Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
1669 connectés 

  FORUM HardWare.fr
  Windows & Software
  Virus/Spywares

  MALWAREBYTES bloque sur système de fihiers

 
 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

MALWAREBYTES bloque sur système de fihiers

n°3273809
claire1100​r
Posté le 19-05-2017 à 19:09:37  profilanswer
 

Bonsoir,
 
Je me permets de créer un nouveau message car mon PC portable (ASUS X93S Séries) est sûrement infecté.
 
Il est très lent, bloque sur internet, n'ouvre pas les sites, pubs..., et surtout Malwarebytes qui bloque sur analyse de système de fichiers (jusqu'à 10 heures de scan et toujours sur analyse de syst-me de fichiers !!!!)
 
J'ai Malwarebytes PREMIUM "version payante" ainsi qu'Avast PREMIUM + SecureLine VPN
 
Je pense qu'il y a un problème et je vous remercie par avance de bien vouloir m'apporter votre aide.
 
Claire

mood
Publicité
Posté le 19-05-2017 à 19:09:37  profilanswer
 

n°3273810
erickred
Posté le 19-05-2017 à 19:25:37  profilanswer
 

salut,
 
as-tu essayé de booter en mode sans echec avant de faire une analyse ?
 
sinon  
-aller dans les programmes installés, les classer par date, voir si par hasard un truc louche s'est installé. (certains malwares entrent par la grande porte de devant, et personne ne l'a vu...)
 
et aussi si tu veux un scan plus rapide :  
- si tu as ccleaner, fais un nettoyage (permet d'éviter de scanner des tonnes de fichiers lors d'un scan)
 sinon, vide  
 - la poubelle,  
 - le cache de ton/tes navigateur/s,  
 - tout ce qui est présent dans le répertoires c:\windows\temp\ (ne pas supprimer le répertoire..., uniquement supprimer tout ce que tu peux dedans), il se peut que les fichiers récents provoque un message du type "fichier en cours, impossible de supprimer" ignore les simplement.
 
tu peux aussi essayer des outils comme  
 zhpdiag  : https://www.nicolascoolman.com/fr/download/zhpdiag/
 ou roguekiller : http://www.adlice.com/fr/download/roguekiller/
 
évidemment, il vaut mieux utiliser les versions portables (sans installation) téléchargées d'un autre pc.
 

n°3273811
claire1100​r
Posté le 20-05-2017 à 16:34:51  profilanswer
 

Bonjour,
Merci pour tout ces renseignements, j'ai fait avast, j'ai ccleaner que je fais régulièrement, j'ai fait zhpdiaz rien de trouvé...
 
Par contre je n'ai pas essayer le mode sans echec, je vais le faire en suivant merci beaucoup.
A très vite et grand merci encore

n°3273812
claire1100​r
Posté le 20-05-2017 à 20:40:04  profilanswer
 

bonsoir,
 
J'ai tout fait, même en mode sans échec ça bloque toujours.
 
Si cela peur vous aider il bloque sur : C:\Windows\Manifests\amd64.....
 
Voilà, je suis désolée, mais rien ne fonctionne pour le moment, toujours les mêmes problèmes.
 
Que me suggérez-vous ?
 
Je vous remercie.
 
Claire

n°3273813
claire1100​r
Posté le 21-05-2017 à 02:00:05  profilanswer
 

Bonsoir,
Je viens d'effectuer un scan ROGUEKILLER, il a trouvé beaucoup de choses.
Je l'ai même acheté, donc version plus performante (soit disant), pour 13 euros pour 5 PC j'ai pas hésiter.
 
Voici le rapport :
 
RogueKiller V12.10.9.0 (x64) [May 15 2017] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com
 
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en  : Mode normal
Utilisateur : MOA [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/21/2017 00:19:23 (Durée : 00:23:26)
 
¤¤¤ Processus : 0 ¤¤¤
 
¤¤¤ Registre : 0 ¤¤¤
 
¤¤¤ Tâches : 0 ¤¤¤
 
¤¤¤ Fichiers : 0 ¤¤¤
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Fichier Hosts : 0 ¤¤¤
 
¤¤¤ Antirootkit : 940 (Driver: Chargé) ¤¤¤
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff88001021878
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff88001021878
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_READ[3] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff88001007500
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff880010074d8
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff88001007528
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff8800101c4e0
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff8800101c4ac
[IRP:Addr(Microsoft)] \Driver\atapi - DriverUnload[29] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff8800101c514
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b0e9e0
[IRP:Addr(Microsoft)] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff88001b2fc90
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
[IAT:Addr] (explorer.exe) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77aa9930
[IAT:Addr] (explorer.exe) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x77aaa0f0
[IAT:Addr] (explorer.exe) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77b36ea0
[IAT:Addr] (explorer.exe) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x77b36e60
[IAT:Addr] (explorer.exe) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x77b36e20
[IAT:Addr] (explorer.exe) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77ab8710
[IAT:Addr] (explorer.exe) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x77a93090
[IAT:Addr] (explorer.exe) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ gdi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ gdi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ gdi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ gdi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ user32.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ usp10.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ shlwapi.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ shell32.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a9a6b0
[IAT:Addr] (explorer.exe @ shell32.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a8cdd0
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77a9eea0
[IAT:Addr] (explorer.exe @ ole32.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!InitOnceInitialize : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ oleaut32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ oleaut32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!EventEnabled : C:\Windows\System32\ntdll.dll @ 0x77aaa0f0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x77a93090
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77ab8710
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x77b36e20
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x77b36e60
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77b36ea0
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77aa9930
[IAT:Addr] (explorer.exe @ EXPLORERFRAME.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x77af2db0
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x77a93250
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x77aa53c0
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ duser.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ dui70.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ imm32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ msctf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ msctf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ msctf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ uxtheme.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ powrprof.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ powrprof.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ powrprof.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ powrprof.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ setupapi.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x77a944b0
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ cfgmgr32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ devobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ devobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ dwmapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ slc.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ GdiPlus.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa3970
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ propsys.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ propsys.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ nvinitx.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ winsta.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ winsta.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ winsta.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ winsta.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ winsta.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ comctl32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ WindowsCodecs.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ clbcatq.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ clbcatq.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ clbcatq.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ clbcatq.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ IDMShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ IDMShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ IDMShellExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ IDMNetMon64.DLL) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ IDMNetMon64.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x77aa53c0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x77af2db0
[IAT:Addr] (explorer.exe @ ashShA64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ ASUSWSShellExt64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ EhStorShell.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x77b36e20
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x77b36e60
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77b36ea0
[IAT:Addr] (explorer.exe @ EhStorShell.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x77a93090
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ ntshrui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ rsaenh.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!CloseThreadpoolCleanupGroup : C:\Windows\System32\ntdll.dll @ 0x77a877c0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!CloseThreadpoolCleanupGroupMembers : C:\Windows\System32\ntdll.dll @ 0x77a876c0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a8cdd0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x77a8d070
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a9a6b0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ MMDevAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ timedate.cpl) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ timedate.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ atl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ ntmarta.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ Wldap32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ Wldap32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ Wldap32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ Wldap32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ Wldap32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ shdocvw.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!ExitProcess : C:\Windows\System32\ntdll.dll @ 0x77aa2840
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ gameux.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ xmllite.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ crypt32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ wer.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ shacct.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ msftedit.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ msftedit.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ msftedit.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ tiptsf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ tiptsf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ tiptsf.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ tiptsf.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77aa9930
[IAT:Addr] (explorer.exe @ tiptsf.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77ab8710
[IAT:Addr] (explorer.exe @ authui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ authui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ cryptui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x77acb080
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x77ab4ed0
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ cryptui.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa3970
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x77a91a60
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a8cdd0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x77a8d070
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a9a6b0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77b4a2c0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x77a91ba0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x77a9d320
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x77a8bea0
[IAT:Addr] (explorer.exe @ urlmon.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x77a84470
[IAT:Addr] (explorer.exe @ urlmon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ urlmon.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x77afe300
[IAT:Addr] (explorer.exe @ urlmon.dll) advapi32!RegisterTraceGuidsA : C:\Windows\System32\ntdll.dll @ 0x77a9e6e0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!DeleteProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fefdad0ee0
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!UpdateProcThreadAttribute : C:\Windows\System32\KERNELBASE.dll @ 0x7fefdad2dd0
[IAT:Addr(Microsoft)] (explorer.exe @ iertutil.dll) kernel32!InitializeProcThreadAttributeList : C:\Windows\System32\KERNELBASE.dll @ 0x7fefdad2d50
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab0a50
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x77aa8080
[IAT:Addr] (explorer.exe @ iertutil.dll) kernel32!DeleteBoundaryDescriptor : C:\Windows\System32\ntdll.dll @ 0x77b454f0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b00
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77b4a730
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77a90270
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x77a952a0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x77a9eea0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x77ab4320
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa64a0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x77aa3b40
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x77aa6470
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x77a91a60
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x77a91ba0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x77b4a2c0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a8cdd0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x77a9a6b0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x77a8d070
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!CloseThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x77a8bea0
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!SetThreadpoolWait : C:\Windows\System32\ntdll.dll @ 0x77a9d320
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!WaitForThreadpoolWaitCallbacks : C:\Windows\System32\ntdll.dll @ 0x77a84470
[IAT:Addr] (explorer.exe @ wininet.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x77b493a0
[IAT:Addr] (explorer.exe @ winmm.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x77a9e6c4
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x77ac19a0
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ winmm.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ wdmaud.drv) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x77b36e20
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77b36ea0
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x77b36e60
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe @ wdmaud.drv) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x77a93090
[IAT:Addr] (explorer.exe @ ksuser.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x77aa6700
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x77ab0da0
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!CloseThreadpoolCleanupGroup : C:\Windows\System32\ntdll.dll @ 0x77a877c0
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!CloseThreadpoolCleanupGroupMembers : C:\Windows\System32\ntdll.dll @ 0x77a876c0
[IAT:Addr] (explorer.exe @ AudioSes.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x77abbfb0
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x77b506c0
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x77aa9930
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x77a93090
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x77b36e60
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x77ab8710
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x77b36ea0
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x77aa2460
[IAT:Addr] (explorer.exe @ AudioSes.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x77b36e20
[IAT:Addr] (explorer.exe @ msacm32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ msacm32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ msacm32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ msacm32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ midimap.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x77aa94cc
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa39a0
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77aa6540
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda00
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x77acda50
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x77acdc60
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab

n°3273814
erickred
Posté le 21-05-2017 à 12:00:02  profilanswer
 

claire1100r a écrit :

Bonsoir,
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 0 ¤¤¤
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Fichier Hosts : 0 ¤¤¤


 
rien à signaler
 
 

claire1100r a écrit :


¤¤¤ Antirootkit : 940 (Driver: Chargé) ¤¤¤
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\ataport.sys @ 0xfffff88001021878
[IRP:Addr(Microsoft)] \Driver\atapi - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff800036b0c70
.... etc..
[IAT:Addr] (explorer.exe @ stobject.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x77ab


 
c'est la liste des programmes résidents (drivers, routines sys windows, etc..), ce n'est pas un liste de malwares.
dans cette liste, j'ai rien vu (à 1ere vue) d'alarmant, si ce n'est un windowscodec.
 
as-tu télécharger des codecs pour visionner des films, si oui, lesquels ?
 
 
 

n°3273815
claire1100​r
Posté le 21-05-2017 à 14:00:01  profilanswer
 

Bonjour,
 
Tout d’abord merci pour ta réponse, en voyant tout ça, j'ai eu vraiment peur, je suis maintenant soulagée.
 
Non, pas à mon souvenir car j'ai un boitier multimédia et des disques dur externes pour les films.
 
Je ne peut malheureusement pas t'aider plus.
 
Et pour Malwarebytes qui se bloque tout le temps à C:\Windows\Manifests\amd64.... Ca cache quoi ?
 
Merci et bonne aprem

n°3273816
claire1100​r
Posté le 21-05-2017 à 14:01:47  profilanswer
 

Ni c'est ce Windows Manifests ????

n°3273817
erickred
Posté le 21-05-2017 à 23:16:03  profilanswer
 

désolé pour les réponses intermitentes, mais platre/poncage/peinture en ce moment...
 
windows manifest :  
les fichiers manifest sont utilisés par windows et ses différentes dll
en très gros : les manifest gèrent le comportement d'une application en fonction du windows sur lequel il tourne (xp, 8, 7, 10 , nt , server,etc...), ces fichiers sont bien connu des developpeurs qui compilent des applis par exemple avec visual studio.
 
maintenant pourquoi ton scan bloque la dessus... je ne sais pas...
 
1) d'abord  : "J'ai Malwarebytes PREMIUM "version payante" ainsi qu'Avast PREMIUM + SecureLine VPN "
je trouve qu'avec ça déjà , même sans malware, il y a de quoi ralentir ton pc.
 
peux-tu désactiver tout ça, réactiver "windows defender" , c'est à dire l'antivir de microsoft par défaut
et faire un scan avancé/complet avec de dernier.
 
2) les pubs  sur internet
malheureusement, ce n'est plus l'apanage des malwares, mêmes les sites "normaux" pop des pubs toutes les 10 secondes... (j'exagère, quoique..)
peux-tu indiquer par exemple 1 ou 2 sites ou tu vois ces pubs qui normalement n'auraient pas lieu d'être.
 
 
3) quel browser utilises-tu ? edge ? firefox ? chrome ?
as-tu essayé plusieurs navigateurs, cela fait pareil sur tous ?
 

n°3273818
erickred
Posté le 21-05-2017 à 23:19:23  profilanswer
 

suite :  
 
4) as-tu un disque ssd , un hdd ?
 
5) peux-tu installer Hdd Health et indiquer l'état de ton (ou tes disques durs)
 
6) as tu fait un "bouton droit" propriété / outil / Vérification sur ton / tes disque c: d: etc...


Message édité par erickred le 21-05-2017 à 23:22:06
mood
Publicité
Posté le 21-05-2017 à 23:19:23  profilanswer
 

n°3273819
erickred
Posté le 21-05-2017 à 23:28:05  profilanswer
 

7) si tu peux:  affiche les programmes installés, classe les par date (plus récent en haut) et fais une capture écran  et poste la.

n°3273820
TotalRecal​l
Posté le 22-05-2017 à 11:12:16  profilanswer
 

Ce sujet a été déplacé de la catégorie Hardware vers la categorie Windows & Software par TotalRecall


---------------
Réalisation amplis classe D / T      Topic .Net - C# @ Prog
n°3273826
nex84
Dura lex, sed lex
Posté le 22-05-2017 à 11:24:29  profilanswer
 

Pour pouvoir t'aider il faudrait que tu poste le rapport complet de ZHPDiag avec www.cjoint.com


---------------
#TeamNoBidouille || Come to the Dark Side, we have cookies || Mangez 5 fruits et légumes par an ! || Le digital, c'est les doigts

Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Windows & Software
  Virus/Spywares

  MALWAREBYTES bloque sur système de fihiers

 

Sujets relatifs
aide pour déplacer mon système Windows 10.En panne XP bloqué suite à réparation
Manque de place sur le disque système et pourtant...Difference entre image partition systeme ou cloner
Configuration système Windows 10Image systeme et reinstalle
XP,ebay, paypal et Firefox: qui bloque qui ?Firefox est censé avoir bloqué flash ?
echec à la restauration systemeOrganisation du système
Plus de sujets relatifs à : MALWAREBYTES bloque sur système de fihiers

Forum MesDiscussions.Net, Version 2010.2
(c) 2000-2011 Doctissimo
Page générée en 0.121 secondes

Copyright © 1997-2022 Hardware.fr SARL (Signaler un contenu illicite / Données personnelles) / Groupe LDLC / Shop HFR