger64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ sqlite3x64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ atl100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b68730
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b68730
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36d20
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac30
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2ac20
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad67f0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36a40
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ MXPM64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36d20
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffd65b3bb50
[IAT:Addr] (explorer.exe @ DTShl64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffd65b36a40
[IAT:Addr] (explorer.exe @ DTShl64.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.dll @ 0x7ffd61a519c0
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ CLVDShellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b40
[IAT:Addr] (explorer.exe @ syncui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64c00
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ aspcontexthelper64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ ZAMShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffd65b1e800
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad25c0
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad2810
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b20070
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0610
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65af0880
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af7370
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65b2a930
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffd65b3bb50
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffd65af5350
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffd65b259f0
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffd65ad6320
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffd65afbba0
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b351e0
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffd65b25f20
[IAT:Addr] (explorer.exe @ LavasoftTcpService64.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffd65b64b30

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 01eb5227ed6ac7a65b4e14ad82375d3b
[BSP] 3a9633b68b497f632192545970c28379 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 938533 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1925212160 | Size: 450 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1926133760 | Size: 13374 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: WD My Passport 0827 USB Device +++++
Error reading User MBR! ([57] Paramètre incorrect. )
Error reading LL1 MBR! ([79] Le délai de temporisation de sémaphore a expiré. )
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] b56182b4ced2bbfb509e40f864489e0c
[BSP] dd7bc97d11df10cb8f090113c71b2af2 : Linux|Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 29525 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] 67a9ccb67f4d227bd2b5ff166d4cb12d
[BSP] 3c1fd70a041cb066bdfea9c6be9cb6a8 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 59042 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: FixMeStick USB Device +++++
--- User ---
[MBR] 555e472fb3b4bd294ba3b21211542fe7
[BSP] d918ce9777116f3018c311504d113564 : Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 1906 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: Kingston DataTraveler 3.0 USB Device +++++
--- User ---
[MBR] 92f18aa5f02938784c7adb30031a42bd
[BSP] 51d78373997a0f7e5c4e03a2efc56feb : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 14783 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive8: General USB Flash Disk USB Device +++++
--- User ---
[MBR] 0f2aaf141ebd085f46940fe2e8305719
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 30751 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive9: GENPLUS USB-MSDC DISK A USB Device +++++
--- User ---
[MBR] 193bab970a02a2c3ea9fd1aa88ec7c64
[BSP] 23080366a1f6fb145a57e39577c27d4e : Empty MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 2048 | Size: 7613 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive10: GENPLUS USB-MSDC DISK A USB Device +++++
--- User ---
[MBR] 4d1d314a9f37ef64908ebe5fd005f954
[BSP] f680aef02d02abf002ec128de7e172b1 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 3787 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive11: Sony Card R/W -CF USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive12: Sony Card R/W -SM/xD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive13: Sony Card R/W -SD USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive14: Sony Card R/W -MS USB Device +++++
--- User ---
[MBR] 1594ecd6416c64d637647a2dbd1eb805
[BSP] cec432cdca1e3c3b7be20bd8d35ac1d7 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 60918 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Signaler le contenu de ce document