preventivní kontrola logu - HijackThis

hoplus1 · Příspěvekod **hoplus1** » 02 kvě 2014 21:04

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Tuhle chybu myslím, na konci logu jsem uviděl více podobných řádků. Je tam napsáno Error - znamená to, že tam je problém, nebo ne?

Reklama

Příspěvekod **Orcus** » 03 kvě 2014 11:26

Ne, jde o čtečku karet. A ta když je prázdná, tak tam logicky RK nemůže nic najít. Nemusíš si s tím lámat hlavu. :smile:

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 13:01

Moc díky, dnes odpoledne půjdu k pc a vložím logy z těch dalších dvou programů.

Příspěvekod **Orcus** » 03 kvě 2014 19:13

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:14

Tak, konečně jsem se dostal k PC. Odpojil jsem síťový kabel, když jsem musel vypnout antivirák - aby se mi PC nenakazil.
Zjistil jsem, že jsem měl použít podruhé program, co jsem předtím už použil - RogueKiller (použil jsem ho i po druhé) - proč psem měl použití opakovat?
Tady je log z TDSSKilleru:

20:04:03.0912 1616 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:04:03.0943 1616 ============================================================
20:04:03.0943 1616 Current date / time: 2014/05/03 20:04:03.0943
20:04:03.0943 1616 SystemInfo:
20:04:03.0943 1616
20:04:03.0943 1616 OS Version: 6.2.9200 ServicePack: 0.0
20:04:03.0943 1616 Product type: Workstation
20:04:03.0943 1616 ComputerName: IVO-PC
20:04:03.0943 1616 UserName: Ivo
20:04:03.0943 1616 Windows directory: C:\WINDOWS
20:04:03.0943 1616 System windows directory: C:\WINDOWS
20:04:03.0943 1616 Running under WOW64
20:04:03.0943 1616 Processor architecture: Intel x64
20:04:03.0943 1616 Number of processors: 4
20:04:03.0943 1616 Page size: 0x1000
20:04:03.0943 1616 Boot type: Normal boot
20:04:03.0943 1616 ============================================================
20:04:04.0115 1616 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:04:04.0115 1616 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:04:04.0146 1616 ============================================================
20:04:04.0146 1616 \Device\Harddisk0\DR0:
20:04:04.0146 1616 MBR partitions:
20:04:04.0146 1616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAFFED
20:04:04.0146 1616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB07ED, BlocksNum 0x6F1B743
20:04:04.0146 1616 \Device\Harddisk1\DR1:
20:04:04.0146 1616 MBR partitions:
20:04:04.0146 1616 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705591
20:04:04.0146 1616 ============================================================
20:04:04.0146 1616 C: <-> \Device\Harddisk0\DR0\Partition2
20:04:04.0162 1616 D: <-> \Device\Harddisk1\DR1\Partition1
20:04:04.0162 1616 ============================================================
20:04:04.0162 1616 Initialize success
20:04:04.0162 1616 ============================================================
20:04:15.0412 5040 ============================================================
20:04:15.0412 5040 Scan started
20:04:15.0412 5040 Mode: Manual;
20:04:15.0412 5040 ============================================================
20:04:15.0553 5040 ================ Scan system memory ========================
20:04:15.0553 5040 System memory - ok
20:04:15.0553 5040 ================ Scan services =============================
20:04:15.0600 5040 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:04:15.0600 5040 1394ohci - ok
20:04:15.0616 5040 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:04:15.0616 5040 3ware - ok
20:04:15.0631 5040 [ 9539F7917B4B6D92C90F0FAA6B86C605 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:04:15.0631 5040 ACPI - ok
20:04:15.0631 5040 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:04:15.0631 5040 acpiex - ok
20:04:15.0631 5040 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:04:15.0647 5040 acpipagr - ok
20:04:15.0647 5040 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:04:15.0647 5040 AcpiPmi - ok
20:04:15.0647 5040 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:04:15.0647 5040 acpitime - ok
20:04:15.0662 5040 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:04:15.0662 5040 ADP80XX - ok
20:04:15.0709 5040 [ 6C856C581ACE1785CE3FC2414E9859A3 ] AdvancedSystemCareService7 D:\Program Files\Advanced SystemCare 7.2\ASCService.exe
20:04:15.0709 5040 AdvancedSystemCareService7 - ok
20:04:15.0709 5040 [ 0F17D49BE041B7EFF1D33BF1414E7AC6 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:04:15.0709 5040 AeLookupSvc - ok
20:04:15.0725 5040 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:04:15.0725 5040 AFD - ok
20:04:15.0725 5040 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:04:15.0725 5040 agp440 - ok
20:04:15.0725 5040 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:04:15.0725 5040 ahcache - ok
20:04:15.0741 5040 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
20:04:15.0741 5040 ALG - ok
20:04:15.0741 5040 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:04:15.0741 5040 AmdK8 - ok
20:04:15.0741 5040 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:04:15.0741 5040 AmdPPM - ok
20:04:15.0741 5040 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:04:15.0741 5040 amdsata - ok
20:04:15.0756 5040 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:04:15.0756 5040 amdsbs - ok
20:04:15.0756 5040 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:04:15.0756 5040 amdxata - ok
20:04:15.0756 5040 [ 3CF7A4350C9646D92F147D620EC0D363 ] androidusb C:\WINDOWS\System32\Drivers\ssadadb.sys
20:04:15.0756 5040 androidusb - ok
20:04:15.0756 5040 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:04:15.0756 5040 AppID - ok
20:04:15.0772 5040 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:04:15.0772 5040 AppIDSvc - ok
20:04:15.0772 5040 [ 8D6F535461F6CFF75A8ADDF83024C904 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:04:15.0772 5040 Appinfo - ok
20:04:15.0772 5040 [ CB12C47647D8BDAFAA94C0856B14128B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:04:15.0787 5040 AppReadiness - ok
20:04:15.0803 5040 [ F7529BD3FFAC9C33D15F6DE3B7353B03 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:04:15.0803 5040 AppXSvc - ok
20:04:15.0803 5040 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:04:15.0803 5040 arcsas - ok
20:04:15.0803 5040 [ 8BE618EB795A87DBFD1E09DA63F009C7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
20:04:15.0803 5040 aswMonFlt - ok
20:04:15.0819 5040 [ D4259F75734EBCC8D815753B09EB2F0A ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
20:04:15.0819 5040 aswRdr - ok
20:04:15.0819 5040 [ 8D4B8BF93C65BDBC133B20706A3B5208 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
20:04:15.0819 5040 aswRvrt - ok
20:04:15.0834 5040 [ AA0D1B47BE967E1E17301DDFB66C432C ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:04:15.0834 5040 aswSnx - ok
20:04:15.0834 5040 [ 15C6B7D20EE0E44A4DF82183A89CCFC2 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:04:15.0834 5040 aswSP - ok
20:04:15.0834 5040 [ 81FA56F29440406A7264CBD7B1C7CB29 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
20:04:15.0850 5040 aswStm - ok
20:04:15.0850 5040 [ 0606875650850B0697D662934529F6FC ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
20:04:15.0850 5040 aswVmm - ok
20:04:15.0850 5040 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:04:15.0850 5040 atapi - ok
20:04:15.0850 5040 [ F83D49F4B10E813A1F9AC8B92F16592D ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:04:15.0850 5040 AudioEndpointBuilder - ok
20:04:15.0866 5040 [ 9A71BD2E4B8EB550D0022AFDF8616014 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:04:15.0866 5040 Audiosrv - ok
20:04:15.0881 5040 [ BEA8D0FA8805CC2E6BB49728166699C7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:04:15.0881 5040 avast! Antivirus - ok
20:04:15.0881 5040 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:04:15.0881 5040 AxInstSV - ok
20:04:15.0881 5040 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:04:15.0881 5040 b06bdrv - ok
20:04:15.0897 5040 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:04:15.0897 5040 BasicDisplay - ok
20:04:15.0897 5040 [ 38A82F4EE8C416A6744B6D30381ED768 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:04:15.0897 5040 BasicRender - ok
20:04:15.0897 5040 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:04:15.0897 5040 bcmfn2 - ok
20:04:15.0897 5040 [ 5BD3A2351BEFCAC8757626271F8EFA89 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:04:15.0912 5040 BDESVC - ok
20:04:15.0912 5040 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:04:15.0912 5040 Beep - ok
20:04:15.0912 5040 [ BBE15881FE11BE37112F8320C41DAFB9 ] BFE C:\WINDOWS\System32\bfe.dll
20:04:15.0928 5040 BFE - ok
20:04:15.0928 5040 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
20:04:15.0944 5040 BITS - ok
20:04:15.0944 5040 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:04:15.0944 5040 bowser - ok
20:04:15.0944 5040 [ F2559A492AF8D653D1F47ADABA4C3E97 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:04:15.0959 5040 BrokerInfrastructure - ok
20:04:15.0959 5040 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
20:04:15.0959 5040 Browser - ok
20:04:15.0959 5040 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:04:15.0959 5040 BthAvrcpTg - ok
20:04:15.0959 5040 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:04:15.0959 5040 BthHFEnum - ok
20:04:15.0975 5040 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:04:15.0975 5040 bthhfhid - ok
20:04:15.0975 5040 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:04:15.0975 5040 BTHMODEM - ok
20:04:15.0975 5040 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
20:04:15.0975 5040 bthserv - ok
20:04:15.0975 5040 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:04:15.0975 5040 cdfs - ok
20:04:15.0991 5040 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:04:15.0991 5040 cdrom - ok
20:04:15.0991 5040 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:04:15.0991 5040 CertPropSvc - ok
20:04:15.0991 5040 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:04:15.0991 5040 circlass - ok
20:04:16.0006 5040 [ 179A41249055D5F039F1B6703F3B6D2B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:04:16.0006 5040 CLFS - ok
20:04:16.0006 5040 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:04:16.0006 5040 CmBatt - ok
20:04:16.0022 5040 [ 4627C1FBF2802425A408A2D2AF28CF85 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:04:16.0022 5040 CNG - ok
20:04:16.0022 5040 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:04:16.0022 5040 CompositeBus - ok
20:04:16.0022 5040 COMSysApp - ok
20:04:16.0037 5040 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:04:16.0037 5040 condrv - ok
20:04:16.0037 5040 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:04:16.0037 5040 CryptSvc - ok
20:04:16.0037 5040 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
20:04:16.0037 5040 dam - ok
20:04:16.0053 5040 [ 81979817943D830BF24571B7C1B28A1A ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:04:16.0053 5040 DcomLaunch - ok
20:04:16.0069 5040 [ 78089FCDE082FD4FA471C30A7C2DC736 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:04:16.0069 5040 defragsvc - ok
20:04:16.0069 5040 [ 8F387C2C99EE09C6E2AC316205F86A17 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:04:16.0084 5040 DeviceAssociationService - ok
20:04:16.0084 5040 [ BC6849C62DB407573C6AD8CB1A4D2628 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:04:16.0084 5040 DeviceInstall - ok
20:04:16.0084 5040 [ A03F362C5557E238CBFA914689C77248 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:04:16.0084 5040 Dfsc - ok
20:04:16.0100 5040 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:04:16.0100 5040 Dhcp - ok
20:04:16.0100 5040 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
20:04:16.0100 5040 disk - ok
20:04:16.0100 5040 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:04:16.0100 5040 dmvsc - ok
20:04:16.0116 5040 [ FE7656474448BE6A6C68E5C9BEB7CA94 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:04:16.0116 5040 Dnscache - ok
20:04:16.0116 5040 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:04:16.0116 5040 dot3svc - ok
20:04:16.0131 5040 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
20:04:16.0131 5040 DPS - ok
20:04:16.0131 5040 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:04:16.0131 5040 drmkaud - ok
20:04:16.0131 5040 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:04:16.0131 5040 DsmSvc - ok
20:04:16.0147 5040 [ C7D252742946DD395670649742FBD73D ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:04:16.0162 5040 DXGKrnl - ok
20:04:16.0162 5040 EagleX64 - ok
20:04:16.0162 5040 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:04:16.0162 5040 Eaphost - ok
20:04:16.0194 5040 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:04:16.0209 5040 ebdrv - ok
20:04:16.0209 5040 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
20:04:16.0209 5040 EFS - ok
20:04:16.0209 5040 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:04:16.0209 5040 EhStorClass - ok
20:04:16.0209 5040 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:04:16.0225 5040 EhStorTcgDrv - ok
20:04:16.0225 5040 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:04:16.0225 5040 ErrDev - ok
20:04:16.0225 5040 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
20:04:16.0225 5040 EventSystem - ok
20:04:16.0241 5040 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:04:16.0241 5040 exfat - ok
20:04:16.0241 5040 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:04:16.0241 5040 fastfat - ok
20:04:16.0256 5040 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
20:04:16.0256 5040 Fax - ok
20:04:16.0256 5040 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:04:16.0256 5040 fdc - ok
20:04:16.0256 5040 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:04:16.0256 5040 fdPHost - ok
20:04:16.0272 5040 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:04:16.0272 5040 FDResPub - ok
20:04:16.0272 5040 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:04:16.0272 5040 fhsvc - ok
20:04:16.0272 5040 [ BCFD8B149B3ADF92D0DB1E909CAF0265 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:04:16.0272 5040 FileInfo - ok
20:04:16.0287 5040 [ D409D4A4517865131999FAC96D366CBF ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
20:04:16.0287 5040 FileMonitor - ok
20:04:16.0287 5040 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:04:16.0287 5040 Filetrace - ok
20:04:16.0287 5040 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:04:16.0287 5040 flpydisk - ok
20:04:16.0287 5040 [ 46D1DF775FFF14585218BBE16E5B2C9A ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:04:16.0303 5040 FltMgr - ok
20:04:16.0303 5040 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
20:04:16.0319 5040 FontCache - ok
20:04:16.0319 5040 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:04:16.0319 5040 FontCache3.0.0.0 - ok
20:04:16.0319 5040 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:04:16.0319 5040 FsDepends - ok
20:04:16.0334 5040 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:04:16.0334 5040 Fs_Rec - ok
20:04:16.0334 5040 [ B2BD017231836DA9F63F41E3A075D73E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:04:16.0334 5040 fvevol - ok
20:04:16.0334 5040 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:04:16.0334 5040 FxPPM - ok
20:04:16.0350 5040 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:04:16.0350 5040 gagp30kx - ok
20:04:16.0350 5040 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:04:16.0350 5040 gencounter - ok
20:04:16.0350 5040 [ EF3AE7773394DF49CE74AF78A1C8D23D ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:04:16.0350 5040 GPIOClx0101 - ok
20:04:16.0366 5040 [ 58C11DCCC6241CC13861A559E31A69F0 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:04:16.0381 5040 gpsvc - ok
20:04:16.0381 5040 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:04:16.0381 5040 gupdate - ok
20:04:16.0381 5040 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:04:16.0381 5040 gupdatem - ok
20:04:16.0381 5040 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:04:16.0381 5040 HDAudBus - ok
20:04:16.0397 5040 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:04:16.0397 5040 HidBatt - ok
20:04:16.0397 5040 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:04:16.0397 5040 HidBth - ok
20:04:16.0397 5040 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:04:16.0397 5040 hidi2c - ok
20:04:16.0397 5040 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:04:16.0397 5040 HidIr - ok
20:04:16.0397 5040 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:04:16.0412 5040 hidserv - ok
20:04:16.0412 5040 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:04:16.0412 5040 HidUsb - ok
20:04:16.0412 5040 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:04:16.0412 5040 hkmsvc - ok
20:04:16.0412 5040 [ B471FC2E952F7D596BB4F00C0A2A7A51 ] hmip C:\WINDOWS\system32\Drivers\hmip64.sys
20:04:16.0412 5040 hmip - ok
20:04:16.0428 5040 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:04:16.0428 5040 HomeGroupListener - ok
20:04:16.0428 5040 [ 1A4DA1D6287B99033D144B436C23B656 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:04:16.0444 5040 HomeGroupProvider - ok
20:04:16.0444 5040 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:04:16.0444 5040 HpSAMD - ok
20:04:16.0459 5040 [ 9DDCA7F18983C5410DEFF79F819DF93C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:04:16.0459 5040 HTTP - ok
20:04:16.0459 5040 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:04:16.0459 5040 hwpolicy - ok
20:04:16.0459 5040 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:04:16.0459 5040 hyperkbd - ok
20:04:16.0459 5040 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:04:16.0459 5040 HyperVideo - ok
20:04:16.0475 5040 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:04:16.0475 5040 i8042prt - ok
20:04:16.0475 5040 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:04:16.0475 5040 iaLPSSi_GPIO - ok
20:04:16.0475 5040 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:04:16.0475 5040 iaLPSSi_I2C - ok
20:04:16.0491 5040 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:04:16.0491 5040 iaStorAV - ok
20:04:16.0491 5040 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:04:16.0491 5040 iaStorV - ok
20:04:16.0491 5040 IEEtwCollectorService - ok
20:04:16.0506 5040 [ CFE7F0267B0C3077042FF291949B5546 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:04:16.0522 5040 IKEEXT - ok
20:04:16.0522 5040 [ E38AC5D38C757EE5B6230A0C56791EE4 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
20:04:16.0522 5040 IMFservice - ok
20:04:16.0553 5040 [ ECA5E9DA350D2D21376260CD3602449A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:04:16.0569 5040 IntcAzAudAddService - ok
20:04:16.0569 5040 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:04:16.0569 5040 intelide - ok
20:04:16.0569 5040 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:04:16.0569 5040 intelpep - ok
20:04:16.0584 5040 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:04:16.0584 5040 intelppm - ok
20:04:16.0584 5040 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:04:16.0584 5040 IpFilterDriver - ok
20:04:16.0600 5040 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:04:16.0600 5040 iphlpsvc - ok
20:04:16.0600 5040 [ FD9C9E9E3F0ED51502C7E8C066BE26B9 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:04:16.0600 5040 IPMIDRV - ok
20:04:16.0600 5040 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:04:16.0600 5040 IPNAT - ok
20:04:16.0616 5040 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:04:16.0616 5040 IRENUM - ok
20:04:16.0616 5040 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:04:16.0616 5040 isapnp - ok
20:04:16.0616 5040 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:04:16.0616 5040 iScsiPrt - ok
20:04:16.0631 5040 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:04:16.0631 5040 kbdclass - ok
20:04:16.0631 5040 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:04:16.0631 5040 kbdhid - ok
20:04:16.0631 5040 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:04:16.0631 5040 kdnic - ok
20:04:16.0631 5040 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
20:04:16.0647 5040 KeyIso - ok
20:04:16.0647 5040 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:04:16.0647 5040 KSecDD - ok
20:04:16.0647 5040 [ F88CC88F4A6D8476F1664E805CA18CC2 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:04:16.0647 5040 KSecPkg - ok
20:04:16.0647 5040 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:04:16.0647 5040 ksthunk - ok
20:04:16.0662 5040 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:04:16.0662 5040 KtmRm - ok
20:04:16.0662 5040 [ 50AECF8C21AB2A6428A6E1E10549D8E5 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
20:04:16.0662 5040 L1C - ok
20:04:16.0678 5040 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:04:16.0678 5040 LanmanServer - ok
20:04:16.0678 5040 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:04:16.0694 5040 LanmanWorkstation - ok
20:04:16.0694 5040 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:04:16.0694 5040 lfsvc - ok
20:04:16.0709 5040 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:04:16.0725 5040 LiveUpdateSvc - ok
20:04:16.0725 5040 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:04:16.0725 5040 lltdio - ok
20:04:16.0741 5040 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:04:16.0741 5040 lltdsvc - ok
20:04:16.0741 5040 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:04:16.0741 5040 lmhosts - ok
20:04:16.0741 5040 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:04:16.0741 5040 LSI_SAS - ok
20:04:16.0756 5040 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:04:16.0756 5040 LSI_SAS2 - ok
20:04:16.0756 5040 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:04:16.0756 5040 LSI_SAS3 - ok
20:04:16.0756 5040 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:04:16.0756 5040 LSI_SSS - ok
20:04:16.0772 5040 [ 8EBB271E4588D835784A3FF7E80076A8 ] LSM C:\WINDOWS\System32\lsm.dll
20:04:16.0772 5040 LSM - ok
20:04:16.0772 5040 [ DDEE191AB32DFC22C6465002ECDF5EE4 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:04:16.0772 5040 luafv - ok
20:04:16.0772 5040 [ FD5465B876D55534117963FAAA4B9DFC ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:04:16.0787 5040 MBAMProtector - ok
20:04:16.0803 5040 [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
20:04:16.0819 5040 MBAMScheduler - ok
20:04:16.0819 5040 [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
20:04:16.0834 5040 MBAMService - ok
20:04:16.0834 5040 [ 3FFFB7F54CD7A792099C10402FCF8F56 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:04:16.0834 5040 MBAMWebAccessControl - ok
20:04:16.0834 5040 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:04:16.0834 5040 megasas - ok
20:04:16.0834 5040 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:04:16.0850 5040 megasr - ok
20:04:16.0850 5040 [ EB1D78140D6634C32A46AB1006105EDC ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:04:16.0850 5040 MEIx64 - ok
20:04:16.0850 5040 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:04:16.0850 5040 MMCSS - ok
20:04:16.0850 5040 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:04:16.0866 5040 Modem - ok
20:04:16.0866 5040 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:04:16.0866 5040 monitor - ok
20:04:16.0866 5040 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:04:16.0866 5040 mouclass - ok
20:04:16.0866 5040 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:04:16.0866 5040 mouhid - ok
20:04:16.0866 5040 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:04:16.0866 5040 mountmgr - ok
20:04:16.0881 5040 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:04:16.0881 5040 mpsdrv - ok
20:04:16.0881 5040 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:04:16.0897 5040 MpsSvc - ok
20:04:16.0897 5040 [ 1D55DADC22D21883A2F80297F5A5AE48 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:04:16.0897 5040 MRxDAV - ok
20:04:16.0897 5040 [ C997E6A37BA8915224B3FB5024A34F69 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:04:16.0897 5040 mrxsmb - ok
20:04:16.0912 5040 [ 3E28B99198B514DFEB152EACF913025E ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:04:16.0912 5040 mrxsmb10 - ok
20:04:16.0912 5040 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:04:16.0912 5040 mrxsmb20 - ok
20:04:16.0912 5040 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:04:16.0912 5040 MsBridge - ok
20:04:16.0928 5040 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:04:16.0928 5040 MSDTC - ok
20:04:16.0928 5040 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:04:16.0928 5040 Msfs - ok
20:04:16.0928 5040 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:04:16.0928 5040 msgpiowin32 - ok
20:04:16.0944 5040 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:04:16.0944 5040 mshidkmdf - ok
20:04:16.0944 5040 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:04:16.0944 5040 mshidumdf - ok
20:04:16.0944 5040 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:04:16.0944 5040 msisadrv - ok
20:04:16.0944 5040 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:04:16.0959 5040 MSiSCSI - ok
20:04:16.0959 5040 msiserver - ok
20:04:16.0959 5040 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:04:16.0959 5040 MSKSSRV - ok
20:04:16.0959 5040 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:04:16.0959 5040 MsLldp - ok
20:04:16.0959 5040 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:04:16.0959 5040 MSPCLOCK - ok
20:04:16.0959 5040 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:04:16.0975 5040 MSPQM - ok
20:04:16.0975 5040 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:04:16.0975 5040 MsRPC - ok
20:04:16.0975 5040 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:04:16.0975 5040 mssmbios - ok
20:04:16.0975 5040 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:04:16.0975 5040 MSTEE - ok
20:04:16.0991 5040 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:04:16.0991 5040 MTConfig - ok
20:04:16.0991 5040 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:04:16.0991 5040 Mup - ok
20:04:16.0991 5040 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:04:16.0991 5040 mvumis - ok
20:04:17.0006 5040 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:04:17.0006 5040 napagent - ok
20:04:17.0006 5040 [ 647C7652FA19F98CADF2BFDA2164BFEC ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:04:17.0006 5040 NativeWifiP - ok
20:04:17.0022 5040 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:04:17.0022 5040 NcaSvc - ok
20:04:17.0022 5040 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:04:17.0022 5040 NcbService - ok
20:04:17.0037 5040 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:04:17.0037 5040 NcdAutoSetup - ok
20:04:17.0037 5040 [ F21B77B4D74092A543807D3CEB711A88 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:04:17.0053 5040 NDIS - ok
20:04:17.0053 5040 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:04:17.0053 5040 NdisCap - ok
20:04:17.0053 5040 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:04:17.0053 5040 NdisImPlatform - ok
20:04:17.0053 5040 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:04:17.0053 5040 NdisTapi - ok
20:04:17.0069 5040 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:04:17.0069 5040 Ndisuio - ok
20:04:17.0069 5040 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:04:17.0069 5040 NdisVirtualBus - ok
20:04:17.0069 5040 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:04:17.0069 5040 NdisWan - ok
20:04:17.0069 5040 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:04:17.0084 5040 NdisWanLegacy - ok
20:04:17.0084 5040 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:04:17.0084 5040 NDProxy - ok
20:04:17.0084 5040 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:04:17.0084 5040 Ndu - ok
20:04:17.0084 5040 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:04:17.0084 5040 NetBIOS - ok
20:04:17.0100 5040 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:04:17.0100 5040 NetBT - ok
20:04:17.0100 5040 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:04:17.0100 5040 Netlogon - ok
20:04:17.0100 5040 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
20:04:17.0116 5040 Netman - ok
20:04:17.0116 5040 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:04:17.0116 5040 netprofm - ok
20:04:17.0131 5040 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:04:17.0131 5040 NetTcpPortSharing - ok
20:04:17.0131 5040 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
20:04:17.0131 5040 netvsc - ok
20:04:17.0131 5040 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:04:17.0147 5040 NlaSvc - ok
20:04:17.0147 5040 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:04:17.0147 5040 Npfs - ok
20:04:17.0147 5040 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:04:17.0147 5040 npsvctrig - ok
20:04:17.0147 5040 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:04:17.0147 5040 nsi - ok
20:04:17.0162 5040 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:04:17.0162 5040 nsiproxy - ok
20:04:17.0178 5040 [ 1C80517BE6836A812F6A9B99B8321351 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:04:17.0178 5040 Ntfs - ok
20:04:17.0178 5040 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:04:17.0178 5040 Null - ok
20:04:17.0194 5040 [ E366A5681C50785D4ED04FCFD65C3415 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
20:04:17.0194 5040 NVHDA - ok
20:04:17.0287 5040 [ 757ACE4D4C9FF0571F86AA5D586B45E8 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:04:17.0334 5040 nvlddmkm - ok
20:04:17.0334 5040 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:04:17.0334 5040 nvraid - ok
20:04:17.0334 5040 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:04:17.0334 5040 nvstor - ok
20:04:17.0350 5040 [ 1C7CC708AC4A02A3BE8915539780534A ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:04:17.0350 5040 nvsvc - ok
20:04:17.0350 5040 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:04:17.0366 5040 nv_agp - ok
20:04:17.0366 5040 [ 11E0B35479C895888BA3D7F619DCFFF3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:04:17.0366 5040 ose64 - ok
20:04:17.0366 5040 [ E287F157F7A0011D93179C64EF8ADCF2 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:04:17.0381 5040 p2pimsvc - ok
20:04:17.0381 5040 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:04:17.0381 5040 p2psvc - ok
20:04:17.0381 5040 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:04:17.0397 5040 Parport - ok
20:04:17.0397 5040 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:04:17.0397 5040 partmgr - ok
20:04:17.0397 5040 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:04:17.0397 5040 PcaSvc - ok
20:04:17.0412 5040 [ 275AFE3FA35E8D78BE97695DF49817C6 ] pci C:\WINDOWS\system32\drivers\pci.sys
20:04:17.0412 5040 pci - ok
20:04:17.0412 5040 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:04:17.0412 5040 pciide - ok
20:04:17.0428 5040 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:04:17.0428 5040 pcmcia - ok
20:04:17.0428 5040 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:04:17.0428 5040 pcw - ok
20:04:17.0428 5040 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:04:17.0428 5040 pdc - ok
20:04:17.0444 5040 [ 0ECEE590F2E2EF969FB74A6FC583A1E6 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:04:17.0444 5040 PEAUTH - ok
20:04:17.0459 5040 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:04:17.0475 5040 PerfHost - ok
20:04:17.0475 5040 [ 08515D036A5F88245A96645F93F07882 ] PfFilter C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys
20:04:17.0475 5040 PfFilter - ok
20:04:17.0491 5040 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
20:04:17.0491 5040 pla - ok
20:04:17.0506 5040 [ BC6849C62DB407573C6AD8CB1A4D2628 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:04:17.0506 5040 PlugPlay - ok
20:04:17.0506 5040 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:04:17.0506 5040 PNRPAutoReg - ok
20:04:17.0522 5040 [ E287F157F7A0011D93179C64EF8ADCF2 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:04:17.0522 5040 PNRPsvc - ok
20:04:17.0522 5040 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:04:17.0537 5040 PolicyAgent - ok
20:04:17.0537 5040 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
20:04:17.0537 5040 Power - ok
20:04:17.0569 5040 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:04:17.0584 5040 PrintNotify - ok
20:04:17.0584 5040 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:04:17.0584 5040 Processor - ok
20:04:17.0584 5040 [ B2A890D96C05E33FDD2BF3F3D4D0DF92 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:04:17.0600 5040 ProfSvc - ok
20:04:17.0600 5040 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:04:17.0600 5040 Psched - ok
20:04:17.0600 5040 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:04:17.0600 5040 QWAVE - ok
20:04:17.0616 5040 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:04:17.0616 5040 QWAVEdrv - ok
20:04:17.0616 5040 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:04:17.0616 5040 RasAcd - ok
20:04:17.0616 5040 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:04:17.0616 5040 RasAuto - ok
20:04:17.0631 5040 [ 5C7B86EE33505E36026AFAAB62DA6364 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:04:17.0631 5040 RasMan - ok
20:04:17.0631 5040 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:04:17.0631 5040 RasPppoe - ok
20:04:17.0647 5040 [ A1A5E79C0D1352AFDC08328A623DA051 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:04:17.0647 5040 rdbss - ok

================POKRAČOVÁNÍ V DALŠÍM PŘÍSPĚVKU=====================

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:15

==================POKRAČOVÁNÍ LOGU========================

20:04:17.0647 5040 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:04:17.0647 5040 rdpbus - ok
20:04:17.0662 5040 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:04:17.0662 5040 RDPDR - ok
20:04:17.0662 5040 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:04:17.0662 5040 RdpVideoMiniport - ok
20:04:17.0662 5040 [ A26AEC49F318FEE141DDDB2C5F99B3E6 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:04:17.0662 5040 rdyboost - ok
20:04:17.0678 5040 [ E515A287C8FAE901EB8FB42F168E14F2 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
20:04:17.0678 5040 ReFS - ok
20:04:17.0678 5040 [ 5623E2CC4F1F6DE24BE9DB3319E42D23 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
20:04:17.0678 5040 RegFilter - ok
20:04:17.0694 5040 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:04:17.0694 5040 RemoteAccess - ok
20:04:17.0694 5040 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:04:17.0709 5040 RemoteRegistry - ok
20:04:17.0709 5040 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:04:17.0709 5040 RpcEptMapper - ok
20:04:17.0709 5040 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
20:04:17.0709 5040 RpcLocator - ok
20:04:17.0725 5040 [ 81979817943D830BF24571B7C1B28A1A ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:04:17.0725 5040 RpcSs - ok
20:04:17.0725 5040 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:04:17.0725 5040 rspndr - ok
20:04:17.0741 5040 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:04:17.0741 5040 s3cap - ok
20:04:17.0741 5040 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
20:04:17.0741 5040 SamSs - ok
20:04:17.0741 5040 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:04:17.0741 5040 sbp2port - ok
20:04:17.0756 5040 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:04:17.0756 5040 SCardSvr - ok
20:04:17.0756 5040 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
20:04:17.0756 5040 ScDeviceEnum - ok
20:04:17.0756 5040 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:04:17.0772 5040 scfilter - ok
20:04:17.0787 5040 [ A95838FFFAEAA7500263D491575F7E0C ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:04:17.0787 5040 Schedule - ok
20:04:17.0787 5040 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:04:17.0803 5040 SCPolicySvc - ok
20:04:17.0803 5040 [ FDEC5799BA499D18AFA3A540538866E7 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:04:17.0803 5040 sdbus - ok
20:04:17.0803 5040 [ 0B1E929D11A8E358106955603FAC65E8 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:04:17.0803 5040 sdstor - ok
20:04:17.0819 5040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
20:04:17.0819 5040 secdrv - ok
20:04:17.0819 5040 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
20:04:17.0819 5040 seclogon - ok
20:04:17.0819 5040 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
20:04:17.0819 5040 SENS - ok
20:04:17.0834 5040 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:04:17.0834 5040 SensrSvc - ok
20:04:17.0834 5040 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:04:17.0834 5040 SerCx - ok
20:04:17.0834 5040 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
20:04:17.0850 5040 SerCx2 - ok
20:04:17.0850 5040 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:04:17.0850 5040 Serenum - ok
20:04:17.0850 5040 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:04:17.0850 5040 Serial - ok
20:04:17.0850 5040 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:04:17.0850 5040 sermouse - ok
20:04:17.0897 5040 [ 3C19C8CBC7917FEE066CB7A116D3F326 ] Service KMSELDI D:\Program Files\KMSpico\Service_KMS.exe
20:04:17.0897 5040 Service KMSELDI - ok
20:04:17.0912 5040 [ D5C3776CBD8BC307DCCA3FD4CE667A37 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:04:17.0912 5040 SessionEnv - ok
20:04:17.0912 5040 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:04:17.0912 5040 sfloppy - ok
20:04:17.0928 5040 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:04:17.0928 5040 SharedAccess - ok
20:04:17.0928 5040 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:04:17.0944 5040 ShellHWDetection - ok
20:04:17.0944 5040 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:04:17.0944 5040 SiSRaid2 - ok
20:04:17.0944 5040 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:04:17.0944 5040 SiSRaid4 - ok
20:04:17.0944 5040 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:04:17.0944 5040 SkypeUpdate - ok
20:04:17.0959 5040 [ E77CB3736A702D46A6FB15FB4A9894E3 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
20:04:17.0959 5040 SmartDefragDriver - ok
20:04:17.0959 5040 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
20:04:17.0959 5040 smphost - ok
20:04:17.0975 5040 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:04:17.0975 5040 SNMPTRAP - ok
20:04:17.0975 5040 [ 87765EF43C33BE342F4ACB0E3FBF89A6 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:04:17.0975 5040 spaceport - ok
20:04:17.0991 5040 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:04:17.0991 5040 SpbCx - ok
20:04:17.0991 5040 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:04:18.0006 5040 Spooler - ok
20:04:18.0053 5040 [ C993A0B97BECD3AAF5158E3869878465 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:04:18.0069 5040 sppsvc - ok
20:04:18.0084 5040 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:04:18.0084 5040 srv - ok
20:04:18.0084 5040 [ E62EAEF0BAC9DD61BF22D4A7F2F18571 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:04:18.0084 5040 srv2 - ok
20:04:18.0100 5040 [ 466BDC0006103F2547D308DD3CD64398 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:04:18.0100 5040 srvnet - ok
20:04:18.0100 5040 [ 52D6F40B50ECFC051979FEC68E74F0F8 ] ssadbus C:\WINDOWS\System32\drivers\ssadbus.sys
20:04:18.0100 5040 ssadbus - ok
20:04:18.0100 5040 [ D6CFD3B2EABCF9327DE39C62BABFA1E3 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
20:04:18.0100 5040 ssadmdfl - ok
20:04:18.0116 5040 [ 5EB01E6148742C3EC2185AC92F6D16FD ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
20:04:18.0116 5040 ssadmdm - ok
20:04:18.0116 5040 [ FF20F67DD5644BD1D2E7FCD95AF7F03B ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
20:04:18.0116 5040 ssadserd - ok
20:04:18.0116 5040 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:04:18.0131 5040 SSDPSRV - ok
20:04:18.0131 5040 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:04:18.0131 5040 SstpSvc - ok
20:04:18.0131 5040 [ 53432CFCC959C9D3D94B1C626129BB9F ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
20:04:18.0131 5040 StartMenuService - ok
20:04:18.0147 5040 [ CDA9313E34887A111B8309B55BCDCD82 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:04:18.0147 5040 Stereo Service - ok
20:04:18.0147 5040 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:04:18.0147 5040 stexstor - ok
20:04:18.0163 5040 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:04:18.0163 5040 stisvc - ok
20:04:18.0163 5040 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:04:18.0163 5040 storahci - ok
20:04:18.0163 5040 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
20:04:18.0178 5040 storflt - ok
20:04:18.0178 5040 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
20:04:18.0178 5040 stornvme - ok
20:04:18.0178 5040 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:04:18.0178 5040 StorSvc - ok
20:04:18.0178 5040 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:04:18.0178 5040 storvsc - ok
20:04:18.0194 5040 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:04:18.0194 5040 svsvc - ok
20:04:18.0194 5040 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:04:18.0194 5040 swenum - ok
20:04:18.0209 5040 [ E3C92D60F6AD7763961D1E7628002844 ] swprv C:\WINDOWS\System32\swprv.dll
20:04:18.0209 5040 swprv - ok
20:04:18.0225 5040 [ 3DA26652B12E9AB43FD04976AC6DFD33 ] SysMain C:\WINDOWS\system32\sysmain.dll
20:04:18.0225 5040 SysMain - ok
20:04:18.0241 5040 [ D65B1C952AEB864C2BAC7A770B17ECCE ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:04:18.0241 5040 SystemEventsBroker - ok
20:04:18.0241 5040 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:04:18.0241 5040 TabletInputService - ok
20:04:18.0256 5040 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:04:18.0256 5040 TapiSrv - ok
20:04:18.0288 5040 [ FEEFE783D87C9063CDAC6DBDCF95F533 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:04:18.0288 5040 Tcpip - ok
20:04:18.0319 5040 [ FEEFE783D87C9063CDAC6DBDCF95F533 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:04:18.0319 5040 TCPIP6 - ok
20:04:18.0319 5040 [ 41CF802064F72E55F50CA0A221FD36D4 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:04:18.0334 5040 tcpipreg - ok
20:04:18.0334 5040 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:04:18.0334 5040 tdx - ok
20:04:18.0334 5040 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:04:18.0334 5040 terminpt - ok
20:04:18.0350 5040 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
20:04:18.0350 5040 TermService - ok
20:04:18.0366 5040 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
20:04:18.0366 5040 Themes - ok
20:04:18.0366 5040 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:04:18.0366 5040 THREADORDER - ok
20:04:18.0381 5040 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:04:18.0381 5040 TimeBroker - ok
20:04:18.0381 5040 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:04:18.0381 5040 TPM - ok
20:04:18.0381 5040 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:04:18.0397 5040 TrkWks - ok
20:04:18.0397 5040 [ 887CC44830D3F367CAD17A0CA7CCA5C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:04:18.0397 5040 TrustedInstaller - ok
20:04:18.0397 5040 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:04:18.0397 5040 TsUsbFlt - ok
20:04:18.0397 5040 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:04:18.0413 5040 TsUsbGD - ok
20:04:18.0413 5040 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:04:18.0413 5040 tunnel - ok
20:04:18.0413 5040 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:04:18.0413 5040 uagp35 - ok
20:04:18.0413 5040 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:04:18.0413 5040 UASPStor - ok
20:04:18.0428 5040 [ B034A41891A36457B994307DFA772293 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:04:18.0428 5040 UCX01000 - ok
20:04:18.0428 5040 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:04:18.0428 5040 udfs - ok
20:04:18.0444 5040 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
20:04:18.0444 5040 UEFI - ok
20:04:18.0444 5040 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:04:18.0444 5040 UI0Detect - ok
20:04:18.0444 5040 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:04:18.0444 5040 uliagpkx - ok
20:04:18.0459 5040 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:04:18.0459 5040 umbus - ok
20:04:18.0459 5040 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:04:18.0459 5040 UmPass - ok
20:04:18.0459 5040 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:04:18.0475 5040 UmRdpService - ok
20:04:18.0475 5040 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:04:18.0475 5040 upnphost - ok
20:04:18.0491 5040 [ 893A6B67C8AA502648AD946CF50DDFD1 ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
20:04:18.0491 5040 UrlFilter - ok
20:04:18.0491 5040 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:04:18.0491 5040 usbccgp - ok
20:04:18.0491 5040 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:04:18.0491 5040 usbcir - ok
20:04:18.0506 5040 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:04:18.0506 5040 usbehci - ok
20:04:18.0506 5040 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:04:18.0506 5040 usbhub - ok
20:04:18.0522 5040 [ CFC52C49BEFE4D70D87FFA900EAB9777 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:04:18.0522 5040 USBHUB3 - ok
20:04:18.0522 5040 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:04:18.0522 5040 usbohci - ok
20:04:18.0538 5040 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:04:18.0538 5040 usbprint - ok
20:04:18.0538 5040 [ EA23453240137F6773174E0D93F61A69 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:04:18.0538 5040 USBSTOR - ok
20:04:18.0538 5040 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:04:18.0538 5040 usbuhci - ok
20:04:18.0553 5040 [ 48430B0313FC1CFE3D2400553F1A93CD ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:04:18.0553 5040 USBXHCI - ok
20:04:18.0553 5040 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:04:18.0553 5040 VaultSvc - ok
20:04:18.0553 5040 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:04:18.0553 5040 vdrvroot - ok
20:04:18.0569 5040 [ E3EF58D4123B5AA29C8E19825AF84A5E ] vds C:\WINDOWS\System32\vds.exe
20:04:18.0584 5040 vds - ok
20:04:18.0584 5040 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:04:18.0584 5040 VerifierExt - ok
20:04:18.0600 5040 [ 52E483A3701A5A61A75A06993720347D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:04:18.0600 5040 vhdmp - ok
20:04:18.0600 5040 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:04:18.0600 5040 viaide - ok
20:04:18.0600 5040 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:04:18.0600 5040 vmbus - ok
20:04:18.0616 5040 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:04:18.0616 5040 VMBusHID - ok
20:04:18.0616 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:04:18.0616 5040 vmicguestinterface - ok
20:04:18.0631 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:04:18.0631 5040 vmicheartbeat - ok
20:04:18.0631 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:04:18.0647 5040 vmickvpexchange - ok
20:04:18.0647 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:04:18.0647 5040 vmicrdv - ok
20:04:18.0663 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:04:18.0663 5040 vmicshutdown - ok
20:04:18.0663 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:04:18.0663 5040 vmictimesync - ok
20:04:18.0678 5040 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:04:18.0678 5040 vmicvss - ok
20:04:18.0678 5040 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:04:18.0678 5040 volmgr - ok
20:04:18.0694 5040 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:04:18.0694 5040 volmgrx - ok
20:04:18.0694 5040 [ 3595FBDF25F8BA6256072D103937D7D6 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:04:18.0709 5040 volsnap - ok
20:04:18.0709 5040 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:04:18.0709 5040 vpci - ok
20:04:18.0709 5040 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:04:18.0709 5040 vsmraid - ok
20:04:18.0725 5040 [ 4957B27219515B93A508B91068B87BF5 ] VSS C:\WINDOWS\system32\vssvc.exe
20:04:18.0725 5040 VSS - ok
20:04:18.0741 5040 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:04:18.0741 5040 VSTXRAID - ok
20:04:18.0741 5040 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:04:18.0741 5040 vwifibus - ok
20:04:18.0756 5040 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
20:04:18.0756 5040 W32Time - ok
20:04:18.0756 5040 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:04:18.0756 5040 WacomPen - ok
20:04:18.0772 5040 [ 61692DB39AD3DF2F29392D68EAA7BB93 ] wbengine C:\WINDOWS\system32\wbengine.exe
20:04:18.0788 5040 wbengine - ok
20:04:18.0788 5040 [ 3BC1D1D56637A32CD91C8AE08E2484AA ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:04:18.0788 5040 WbioSrvc - ok
20:04:18.0803 5040 [ A07CFC4B593D15B6BF06813C3B5B33BF ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:04:18.0803 5040 Wcmsvc - ok
20:04:18.0819 5040 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:04:18.0819 5040 wcncsvc - ok
20:04:18.0819 5040 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:04:18.0819 5040 WcsPlugInService - ok
20:04:18.0834 5040 [ 241895E8A9C158DF86E12FDD21033A32 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:04:18.0834 5040 WdBoot - ok
20:04:18.0834 5040 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:04:18.0834 5040 Wdf01000 - ok
20:04:18.0850 5040 [ C52148456E0F6EAD9E903020A79207FC ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:04:18.0850 5040 WdFilter - ok
20:04:18.0850 5040 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:04:18.0850 5040 WdiServiceHost - ok
20:04:18.0866 5040 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:04:18.0866 5040 WdiSystemHost - ok
20:04:18.0866 5040 [ 57F22324FAAF92ADF957B281E88F1743 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:04:18.0866 5040 WdNisDrv - ok
20:04:18.0866 5040 WdNisSvc - ok
20:04:18.0881 5040 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:04:18.0881 5040 WebClient - ok
20:04:18.0881 5040 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:04:18.0897 5040 Wecsvc - ok
20:04:18.0897 5040 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
20:04:18.0897 5040 WEPHOSTSVC - ok
20:04:18.0897 5040 [ 959534ACF085C137D2D094384EF89C45 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:04:18.0913 5040 wercplsupport - ok
20:04:18.0913 5040 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:04:18.0913 5040 WerSvc - ok
20:04:18.0913 5040 [ BFBE1C5F57FE7A885673A1962D5532B7 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:04:18.0913 5040 WFPLWFS - ok
20:04:18.0928 5040 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:04:18.0928 5040 WiaRpc - ok
20:04:18.0928 5040 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:04:18.0928 5040 WIMMount - ok
20:04:18.0928 5040 WinDefend - ok
20:04:18.0928 5040 Suspicious service (Hidden): WinDivert1.1
20:04:18.0944 5040 [ A0D15D8727D0780C51628DF46B7268B3 ] WinDivert1.1 D:\Program Files\KMSpico\WinDivert.sys
20:04:18.0944 5040 WinDivert1.1 ( HiddenService.Multi.Generic ) - warning
20:04:18.0944 5040 WinDivert1.1 - detected HiddenService.Multi.Generic (1)
20:04:18.0959 5040 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:04:18.0975 5040 WinHttpAutoProxySvc - ok
20:04:18.0975 5040 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:04:18.0975 5040 Winmgmt - ok
20:04:18.0975 5040 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
20:04:18.0975 5040 WinRing0_1_2_0 - ok
20:04:19.0006 5040 [ C8D6344BDE2691A196E61C0D3372EAB7 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:04:19.0022 5040 WinRM - ok
20:04:19.0022 5040 [ AC263C2F66405589528995AA41040599 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:04:19.0022 5040 WinUsb - ok
20:04:19.0038 5040 [ 5A917027826D759CC3238C7D3CEC3438 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:04:19.0053 5040 WlanSvc - ok
20:04:19.0069 5040 [ 5F56C0DE776C7AE43AF749845BFAA1EF ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:04:19.0069 5040 wlidsvc - ok
20:04:19.0069 5040 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:04:19.0084 5040 WmiAcpi - ok
20:04:19.0084 5040 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:04:19.0084 5040 wmiApSrv - ok
20:04:19.0084 5040 WMPNetworkSvc - ok
20:04:19.0084 5040 [ 7FC5667DF73D4B04AA457CC3A4180E09 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
20:04:19.0100 5040 Wof - ok
20:04:19.0116 5040 [ 65C65F3BD784158C456E721DDC9F0EA2 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
20:04:19.0116 5040 workfolderssvc - ok
20:04:19.0131 5040 [ C1F564F324685C088ECAB1933576CF91 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:04:19.0131 5040 wpcfltr - ok
20:04:19.0131 5040 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:04:19.0131 5040 WPCSvc - ok
20:04:19.0131 5040 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:04:19.0147 5040 WPDBusEnum - ok
20:04:19.0147 5040 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:04:19.0147 5040 WpdUpFltr - ok
20:04:19.0147 5040 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:04:19.0147 5040 ws2ifsl - ok
20:04:19.0147 5040 [ 515583507D3828E827FF6352C9ACCEFA ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:04:19.0163 5040 wscsvc - ok
20:04:19.0163 5040 WSearch - ok
20:04:19.0194 5040 [ 95B6670E6933E1DEE19686C55BE709A0 ] WSService C:\WINDOWS\System32\WSService.dll
20:04:19.0209 5040 WSService - ok
20:04:19.0241 5040 [ 779FB2F26E4339A4DD3EEF57E4E593FA ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:04:19.0256 5040 wuauserv - ok
20:04:19.0256 5040 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:04:19.0256 5040 WudfPf - ok
20:04:19.0256 5040 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:04:19.0256 5040 WUDFRd - ok
20:04:19.0272 5040 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:19.0272 5040 WUDFSensorLP - ok
20:04:19.0272 5040 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:04:19.0272 5040 wudfsvc - ok
20:04:19.0288 5040 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:19.0288 5040 WUDFWpdFs - ok
20:04:19.0288 5040 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:19.0288 5040 WUDFWpdMtp - ok
20:04:19.0303 5040 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:04:19.0303 5040 WwanSvc - ok
20:04:19.0303 5040 ================ Scan global ===============================
20:04:19.0303 5040 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
20:04:19.0319 5040 [ 00DD4D2ACC2E72155A8AAA82018BEC0D ] C:\WINDOWS\system32\winsrv.dll
20:04:19.0319 5040 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
20:04:19.0334 5040 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
20:04:19.0334 5040 [Global] - ok
20:04:19.0334 5040 ================ Scan MBR ==================================
20:04:19.0334 5040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:04:19.0413 5040 \Device\Harddisk0\DR0 - ok
20:04:19.0444 5040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:04:19.0444 5040 \Device\Harddisk1\DR1 - ok
20:04:19.0459 5040 ================ Scan VBR ==================================
20:04:19.0459 5040 [ 8D32F12242274FB34076BEBB017FC339 ] \Device\Harddisk0\DR0\Partition1
20:04:19.0459 5040 \Device\Harddisk0\DR0\Partition1 - ok
20:04:19.0459 5040 [ DE9055060B0C268E63B9ADCCB93669E2 ] \Device\Harddisk0\DR0\Partition2
20:04:19.0459 5040 \Device\Harddisk0\DR0\Partition2 - ok
20:04:19.0459 5040 [ 2B8C95E2B129422C1ABBE7A8CBF21931 ] \Device\Harddisk1\DR1\Partition1
20:04:19.0459 5040 \Device\Harddisk1\DR1\Partition1 - ok
20:04:19.0459 5040 ============================================================
20:04:19.0459 5040 Scan finished
20:04:19.0459 5040 ============================================================
20:04:19.0459 3004 Detected object count: 1
20:04:19.0459 3004 Actual detected object count: 1
20:05:54.0121 3004 WinDivert1.1 ( HiddenService.Multi.Generic ) - skipped by user
20:05:54.0121 3004 WinDivert1.1 ( HiddenService.Multi.Generic ) - User select action: Skip
20:05:57.0637 6684 Deinitialize success

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:22

RogueKiller mi vytvořil dva logy, pro jistotu sem vložím oba.

1. LOG:

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ivo [Práva správce]
Mód : Odebrat -- Datum : 05/03/2014 20:02:52
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP UNIC] OpaqueTaskbar.exe -- D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : OpaqueTaskbar ("D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe" /resident [-]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKUS\S-1-5-21-3425194565-27084353-826121341-1001\[...]\Run : OpaqueTaskbar ("D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe" /resident [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] IAT @explorer.exe (SetWindowPos) : USER32.dll -> HOOKED (C:\Program Files (x86)\IObit\Start Menu 8\StartMenuDll64.dll @ 0x053655C0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1274C)
[Address] EAT @explorer.exe (DllGetClassObject) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB14984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12DC0)
[Address] EAT @explorer.exe (DwmFlush) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB126C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB11D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB11010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB16308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB111B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB16F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB169A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB17CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB110E8)
[Address] EAT @explorer.exe (DwmShowContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13A90)
[Address] EAT @explorer.exe (DwmTetherContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB15FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB17710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB122E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1CE70)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E5828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E17E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E1950)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F13D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999397C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9994BB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F15C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E40B0)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99906FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CB2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FC888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C8690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B3388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CB450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99939E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99939E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F6A34)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E83B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999AF270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999AF76C)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99881B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F9CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F5990)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998A544)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999922D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99992310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988A0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988BA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F7DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B97E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F7570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988BED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B9400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C88F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B66F0)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D388)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A0D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A0EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A11B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1390)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1518)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A16AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A17B0)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1840)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A19A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E270)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99987C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B62C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988ACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F31F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F33A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FF540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99887824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F35F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9989BDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99894140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A7A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B45C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999030E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99903240)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999CCBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999063C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B52C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99892EE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997D94)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997E44)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99898B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9989A090)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999340D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8880)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A7634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C58DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C62C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C6580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C74F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998BF9C)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999911E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99937A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998971F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EC930)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99931BD0)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C6D0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998965EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C30E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99909760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EBEC8)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991270)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991270)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A06A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A29E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FEE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999382A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999382A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998DAD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B70B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B70E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B73E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99937374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999913D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999913D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991468)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EC574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999002BC)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BD55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D7B8)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BD3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998AAB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99890D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99891220)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A8430)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CDF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CDF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B7404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C2BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B7530)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999915D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993A07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988DF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998DDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998DED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988E3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B6044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CEF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999018FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999018FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993AD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99934760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99934760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FFFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998DBC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993A290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C46B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CCBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F9ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99990670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F40A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999380B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F42A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F43D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C1278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CC1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F46A4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4C10)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99902364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F50C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B77A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993BA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999089A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F51C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988A5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5274)

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:22

Pokračování:

[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F52D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F53E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99908FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999CD000)
[Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91DF1010)
[Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91DF1E60)
[Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91E330B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91E33114)
[Address] EAT @explorer.exe (AsyncGetClassBits) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF73FC)
[Address] EAT @explorer.exe (CoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA5660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA80A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D946A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D943C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D61EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D70810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE53D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA9CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D62460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA8DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA51B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA1820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D956A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D71490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA7C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA4044)
[Address] EAT @explorer.exe (CopyBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3020)
[Address] EAT @explorer.exe (CopyStgMedium) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D6BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DB86C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA3D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D868E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D63660)
[Address] EAT @explorer.exe (CreateURLMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBCCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D678D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA40F0)
[Address] EAT @explorer.exe (CreateUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D616F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D61600)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DAAB3C)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2458)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2470)
[Address] EAT @explorer.exe (Extract) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D96B60)
[Address] EAT @explorer.exe (FindMediaType) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D86080)
[Address] EAT @explorer.exe (FindMimeFromData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA50BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E202B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBB8EC)
[Address] EAT @explorer.exe (GetClassURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E28B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E19390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EA4)
[Address] EAT @explorer.exe (GetPropertyName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBDEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D66D90)
[Address] EAT @explorer.exe (HlinkGoBack) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16E78)
[Address] EAT @explorer.exe (HlinkGoForward) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E175E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF12FC)
[Address] EAT @explorer.exe (IEDllLoader) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE26F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3244)
[Address] EAT @explorer.exe (IEInstallScope) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA21FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20668)
[Address] EAT @explorer.exe (IsJITInProgress) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E1855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18688)
[Address] EAT @explorer.exe (IsStringProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1ED4)
[Address] EAT @explorer.exe (IsValidURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D97610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DB92F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DEDCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7560)
[Address] EAT @explorer.exe (QueryAssociations) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA1C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE20C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D98C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D67D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE22CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DEDE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA3A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20820)
[Address] EAT @explorer.exe (URLDownloadA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E1821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E182E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18408)
[Address] EAT @explorer.exe (URLOpenStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E184D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBC9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D73E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E185D0)
[Address] EAT @explorer.exe (ZonesReInit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E19C30)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C0D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D01A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C0EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D09CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B8100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CC4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CE0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B7BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C1510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C1680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B2270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B58A0)
[Address] EAT @explorer.exe (EventGuidToName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5BDE68)
[Address] EAT @explorer.exe (EventNameFree) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5BDEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B7BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B2680)
[Address] EAT @explorer.exe (GetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B1390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B21B0)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSC2CT060A3 +++++
--- User ---
[MBR] f3bfc6ad82f915b2798dfaed686e4a05
[BSP] 813a4c5b36d93f4fde867d8b6de9f9a6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 351 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 722925 | Size: 56886 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EZEX-00RKKA0 +++++
--- User ---
[MBR] f29db3fad84b45b4fde704263416408d
[BSP] 57f61b446f7c1919f2d55e5dbad2f0af : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- Compact Flash USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_05032014_200252.txt >>
RKreport[0]_S_05032014_200242.txt

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:24

2. LOG:

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ivo [Práva správce]
Mód : Kontrola -- Datum : 05/03/2014 20:02:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP UNIC] OpaqueTaskbar.exe -- D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : OpaqueTaskbar ("D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe" /resident [-]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-3425194565-27084353-826121341-1001\[...]\Run : OpaqueTaskbar ("D:\Dokumenty\WINDOWS-8-NEPR�?HLEDNÝ,HLAVNÍ-PANEL\OpaqueTaskbar.exe" /resident [-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] IAT @explorer.exe (SetWindowPos) : USER32.dll -> HOOKED (C:\Program Files (x86)\IObit\Start Menu 8\StartMenuDll64.dll @ 0x053655C0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1274C)
[Address] EAT @explorer.exe (DllGetClassObject) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB14984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12DC0)
[Address] EAT @explorer.exe (DwmFlush) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB126C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB11D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB18180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB11010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB16308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB111B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB16F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB169A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB17CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB110E8)
[Address] EAT @explorer.exe (DwmShowContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13A90)
[Address] EAT @explorer.exe (DwmTetherContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB12320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB15FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB17710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB13760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB122E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x9EB1CE70)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E5828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E17E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E1950)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F13D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999397C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9994BB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F15C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F1618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E40B0)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99906FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CB2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FC888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C8690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B3388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CB450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99939E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99939E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F6A34)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998E83B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B7B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999AF270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999AF76C)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99881B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F9CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F5990)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998A544)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999922D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99992310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988A0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988BA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F7DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B97E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F7570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FE044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988BED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B9400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C88F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B66F0)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D388)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A0D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A0EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A11B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1390)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999D8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1518)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A16AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A17B0)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999DE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1840)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A19A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E270)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999E324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A1DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99987C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F2F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B62C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988ACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F31F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F33A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FF540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99887824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F35F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9989BDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99894140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A7A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B45C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999030E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99903240)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999CCBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999063C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B52C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99892EE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997D94)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997E44)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99898B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9989A090)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999340D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8880)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A7634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C58DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C5D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C62C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999C6580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C74F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998BF9C)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999911E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99937A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998971F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EC930)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99931BD0)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C6D0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998965EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C30E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99909760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EBEC8)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991270)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991270)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9999131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A06A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A29E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FEE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999382A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999382A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998DAD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B70B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B70E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C6B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B73E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998C898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99937374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999913D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999913D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991468)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998EC574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999002BC)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BD55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D7B8)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BD3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998AAB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99997F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99890D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99891220)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998A8430)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CDF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CDF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D1FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B7404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C2BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B7530)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99991580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999915D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993A07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988DF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998DDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998DED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988E3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B5FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B6044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998BE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CEF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9998D970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999018FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999018FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993AD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99934760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99934760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998FFFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C8B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998DBC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993A290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999A9C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C46B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999B4318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CCBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998F9ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99990670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F3EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F40A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999380B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99884D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F42A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F43D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998C1278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998CC1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F46A4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4C10)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999D2310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99902364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F4FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F50C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B2630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x998B77A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9993BA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999089A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F51C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x9988A5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5274)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F52D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F5384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999F53E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x99908FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x999CD000)
[Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91DF1010)
[Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91DF1E60)
[Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91E330B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x91E33114)
[Address] EAT @explorer.exe (AsyncGetClassBits) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF73FC)
[Address] EAT @explorer.exe (CoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA5660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA80A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D946A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D943C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D61EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D70810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE53D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA9CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D62460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA8DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA51B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA1820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D956A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D71490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA7C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA4044)
[Address] EAT @explorer.exe (CopyBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3020)
[Address] EAT @explorer.exe (CopyStgMedium) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D6BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DB86C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA3D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D868E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D63660)
[Address] EAT @explorer.exe (CreateURLMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBCCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D678D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA40F0)
[Address] EAT @explorer.exe (CreateUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D616F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D61600)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DAAB3C)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2458)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2470)
[Address] EAT @explorer.exe (Extract) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D96B60)
[Address] EAT @explorer.exe (FindMediaType) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D86080)
[Address] EAT @explorer.exe (FindMimeFromData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA50BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E202B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBB8EC)
[Address] EAT @explorer.exe (GetClassURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E28B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E19390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1E94)

hoplus1 · Příspěvekod **hoplus1** » 03 kvě 2014 20:25

pokračování:

[Address] EAT @explorer.exe (GetPropertyFromName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EA4)
[Address] EAT @explorer.exe (GetPropertyName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBDEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D66D90)
[Address] EAT @explorer.exe (HlinkGoBack) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16E78)
[Address] EAT @explorer.exe (HlinkGoForward) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E16FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E175E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF12FC)
[Address] EAT @explorer.exe (IEDllLoader) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE26F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3244)
[Address] EAT @explorer.exe (IEInstallScope) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA21FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20668)
[Address] EAT @explorer.exe (IsJITInProgress) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E1855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18688)
[Address] EAT @explorer.exe (IsStringProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE1ED4)
[Address] EAT @explorer.exe (IsValidURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D97610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DB92F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DEDCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF7560)
[Address] EAT @explorer.exe (QueryAssociations) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D7E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA1C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE20C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D98C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D67D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE22CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DF3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBE070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DEDE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DA3A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E20820)
[Address] EAT @explorer.exe (URLDownloadA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E17F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE5D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E1821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E182E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E18408)
[Address] EAT @explorer.exe (URLOpenStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E184D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DBC9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99DE2804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D73E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D9D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99D8A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E185D0)
[Address] EAT @explorer.exe (ZonesReInit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x99E19C30)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CFF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C0D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D01A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C0EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D09CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B8100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CCF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CC4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CD910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CDFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5CE0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B7BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C1510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5C1680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B2270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5D0AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B58A0)
[Address] EAT @explorer.exe (EventGuidToName) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5BDE68)
[Address] EAT @explorer.exe (EventNameFree) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5BDEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B7BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B2680)
[Address] EAT @explorer.exe (GetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B1390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B3E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : nlaapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x9B5B21B0)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSC2CT060A3 +++++
--- User ---
[MBR] f3bfc6ad82f915b2798dfaed686e4a05
[BSP] 813a4c5b36d93f4fde867d8b6de9f9a6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 351 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 722925 | Size: 56886 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EZEX-00RKKA0 +++++
--- User ---
[MBR] f29db3fad84b45b4fde704263416408d
[BSP] 57f61b446f7c1919f2d55e5dbad2f0af : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- Compact Flash USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_05032014_200242.txt >>

Příspěvekod **jaro3** » 04 kvě 2014 10:27

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

hoplus1 · Příspěvekod **hoplus1** » 04 kvě 2014 20:50

... Takže můj počítač je v pořádku? Zatím jsem použil pouze programy na vytvoření logů, není potřeba ještě nějaký ,,uklízecí'' program? Nebo ty programy také uklízely?

preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Re: preventivní kontrola logu - HijackThis

Kdo je online