PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

Prosím o kontrolu logu

https://pc-help.cnews.cz/viewtopic.php?f=70&t=130814

Stránka 1 z 3

Prosím o kontrolu logu  Vyřešeno

Napsal: 16 dub 2014 19:21
od PavelPCHelp
V poslední době mi antivir nod32 opakovaně našel nějaké trojské koně, všechny nakažené soubory jsem smazal, ale chtěl bych poprosit o kontrolu logu, pro jistotu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:25, on 16.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WheelMouse] C:\MSI\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\Resources\csy.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\Resources\csy.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Low Energy Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\LEsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 7693 bytes

Re: Prosím o kontrolu logu

Napsal: 17 dub 2014 09:21
od jaro3
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Re: Prosím o kontrolu logu

Napsal: 17 dub 2014 19:42
od PavelPCHelp
# AdwCleaner v3.023 - Report created 17/04/2014 at 19:38:32
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Pavel - PAVEL-PC
# Running from : C:\Users\Pavel\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v

[ File : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1395 octets] - [02/04/2014 20:32:04]
AdwCleaner[R1].txt - [870 octets] - [02/04/2014 20:38:08]
AdwCleaner[R2].txt - [929 octets] - [03/04/2014 15:15:19]
AdwCleaner[R3].txt - [936 octets] - [17/04/2014 19:38:32]
AdwCleaner[S0].txt - [1478 octets] - [02/04/2014 20:33:50]
AdwCleaner[S1].txt - [989 octets] - [03/04/2014 15:16:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1114 octets] ##########

Re: Prosím o kontrolu logu

Napsal: 17 dub 2014 20:05
od PavelPCHelp
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17.4.2014
Čas skenování: 20:03:37
Protokol:
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.17.05
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 257466
Uplynulý čas: 14 min, 49 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 1
PUM.Hijack.StartMenu, HKU\S-1-5-21-2537196817-3970893959-328294449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyComputer, 0, Dobré: (1), Špatné: (0),,[78f12efd88f3c571202a1d0609fbb848]

Složky: 0
(No malicious items detected)

Soubory: 1
Trojan.Agent, C:\Users\Pavel\AppData\Roaming\vmware-unity.exe, , [492088a36813f5413bbcc6b44fb3718f],

Fyzické sektory: 0
(No malicious items detected)


(end)

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 09:54
od jaro3
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 12:32
od PavelPCHelp
# AdwCleaner v3.023 - Report created 18/04/2014 at 12:28:48
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Pavel - PAVEL-PC
# Running from : C:\Users\Pavel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v

[ File : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1395 octets] - [02/04/2014 20:32:04]
AdwCleaner[R1].txt - [870 octets] - [02/04/2014 20:38:08]
AdwCleaner[R2].txt - [929 octets] - [03/04/2014 15:15:19]
AdwCleaner[R3].txt - [1194 octets] - [17/04/2014 19:38:32]
AdwCleaner[R4].txt - [1254 octets] - [18/04/2014 12:27:31]
AdwCleaner[S0].txt - [1478 octets] - [02/04/2014 20:33:50]
AdwCleaner[S1].txt - [989 octets] - [03/04/2014 15:16:11]
AdwCleaner[S2].txt - [1180 octets] - [18/04/2014 12:28:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1240 octets] ##########

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 12:42
od PavelPCHelp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Pavel on p  18.04.2014 at 12:33:59,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  18.04.2014 at 12:39:13,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 13:00
od PavelPCHelp
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18.4.2014
Čas skenování: 12:58:24
Protokol: test.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.18.03
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 257952
Uplynulý čas: 15 min, 13 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 1
PUM.Hijack.StartMenu, HKU\S-1-5-21-2537196817-3970893959-328294449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyComputer, 0, Dobré: (1), Špatné: (0),Nahrazeno,[24a78c9fb3c82412de20849f699b51af]

Složky: 0
(No malicious items detected)

Soubory: 1
Trojan.Agent, C:\Users\Pavel\AppData\Roaming\vmware-unity.exe, Do karantény, [d4f76fbc5328c07666122853d72baf51],

Fyzické sektory: 0
(No malicious items detected)


(end)

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 13:14
od PavelPCHelp
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pavel [Práva správce]
Mód : Kontrola -- Datum : 04/18/2014 13:09:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP UNIC] {0161FBB9-F34C-4314-92C3-86781C6AE625} : C:\Program Files\Uplnek\Úplněk.exe [-] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (DllGetClassObject) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox·yù¸—¤ø"Iÿÿÿÿė¤tD>yùG) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : xmllite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7387DD99)
[Address] EAT @explorer.exe (DllCanUnloadNow) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD2B3B)
[Address] EAT @explorer.exe (DllGetClassObject) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDE188E)
[Address] EAT @explorer.exe (DllGetVersion) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD2982)
[Address] EAT @explorer.exe (DllRegisterServer) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE67DC5)
[Address] EAT @explorer.exe (DllUnregisterServer) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6818F)
[Address] EAT @explorer.exe (Migrate10CachedPackagesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6C744)
[Address] EAT @explorer.exe (Migrate10CachedPackagesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6E1AC)
[Address] EAT @explorer.exe (MsiAdvertiseProductA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7257F)
[Address] EAT @explorer.exe (MsiAdvertiseProductExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE727D7)
[Address] EAT @explorer.exe (MsiAdvertiseProductExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6D6C1)
[Address] EAT @explorer.exe (MsiAdvertiseProductW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6D46F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE78A3F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7B641)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE85903)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81057)
[Address] EAT @explorer.exe (MsiApplyPatchA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE72D5D)
[Address] EAT @explorer.exe (MsiApplyPatchW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6D943)
[Address] EAT @explorer.exe (MsiBeginTransactionA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE89441)
[Address] EAT @explorer.exe (MsiBeginTransactionW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE839D4)
[Address] EAT @explorer.exe (MsiCloseAllHandles) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE900C3)
[Address] EAT @explorer.exe (MsiCloseHandle) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90015)
[Address] EAT @explorer.exe (MsiCollectUserInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71C3A)
[Address] EAT @explorer.exe (MsiCollectUserInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6D16F)
[Address] EAT @explorer.exe (MsiConfigureFeatureA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71D5A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7D70A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7E41B)
[Address] EAT @explorer.exe (MsiConfigureFeatureW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6D2B7)
[Address] EAT @explorer.exe (MsiConfigureProductA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F256)
[Address] EAT @explorer.exe (MsiConfigureProductExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7DACA)
[Address] EAT @explorer.exe (MsiConfigureProductExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7E891)
[Address] EAT @explorer.exe (MsiConfigureProductW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F581)
[Address] EAT @explorer.exe (MsiCreateAndVerifyInstallerDirectory) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEB2E1)
[Address] EAT @explorer.exe (MsiCreateRecord) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91514)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE955D1)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE948EF)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE948A9)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91397)
[Address] EAT @explorer.exe (MsiDatabaseCommit) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90DEB)
[Address] EAT @explorer.exe (MsiDatabaseExportA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE94792)
[Address] EAT @explorer.exe (MsiDatabaseExportW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91008)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9485D)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91270)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE945FD)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93C54)
[Address] EAT @explorer.exe (MsiDatabaseImportA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9472E)
[Address] EAT @explorer.exe (MsiDatabaseImportW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90F1E)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE94643)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90C8F)
[Address] EAT @explorer.exe (MsiDatabaseMergeA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE94817)
[Address] EAT @explorer.exe (MsiDatabaseMergeW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91111)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE945B7)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE902B7)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7DA7B)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDC6286)
[Address] EAT @explorer.exe (MsiDeleteUserDataA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7A367)
[Address] EAT @explorer.exe (MsiDeleteUserDataW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE769EB)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8D4C5)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8C559)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8D9D9)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8C9E1)
[Address] EAT @explorer.exe (MsiDoActionA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9613D)
[Address] EAT @explorer.exe (MsiDoActionW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92D61)
[Address] EAT @explorer.exe (MsiEnableLogA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7189B)
[Address] EAT @explorer.exe (MsiEnableLogW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6FBE9)
[Address] EAT @explorer.exe (MsiEnableUIPreview) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE939CD)
[Address] EAT @explorer.exe (MsiEndTransaction) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE83E11)
[Address] EAT @explorer.exe (MsiEnumClientsA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEEC96)
[Address] EAT @explorer.exe (MsiEnumClientsExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE85D6E)
[Address] EAT @explorer.exe (MsiEnumClientsExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE813A7)
[Address] EAT @explorer.exe (MsiEnumClientsW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD3647)
[Address] EAT @explorer.exe (MsiEnumComponentCostsA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97847)
[Address] EAT @explorer.exe (MsiEnumComponentCostsW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97A95)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7CD6D)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD384D)
[Address] EAT @explorer.exe (MsiEnumComponentsA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE791B9)
[Address] EAT @explorer.exe (MsiEnumComponentsExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE85B08)
[Address] EAT @explorer.exe (MsiEnumComponentsExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8121D)
[Address] EAT @explorer.exe (MsiEnumComponentsW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7BA57)
[Address] EAT @explorer.exe (MsiEnumFeaturesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE79C04)
[Address] EAT @explorer.exe (MsiEnumFeaturesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7C259)
[Address] EAT @explorer.exe (MsiEnumPatchesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE897EB)
[Address] EAT @explorer.exe (MsiEnumPatchesExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE84897)
[Address] EAT @explorer.exe (MsiEnumPatchesExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE80E79)
[Address] EAT @explorer.exe (MsiEnumPatchesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8468E)
[Address] EAT @explorer.exe (MsiEnumProductsA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE79175)
[Address] EAT @explorer.exe (MsiEnumProductsExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE86313)
[Address] EAT @explorer.exe (MsiEnumProductsExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81729)
[Address] EAT @explorer.exe (MsiEnumProductsW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD559D)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE79109)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7B9EB)
[Address] EAT @explorer.exe (MsiEvaluateConditionA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE961C6)
[Address] EAT @explorer.exe (MsiEvaluateConditionW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE930C1)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE84FAE)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE84C22)
[Address] EAT @explorer.exe (MsiFormatRecordA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92A73)
[Address] EAT @explorer.exe (MsiFormatRecordW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92BF9)
[Address] EAT @explorer.exe (MsiGetActiveDatabase) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92639)
[Address] EAT @explorer.exe (MsiGetComponentPathA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7EEBD)
[Address] EAT @explorer.exe (MsiGetComponentPathExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE86053)
[Address] EAT @explorer.exe (MsiGetComponentPathExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81559)
[Address] EAT @explorer.exe (MsiGetComponentPathW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDC62DD)
[Address] EAT @explorer.exe (MsiGetComponentStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE971E3)
[Address] EAT @explorer.exe (MsiGetComponentStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE972DC)
[Address] EAT @explorer.exe (MsiGetDatabaseState) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90ED9)
[Address] EAT @explorer.exe (MsiGetFeatureCostA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE975FD)
[Address] EAT @explorer.exe (MsiGetFeatureCostW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97702)
[Address] EAT @explorer.exe (MsiGetFeatureInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE70D1A)
[Address] EAT @explorer.exe (MsiGetFeatureInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6F5EE)
[Address] EAT @explorer.exe (MsiGetFeatureStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96CD5)
[Address] EAT @explorer.exe (MsiGetFeatureStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96DC3)
[Address] EAT @explorer.exe (MsiGetFeatureUsageA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7A111)
[Address] EAT @explorer.exe (MsiGetFeatureUsageW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7C9BD)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97CC5)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE936EC)
[Address] EAT @explorer.exe (MsiGetFileHashA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71214)
[Address] EAT @explorer.exe (MsiGetFileHashW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CA49)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7128C)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CA9F)
[Address] EAT @explorer.exe (MsiGetFileVersionA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE70EF8)
[Address] EAT @explorer.exe (MsiGetFileVersionW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE73D2F)
[Address] EAT @explorer.exe (MsiGetLanguage) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92727)
[Address] EAT @explorer.exe (MsiGetLastErrorRecord) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91D69)
[Address] EAT @explorer.exe (MsiGetMode) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9279F)
[Address] EAT @explorer.exe (MsiGetPatchFileListA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8D25D)
[Address] EAT @explorer.exe (MsiGetPatchFileListW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE88B6E)
[Address] EAT @explorer.exe (MsiGetPatchInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7A24F)
[Address] EAT @explorer.exe (MsiGetPatchInfoExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE855E9)
[Address] EAT @explorer.exe (MsiGetPatchInfoExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE85177)
[Address] EAT @explorer.exe (MsiGetPatchInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7CAFB)
[Address] EAT @explorer.exe (MsiGetProductCodeA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEEADC)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7ED5F)

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 13:15
od PavelPCHelp
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F353)
[Address] EAT @explorer.exe (MsiGetProductCodeW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEEE6C)
[Address] EAT @explorer.exe (MsiGetProductInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7D362)
[Address] EAT @explorer.exe (MsiGetProductInfoExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE865DE)
[Address] EAT @explorer.exe (MsiGetProductInfoExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE818FF)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE70880)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6F132)
[Address] EAT @explorer.exe (MsiGetProductInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD4273)
[Address] EAT @explorer.exe (MsiGetProductPropertyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE70B90)
[Address] EAT @explorer.exe (MsiGetProductPropertyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6F48B)
[Address] EAT @explorer.exe (MsiGetPropertyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9596D)
[Address] EAT @explorer.exe (MsiGetPropertyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE95BA3)
[Address] EAT @explorer.exe (MsiGetShortcutTargetA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE72A58)
[Address] EAT @explorer.exe (MsiGetShortcutTargetW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE74689)
[Address] EAT @explorer.exe (MsiGetSourcePathA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96209)
[Address] EAT @explorer.exe (MsiGetSourcePathW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9640D)
[Address] EAT @explorer.exe (MsiGetSummaryInformationA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE958BD)
[Address] EAT @explorer.exe (MsiGetSummaryInformationW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE94293)
[Address] EAT @explorer.exe (MsiGetTargetPathA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE965F5)
[Address] EAT @explorer.exe (MsiGetTargetPathW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE967F9)
[Address] EAT @explorer.exe (MsiGetUserInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE791FE)
[Address] EAT @explorer.exe (MsiGetUserInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEE466)
[Address] EAT @explorer.exe (MsiInstallMissingComponentA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE722C7)
[Address] EAT @explorer.exe (MsiInstallMissingComponentW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE743D9)
[Address] EAT @explorer.exe (MsiInstallMissingFileA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE72067)
[Address] EAT @explorer.exe (MsiInstallMissingFileW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE74179)
[Address] EAT @explorer.exe (MsiInstallProductA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7197E)
[Address] EAT @explorer.exe (MsiInstallProductW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CE4B)
[Address] EAT @explorer.exe (MsiInvalidateFeatureCache) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE2D1D3)
[Address] EAT @explorer.exe (MsiIsProductElevatedA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE73306)
[Address] EAT @explorer.exe (MsiIsProductElevatedW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE74A5D)
[Address] EAT @explorer.exe (MsiJoinTransaction) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE83FEB)
[Address] EAT @explorer.exe (MsiLoadStringA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7141F)
[Address] EAT @explorer.exe (MsiLoadStringW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDDAE09)
[Address] EAT @explorer.exe (MsiLocateComponentA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F19F)
[Address] EAT @explorer.exe (MsiLocateComponentW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F4CA)
[Address] EAT @explorer.exe (MsiMessageBoxA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE716DA)
[Address] EAT @explorer.exe (MsiMessageBoxExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71528)
[Address] EAT @explorer.exe (MsiMessageBoxExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CCB1)
[Address] EAT @explorer.exe (MsiMessageBoxW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CE24)
[Address] EAT @explorer.exe (MsiNotifySidChangeA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7A306)
[Address] EAT @explorer.exe (MsiNotifySidChangeW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7501B)
[Address] EAT @explorer.exe (MsiOpenDatabaseA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE94691)
[Address] EAT @explorer.exe (MsiOpenDatabaseW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93D8D)
[Address] EAT @explorer.exe (MsiOpenPackageA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6EDC0)
[Address] EAT @explorer.exe (MsiOpenPackageExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6C63E)
[Address] EAT @explorer.exe (MsiOpenPackageExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6C8E9)
[Address] EAT @explorer.exe (MsiOpenPackageW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6F7AB)
[Address] EAT @explorer.exe (MsiOpenProductA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE78BF2)
[Address] EAT @explorer.exe (MsiOpenProductW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7B857)
[Address] EAT @explorer.exe (MsiPreviewBillboardA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97D4E)
[Address] EAT @explorer.exe (MsiPreviewBillboardW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93AEA)
[Address] EAT @explorer.exe (MsiPreviewDialogA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97D0B)
[Address] EAT @explorer.exe (MsiPreviewDialogW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93A96)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7CBB2)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7DF39)
[Address] EAT @explorer.exe (MsiProcessMessage) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92F51)
[Address] EAT @explorer.exe (MsiProvideAssemblyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7FD5D)
[Address] EAT @explorer.exe (MsiProvideAssemblyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE80765)
[Address] EAT @explorer.exe (MsiProvideComponentA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F7B9)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7FAB3)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD4F84)
[Address] EAT @explorer.exe (MsiProvideComponentW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8030C)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDEC385)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDED411)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDC8A47)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDC8C86)
[Address] EAT @explorer.exe (MsiQueryComponentStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8687C)
[Address] EAT @explorer.exe (MsiQueryComponentStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81AE1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F6F1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE86A94)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81CD9)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7FC02)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8057D)
[Address] EAT @explorer.exe (MsiQueryFeatureStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDC617D)
[Address] EAT @explorer.exe (MsiQueryProductStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7D45D)
[Address] EAT @explorer.exe (MsiQueryProductStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD49FE)
[Address] EAT @explorer.exe (MsiRecordClearData) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91D27)
[Address] EAT @explorer.exe (MsiRecordDataSize) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE916E5)
[Address] EAT @explorer.exe (MsiRecordGetFieldCount) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91916)
[Address] EAT @explorer.exe (MsiRecordGetInteger) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE918B5)
[Address] EAT @explorer.exe (MsiRecordGetStringA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93F1D)
[Address] EAT @explorer.exe (MsiRecordGetStringW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE940CC)
[Address] EAT @explorer.exe (MsiRecordIsNull) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE915F5)
[Address] EAT @explorer.exe (MsiRecordReadStream) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91B6D)
[Address] EAT @explorer.exe (MsiRecordSetInteger) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE917C2)
[Address] EAT @explorer.exe (MsiRecordSetStreamA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE95877)
[Address] EAT @explorer.exe (MsiRecordSetStreamW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91A03)
[Address] EAT @explorer.exe (MsiRecordSetStringA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9561D)
[Address] EAT @explorer.exe (MsiRecordSetStringW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9572E)
[Address] EAT @explorer.exe (MsiReinstallFeatureA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71EDE)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7D8C2)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7E657)
[Address] EAT @explorer.exe (MsiReinstallFeatureW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD8C24)
[Address] EAT @explorer.exe (MsiReinstallProductA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE71AFE)
[Address] EAT @explorer.exe (MsiReinstallProductW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6CFF1)
[Address] EAT @explorer.exe (MsiRemovePatchesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE89606)
[Address] EAT @explorer.exe (MsiRemovePatchesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE83702)
[Address] EAT @explorer.exe (MsiSequenceA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96180)
[Address] EAT @explorer.exe (MsiSequenceW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92E4B)
[Address] EAT @explorer.exe (MsiSetComponentStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE973EB)
[Address] EAT @explorer.exe (MsiSetComponentStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE974E5)
[Address] EAT @explorer.exe (MsiSetExternalUIA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6C72F)
[Address] EAT @explorer.exe (MsiSetExternalUIRecord) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8336B)
[Address] EAT @explorer.exe (MsiSetExternalUIW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD4E86)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE97001)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE970B4)
[Address] EAT @explorer.exe (MsiSetFeatureStateA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96E2D)
[Address] EAT @explorer.exe (MsiSetFeatureStateW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96EDF)
[Address] EAT @explorer.exe (MsiSetInstallLevel) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93424)
[Address] EAT @explorer.exe (MsiSetInternalUI) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD4FE6)
[Address] EAT @explorer.exe (MsiSetMode) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE928BB)
[Address] EAT @explorer.exe (MsiSetOfflineContextW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE98485)
[Address] EAT @explorer.exe (MsiSetPropertyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE95DC1)
[Address] EAT @explorer.exe (MsiSetPropertyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE95F85)
[Address] EAT @explorer.exe (MsiSetTargetPathA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE969DD)
[Address] EAT @explorer.exe (MsiSetTargetPathW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE96B61)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87136)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82165)
[Address] EAT @explorer.exe (MsiSourceListAddSourceA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE73037)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE86F13)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE81F43)
[Address] EAT @explorer.exe (MsiSourceListAddSourceW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6DC51)
[Address] EAT @explorer.exe (MsiSourceListClearAllA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE72EF0)
[Address] EAT @explorer.exe (MsiSourceListClearAllExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87875)
[Address] EAT @explorer.exe (MsiSourceListClearAllExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8281B)
[Address] EAT @explorer.exe (MsiSourceListClearAllW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6DAEB)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8764A)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8260D)
[Address] EAT @explorer.exe (MsiSourceListClearSourceA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87436)
[Address] EAT @explorer.exe (MsiSourceListClearSourceW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82405)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE8834E)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE831B5)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87C4B)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82C07)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE731B8)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87A6C)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82A09)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6DDDB)
[Address] EAT @explorer.exe (MsiSourceListGetInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE87E30)
[Address] EAT @explorer.exe (MsiSourceListGetInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82DB5)
[Address] EAT @explorer.exe (MsiSourceListSetInfoA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE880F8)
[Address] EAT @explorer.exe (MsiSourceListSetInfoW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE82FAB)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE921B9)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyCount) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91E3D)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9238B)
[Address] EAT @explorer.exe (MsiSummaryInfoPersist) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE92551)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE95906)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE91F2B)
[Address] EAT @explorer.exe (MsiUseFeatureA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE80D83)
[Address] EAT @explorer.exe (MsiUseFeatureExA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE7F9E8)
[Address] EAT @explorer.exe (MsiUseFeatureExW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD4D3A)
[Address] EAT @explorer.exe (MsiUseFeatureW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE80DA0)
[Address] EAT @explorer.exe (MsiVerifyDiskSpace) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE93863)
[Address] EAT @explorer.exe (MsiVerifyPackageA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE707AA)
[Address] EAT @explorer.exe (MsiVerifyPackageW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE6F097)
[Address] EAT @explorer.exe (MsiViewClose) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90BAF)
[Address] EAT @explorer.exe (MsiViewExecute) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9070F)
[Address] EAT @explorer.exe (MsiViewFetch) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90833)
[Address] EAT @explorer.exe (MsiViewGetColumnInfo) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE90A91)
[Address] EAT @explorer.exe (MsiViewGetErrorA) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE903F1)
[Address] EAT @explorer.exe (MsiViewGetErrorW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE905CE)
[Address] EAT @explorer.exe (MsiViewModify) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FE9093F)
[Address] EAT @explorer.exe (QueryInstanceCount) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x6FDD2B2A)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Disková jednotka +++++
--- User ---
[MBR] 18c01380f9ffb6b2c0f3789157ef0c6e
[BSP] b65fb8ea2e6ba4bc1ee055c693cd0721 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238473 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04182014_130953.txt >>

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 18:45
od jaro3
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:název souboru, zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Re: Prosím o kontrolu logu

Napsal: 18 dub 2014 19:32
od PavelPCHelp
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pavel [Práva správce]
Mód : Odebrat -- Datum : 04/18/2014 19:28:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP UNIC] {0161FBB9-F34C-4314-92C3-86781C6AE625} : C:\Program Files\Uplnek\Úplněk.exe [-] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (GdipAddPathArc) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738174C6)
[Address] EAT @explorer.exe (GdipAddPathArcI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817599)
[Address] EAT @explorer.exe (GdipAddPathBezier) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381760F)
[Address] EAT @explorer.exe (GdipAddPathBezierI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738176F4)
[Address] EAT @explorer.exe (GdipAddPathBeziers) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817778)
[Address] EAT @explorer.exe (GdipAddPathBeziersI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817838)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817F15)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738180DE)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738181A5)
[Address] EAT @explorer.exe (GdipAddPathClosedCurveI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817FD5)
[Address] EAT @explorer.exe (GdipAddPathCurve) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817941)
[Address] EAT @explorer.exe (GdipAddPathCurve2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817B2D)
[Address] EAT @explorer.exe (GdipAddPathCurve2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817BFB)
[Address] EAT @explorer.exe (GdipAddPathCurve3) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817D2E)
[Address] EAT @explorer.exe (GdipAddPathCurve3I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817DFF)
[Address] EAT @explorer.exe (GdipAddPathCurveI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817A01)
[Address] EAT @explorer.exe (GdipAddPathEllipse) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738185A8)
[Address] EAT @explorer.exe (GdipAddPathEllipseI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818667)
[Address] EAT @explorer.exe (GdipAddPathLine) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738171D4)
[Address] EAT @explorer.exe (GdipAddPathLine2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738172FD)
[Address] EAT @explorer.exe (GdipAddPathLine2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738173BD)
[Address] EAT @explorer.exe (GdipAddPathLineI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73817295)
[Address] EAT @explorer.exe (GdipAddPathPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738189E1)
[Address] EAT @explorer.exe (GdipAddPathPie) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738186CF)
[Address] EAT @explorer.exe (GdipAddPathPieI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738187A2)
[Address] EAT @explorer.exe (GdipAddPathPolygon) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818818)
[Address] EAT @explorer.exe (GdipAddPathPolygonI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738188D8)
[Address] EAT @explorer.exe (GdipAddPathRectangle) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738182B5)
[Address] EAT @explorer.exe (GdipAddPathRectangleI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818376)
[Address] EAT @explorer.exe (GdipAddPathRectangles) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738183DE)
[Address] EAT @explorer.exe (GdipAddPathRectanglesI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381849E)
[Address] EAT @explorer.exe (GdipAddPathString) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818A8A)
[Address] EAT @explorer.exe (GdipAddPathStringI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818C03)
[Address] EAT @explorer.exe (GdipAlloc) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738324CB)
[Address] EAT @explorer.exe (GdipBeginContainer) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73830E5E)
[Address] EAT @explorer.exe (GdipBeginContainer2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73830F5F)
[Address] EAT @explorer.exe (GdipBeginContainerI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73831023)
[Address] EAT @explorer.exe (GdipBitmapApplyEffect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73827307)
[Address] EAT @explorer.exe (GdipBitmapConvertFormat) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382709C)
[Address] EAT @explorer.exe (GdipBitmapCreateApplyEffect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382726A)
[Address] EAT @explorer.exe (GdipBitmapGetHistogram) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738273BB)
[Address] EAT @explorer.exe (GdipBitmapGetHistogramSize) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73827490)
[Address] EAT @explorer.exe (GdipBitmapGetPixel) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826CFA)
[Address] EAT @explorer.exe (GdipBitmapLockBits) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826B83)
[Address] EAT @explorer.exe (GdipBitmapSetPixel) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826DC0)
[Address] EAT @explorer.exe (GdipBitmapSetResolution) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382762F)
[Address] EAT @explorer.exe (GdipBitmapUnlockBits) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826C43)
[Address] EAT @explorer.exe (GdipClearPathMarkers) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73816FD4)
[Address] EAT @explorer.exe (GdipCloneBitmapArea) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836C2A)
[Address] EAT @explorer.exe (GdipCloneBitmapAreaI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826A8F)
[Address] EAT @explorer.exe (GdipCloneBrush) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381D87E)
[Address] EAT @explorer.exe (GdipCloneCustomLineCap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73822EB5)
[Address] EAT @explorer.exe (GdipCloneFont) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73832FAC)
[Address] EAT @explorer.exe (GdipCloneFontFamily) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73832A1B)
[Address] EAT @explorer.exe (GdipCloneImage) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73824C90)
[Address] EAT @explorer.exe (GdipCloneImageAttributes) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738277B1)
[Address] EAT @explorer.exe (GdipCloneMatrix) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381AA39)
[Address] EAT @explorer.exe (GdipClonePath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381651A)
[Address] EAT @explorer.exe (GdipClonePen) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73820B54)
[Address] EAT @explorer.exe (GdipCloneRegion) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BEC7)
[Address] EAT @explorer.exe (GdipCloneStringFormat) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833F8B)
[Address] EAT @explorer.exe (GdipClosePathFigure) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73816DEB)
[Address] EAT @explorer.exe (GdipClosePathFigures) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73816E8E)
[Address] EAT @explorer.exe (GdipCombineRegionPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381C310)
[Address] EAT @explorer.exe (GdipCombineRegionRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381C1BC)
[Address] EAT @explorer.exe (GdipCombineRegionRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381C293)
[Address] EAT @explorer.exe (GdipCombineRegionRegion) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381C43E)
[Address] EAT @explorer.exe (GdipComment) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7383325C)
[Address] EAT @explorer.exe (GdipConvertToEmfPlus) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834F0F)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToFile) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834FEF)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToStream) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738350E3)
[Address] EAT @explorer.exe (GdipCreateAdjustableArrowCap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836B65)
[Address] EAT @explorer.exe (GdipCreateBitmapFromDirectDrawSurface) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826518)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFile) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73825EB5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFileICM) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826151)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGdiDib) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826605)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGraphics) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738263C5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHBITMAP) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826707)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHICON) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826885)
[Address] EAT @explorer.exe (GdipCreateBitmapFromResource) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826917)
[Address] EAT @explorer.exe (GdipCreateBitmapFromScan0) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738262A0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStream) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73825D68)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStreamICM) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826003)
[Address] EAT @explorer.exe (GdipCreateCachedBitmap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834A81)
[Address] EAT @explorer.exe (GdipCreateCustomLineCap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73822CCB)
[Address] EAT @explorer.exe (GdipCreateEffect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826E69)
[Address] EAT @explorer.exe (GdipCreateFont) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738327CA)
[Address] EAT @explorer.exe (GdipCreateFontFamilyFromName) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73832590)
[Address] EAT @explorer.exe (GdipCreateFontFromDC) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833636)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontA) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833730)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontW) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833833)
[Address] EAT @explorer.exe (GdipCreateFromHDC) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73828301)
[Address] EAT @explorer.exe (GdipCreateFromHDC2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738283AB)
[Address] EAT @explorer.exe (GdipCreateFromHWND) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73828456)
[Address] EAT @explorer.exe (GdipCreateFromHWNDICM) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73828500)
[Address] EAT @explorer.exe (GdipCreateHBITMAPFromBitmap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382679C)
[Address] EAT @explorer.exe (GdipCreateHICONFromBitmap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738269AC)
[Address] EAT @explorer.exe (GdipCreateHalftonePalette) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834D8C)
[Address] EAT @explorer.exe (GdipCreateHatchBrush) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738362CA)
[Address] EAT @explorer.exe (GdipCreateImageAttributes) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738276DE)
[Address] EAT @explorer.exe (GdipCreateLineBrush) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381DFFA)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381E1BF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381E2AF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngle) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381E377)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngleI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381E46E)
[Address] EAT @explorer.exe (GdipCreateLineBrushI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381E0F0)
[Address] EAT @explorer.exe (GdipCreateMatrix) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381A68E)
[Address] EAT @explorer.exe (GdipCreateMatrix2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381A744)
[Address] EAT @explorer.exe (GdipCreateMatrix3) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381A884)
[Address] EAT @explorer.exe (GdipCreateMatrix3I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381A94C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromEmf) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7383153C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromFile) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73831614)
[Address] EAT @explorer.exe (GdipCreateMetafileFromStream) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738317C3)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmf) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7383145F)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmfFile) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738316EB)
[Address] EAT @explorer.exe (GdipCreatePath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738361D9)
[Address] EAT @explorer.exe (GdipCreatePath2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381627E)
[Address] EAT @explorer.exe (GdipCreatePath2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381634F)
[Address] EAT @explorer.exe (GdipCreatePathGradient) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836893)
[Address] EAT @explorer.exe (GdipCreatePathGradientFromPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836AA7)
[Address] EAT @explorer.exe (GdipCreatePathGradientI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836955)
[Address] EAT @explorer.exe (GdipCreatePathIter) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73819AB7)
[Address] EAT @explorer.exe (GdipCreatePen1) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738208D0)
[Address] EAT @explorer.exe (GdipCreatePen2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73820A01)
[Address] EAT @explorer.exe (GdipCreateRegion) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381B9CE)
[Address] EAT @explorer.exe (GdipCreateRegionHrgn) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BDF8)
[Address] EAT @explorer.exe (GdipCreateRegionPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BBF4)
[Address] EAT @explorer.exe (GdipCreateRegionRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BA87)
[Address] EAT @explorer.exe (GdipCreateRegionRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BB49)
[Address] EAT @explorer.exe (GdipCreateRegionRgnData) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BD16)
[Address] EAT @explorer.exe (GdipCreateSolidFill) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7383707F)
[Address] EAT @explorer.exe (GdipCreateStreamOnFile) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73815877)
[Address] EAT @explorer.exe (GdipCreateStringFormat) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833DC1)
[Address] EAT @explorer.exe (GdipCreateTexture) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738363AB)
[Address] EAT @explorer.exe (GdipCreateTexture2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738364CD)
[Address] EAT @explorer.exe (GdipCreateTexture2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738367B9)
[Address] EAT @explorer.exe (GdipCreateTextureIA) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7383660F)
[Address] EAT @explorer.exe (GdipCreateTextureIAI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836859)
[Address] EAT @explorer.exe (GdipDeleteBrush) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381D958)
[Address] EAT @explorer.exe (GdipDeleteCachedBitmap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834BEC)
[Address] EAT @explorer.exe (GdipDeleteCustomLineCap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73823069)
[Address] EAT @explorer.exe (GdipDeleteEffect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73826EFA)
[Address] EAT @explorer.exe (GdipDeleteFont) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833065)
[Address] EAT @explorer.exe (GdipDeleteFontFamily) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73832922)
[Address] EAT @explorer.exe (GdipDeleteGraphics) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738285AA)
[Address] EAT @explorer.exe (GdipDeleteMatrix) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381AB0E)
[Address] EAT @explorer.exe (GdipDeletePath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738165EE)
[Address] EAT @explorer.exe (GdipDeletePathIter) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73819B70)
[Address] EAT @explorer.exe (GdipDeletePen) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73820C2B)
[Address] EAT @explorer.exe (GdipDeletePrivateFontCollection) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833A7D)
[Address] EAT @explorer.exe (GdipDeleteRegion) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381BFE6)
[Address] EAT @explorer.exe (GdipDeleteStringFormat) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834036)
[Address] EAT @explorer.exe (GdipDisposeImage) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73824D5E)
[Address] EAT @explorer.exe (GdipDisposeImageAttributes) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382787F)
[Address] EAT @explorer.exe (GdipDrawArc) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A4A5)
[Address] EAT @explorer.exe (GdipDrawArcI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A5DF)
[Address] EAT @explorer.exe (GdipDrawBezier) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A658)
[Address] EAT @explorer.exe (GdipDrawBezierI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A7A0)
[Address] EAT @explorer.exe (GdipDrawBeziers) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A827)
[Address] EAT @explorer.exe (GdipDrawBeziersI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A951)
[Address] EAT @explorer.exe (GdipDrawCachedBitmap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834C86)
[Address] EAT @explorer.exe (GdipDrawClosedCurve) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BC79)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BEBC)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BFED)
[Address] EAT @explorer.exe (GdipDrawClosedCurveI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BDA3)
[Address] EAT @explorer.exe (GdipDrawCurve) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B581)
[Address] EAT @explorer.exe (GdipDrawCurve2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B7C4)
[Address] EAT @explorer.exe (GdipDrawCurve2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B8FC)
[Address] EAT @explorer.exe (GdipDrawCurve3) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BA1C)
[Address] EAT @explorer.exe (GdipDrawCurve3I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382BB53)
[Address] EAT @explorer.exe (GdipDrawCurveI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B6AB)
[Address] EAT @explorer.exe (GdipDrawDriverString) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382DA1A)
[Address] EAT @explorer.exe (GdipDrawEllipse) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382AE82)
[Address] EAT @explorer.exe (GdipDrawEllipseI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382AFA6)
[Address] EAT @explorer.exe (GdipDrawImage) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382DF1E)
[Address] EAT @explorer.exe (GdipDrawImageFX) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382EB79)
[Address] EAT @explorer.exe (GdipDrawImageI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E099)
[Address] EAT @explorer.exe (GdipDrawImagePointRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E553)
[Address] EAT @explorer.exe (GdipDrawImagePointRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E6EF)
[Address] EAT @explorer.exe (GdipDrawImagePoints) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E2BF)
[Address] EAT @explorer.exe (GdipDrawImagePointsI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E417)
[Address] EAT @explorer.exe (GdipDrawImagePointsRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E78B)
[Address] EAT @explorer.exe (GdipDrawImagePointsRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E9EA)
[Address] EAT @explorer.exe (GdipDrawImageRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E0F5)
[Address] EAT @explorer.exe (GdipDrawImageRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382E254)
[Address] EAT @explorer.exe (GdipDrawImageRectRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836CAE)
[Address] EAT @explorer.exe (GdipDrawImageRectRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73836F04)
[Address] EAT @explorer.exe (GdipDrawLine) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A0D1)
[Address] EAT @explorer.exe (GdipDrawLineI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A1F5)
[Address] EAT @explorer.exe (GdipDrawLines) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A260)
[Address] EAT @explorer.exe (GdipDrawLinesI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382A38C)
[Address] EAT @explorer.exe (GdipDrawPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B407)
[Address] EAT @explorer.exe (GdipDrawPie) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B011)
[Address] EAT @explorer.exe (GdipDrawPieI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B14B)
[Address] EAT @explorer.exe (GdipDrawPolygon) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B1C4)
[Address] EAT @explorer.exe (GdipDrawPolygonI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382B2EE)
[Address] EAT @explorer.exe (GdipDrawRectangle) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382AA8D)
[Address] EAT @explorer.exe (GdipDrawRectangleI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382ABB1)
[Address] EAT @explorer.exe (GdipDrawRectangles) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382AC1C)
[Address] EAT @explorer.exe (GdipDrawRectanglesI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382AD46)
[Address] EAT @explorer.exe (GdipDrawString) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382D512)
[Address] EAT @explorer.exe (GdipEmfToWmfBits) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73834EB9)
[Address] EAT @explorer.exe (GdipEndContainer) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738310D0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoint) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382ECBA)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382EE6B)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoints) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F0F8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointsI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F2AC)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382EED3)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F084)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoint) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F417)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F5F7)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoints) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F8F5)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointsI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382FAD8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRect) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F680)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRectI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382F860)
[Address] EAT @explorer.exe (GdipFillClosedCurve) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CEEC)
[Address] EAT @explorer.exe (GdipFillClosedCurve2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382D13E)
[Address] EAT @explorer.exe (GdipFillClosedCurve2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382D275)
[Address] EAT @explorer.exe (GdipFillClosedCurveI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382D025)
[Address] EAT @explorer.exe (GdipFillEllipse) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CA23)
[Address] EAT @explorer.exe (GdipFillEllipseI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CB4E)
[Address] EAT @explorer.exe (GdipFillPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CD6F)
[Address] EAT @explorer.exe (GdipFillPie) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CBB9)
[Address] EAT @explorer.exe (GdipFillPieI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382CCF6)
[Address] EAT @explorer.exe (GdipFillPolygon) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C591)
[Address] EAT @explorer.exe (GdipFillPolygon2) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C7DD)
[Address] EAT @explorer.exe (GdipFillPolygon2I) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C90A)
[Address] EAT @explorer.exe (GdipFillPolygonI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C6C1)
[Address] EAT @explorer.exe (GdipFillRectangle) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C1B5)
[Address] EAT @explorer.exe (GdipFillRectangleI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C2E0)
[Address] EAT @explorer.exe (GdipFillRectangles) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C34B)
[Address] EAT @explorer.exe (GdipFillRectanglesI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382C478)
[Address] EAT @explorer.exe (GdipFillRegion) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7382D398)
[Address] EAT @explorer.exe (GdipFindFirstImageItem) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73825ABA)
[Address] EAT @explorer.exe (GdipFindNextImageItem) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73825B60)
[Address] EAT @explorer.exe (GdipFlattenPath) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73818C93)
[Address] EAT @explorer.exe (GdipFlush) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73828645)
[Address] EAT @explorer.exe (GdipFree) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73832546)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapFillState) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73823CA4)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapHeight) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73823897)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapMiddleInset) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73823B4D)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapWidth) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738239F2)
[Address] EAT @explorer.exe (GdipGetAllPropertyItems) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73824AB3)
[Address] EAT @explorer.exe (GdipGetBrushType) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x7381D9F5)
[Address] EAT @explorer.exe (GdipGetCellAscent) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73833456)
[Address] EAT @explorer.exe (GdipGetCellDescent) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738334F6)
[Address] EAT @explorer.exe (GdipGetClip) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738304CC)
[Address] EAT @explorer.exe (GdipGetClipBounds) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738305C4)
[Address] EAT @explorer.exe (GdipGetClipBoundsI) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73830677)
[Address] EAT @explorer.exe (GdipGetCompositingMode) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738288EF)
[Address] EAT @explorer.exe (GdipGetCompositingQuality) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73828A3F)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseCap) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73823485)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseInset) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x738235DC)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeCaps) : XmlLite.dll -> HOOKED (C:\Windows\WinSxS
Časové pásmo: UTC+02:00
Stránka 1 z 3
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/