Kontrola logu HJT Vyřešeno

[Monda]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:15:44, on 11.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)

FIREFOX: 29.0.1 (cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Markynka\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Markynka\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Markynka\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series (kopie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_SD2A7.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Users\Markynka\AppData\Local\Temp\E_S4F27.tmp" /EF "HKCU"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 5443 bytes

[Reklama]

[Orcus]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[Monda]

# AdwCleaner v3.208 - Report created 12/05/2014 at 19:46:31
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Markynka - MARKYNKA-PC
# Running from : C:\Users\Markynka\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Markynka\AppData\Roaming\Mozilla\Firefox\Profiles\sn9kbmsb.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Markynka\AppData\Roaming\Mozilla\Firefox\Profiles\sn9kbmsb.default\prefs.js ]


*************************

AdwCleaner[R2].txt - [869 octets] - [12/05/2014 19:46:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [928 octets] ##########

[Monda]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.5.2014
Čas skenování: 20:37:58
Protokol: aq.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.05.12.06
Databáze rootkitů: v2014.03.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Markynka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 259199
Uplynulý čas: 42 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Monda]

# AdwCleaner v3.208 - Report created 13/05/2014 at 20:04:17
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Markynka - MARKYNKA-PC
# Running from : C:\Users\Markynka\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Markynka\AppData\Roaming\Mozilla\Firefox\Profiles\sn9kbmsb.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Markynka\AppData\Roaming\Mozilla\Firefox\Profiles\sn9kbmsb.default\prefs.js ]


*************************

AdwCleaner[R2].txt - [1007 octets] - [12/05/2014 19:46:31]
AdwCleaner[R3].txt - [1067 octets] - [13/05/2014 19:57:05]
AdwCleaner[S2].txt - [994 octets] - [13/05/2014 20:04:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1053 octets] ##########

[Monda]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Markynka on Łt 13.05.2014 at 20:22:15,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Markynka\AppData\Roaming\mozilla\firefox\profiles\sn9kbmsb.default\prefs.js

user_pref("keyword.URL", "hxxp://search.seznam.cz/?sourceid=Quicksearch_12454&q=");
Emptied folder: C:\Users\Markynka\AppData\Roaming\mozilla\firefox\profiles\sn9kbmsb.default\minidumps [233 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 13.05.2014 at 20:34:57,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Monda]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Markynka [Práva správce]
Mód : Kontrola -- Datum : 05/13/2014 20:57:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746109AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746049A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74630731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74606395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746108ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746094AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74606A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746335E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746053E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746051BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74604EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746063E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746306CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74604BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746104BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746105DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74607C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746323B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746086E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746106E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746139D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746322E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74633172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746329C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74602D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74611081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74602E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746060AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746085B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746073D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74633296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxª?ƒ-˜ø"G) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD99)
[Address] EAT @explorer.exe (DllCanUnloadNow) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D2B3B)
[Address] EAT @explorer.exe (DllGetClassObject) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705E188E)
[Address] EAT @explorer.exe (DllGetVersion) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D2982)
[Address] EAT @explorer.exe (DllRegisterServer) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70667DC5)
[Address] EAT @explorer.exe (DllUnregisterServer) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066818F)
[Address] EAT @explorer.exe (Migrate10CachedPackagesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066C744)
[Address] EAT @explorer.exe (Migrate10CachedPackagesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066E1AC)
[Address] EAT @explorer.exe (MsiAdvertiseProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067257F)
[Address] EAT @explorer.exe (MsiAdvertiseProductExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706727D7)
[Address] EAT @explorer.exe (MsiAdvertiseProductExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D6C1)
[Address] EAT @explorer.exe (MsiAdvertiseProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D46F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70678A3F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067B641)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685903)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681057)
[Address] EAT @explorer.exe (MsiApplyPatchA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70672D5D)
[Address] EAT @explorer.exe (MsiApplyPatchW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D943)
[Address] EAT @explorer.exe (MsiBeginTransactionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70689441)
[Address] EAT @explorer.exe (MsiBeginTransactionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706839D4)
[Address] EAT @explorer.exe (MsiCloseAllHandles) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706900C3)
[Address] EAT @explorer.exe (MsiCloseHandle) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690015)
[Address] EAT @explorer.exe (MsiCollectUserInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671C3A)
[Address] EAT @explorer.exe (MsiCollectUserInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D16F)
[Address] EAT @explorer.exe (MsiConfigureFeatureA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671D5A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067D70A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067E41B)
[Address] EAT @explorer.exe (MsiConfigureFeatureW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D2B7)
[Address] EAT @explorer.exe (MsiConfigureProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F256)
[Address] EAT @explorer.exe (MsiConfigureProductExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067DACA)
[Address] EAT @explorer.exe (MsiConfigureProductExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067E891)
[Address] EAT @explorer.exe (MsiConfigureProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F581)
[Address] EAT @explorer.exe (MsiCreateAndVerifyInstallerDirectory) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EB2E1)
[Address] EAT @explorer.exe (MsiCreateRecord) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691514)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706955D1)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706948EF)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706948A9)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691397)
[Address] EAT @explorer.exe (MsiDatabaseCommit) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690DEB)
[Address] EAT @explorer.exe (MsiDatabaseExportA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694792)
[Address] EAT @explorer.exe (MsiDatabaseExportW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691008)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069485D)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691270)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706945FD)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693C54)
[Address] EAT @explorer.exe (MsiDatabaseImportA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069472E)
[Address] EAT @explorer.exe (MsiDatabaseImportW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690F1E)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694643)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690C8F)
[Address] EAT @explorer.exe (MsiDatabaseMergeA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694817)
[Address] EAT @explorer.exe (MsiDatabaseMergeW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691111)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706945B7)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706902B7)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067DA7B)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C6286)
[Address] EAT @explorer.exe (MsiDeleteUserDataA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067A367)
[Address] EAT @explorer.exe (MsiDeleteUserDataW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706769EB)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068D4C5)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068C559)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068D9D9)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068C9E1)
[Address] EAT @explorer.exe (MsiDoActionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069613D)
[Address] EAT @explorer.exe (MsiDoActionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692D61)
[Address] EAT @explorer.exe (MsiEnableLogA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067189B)
[Address] EAT @explorer.exe (MsiEnableLogW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066FBE9)
[Address] EAT @explorer.exe (MsiEnableUIPreview) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706939CD)
[Address] EAT @explorer.exe (MsiEndTransaction) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70683E11)
[Address] EAT @explorer.exe (MsiEnumClientsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EEC96)
[Address] EAT @explorer.exe (MsiEnumClientsExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685D6E)
[Address] EAT @explorer.exe (MsiEnumClientsExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706813A7)
[Address] EAT @explorer.exe (MsiEnumClientsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D3647)
[Address] EAT @explorer.exe (MsiEnumComponentCostsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697847)
[Address] EAT @explorer.exe (MsiEnumComponentCostsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697A95)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067CD6D)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D384D)

[Monda]

[Address] EAT @explorer.exe (MsiEnumComponentsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706791B9)
[Address] EAT @explorer.exe (MsiEnumComponentsExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685B08)
[Address] EAT @explorer.exe (MsiEnumComponentsExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068121D)
[Address] EAT @explorer.exe (MsiEnumComponentsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067BA57)
[Address] EAT @explorer.exe (MsiEnumFeaturesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70679C04)
[Address] EAT @explorer.exe (MsiEnumFeaturesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067C259)
[Address] EAT @explorer.exe (MsiEnumPatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706897EB)
[Address] EAT @explorer.exe (MsiEnumPatchesExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70684897)
[Address] EAT @explorer.exe (MsiEnumPatchesExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70680E79)
[Address] EAT @explorer.exe (MsiEnumPatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068468E)
[Address] EAT @explorer.exe (MsiEnumProductsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70679175)
[Address] EAT @explorer.exe (MsiEnumProductsExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70686313)
[Address] EAT @explorer.exe (MsiEnumProductsExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681729)
[Address] EAT @explorer.exe (MsiEnumProductsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D559D)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70679109)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067B9EB)
[Address] EAT @explorer.exe (MsiEvaluateConditionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706961C6)
[Address] EAT @explorer.exe (MsiEvaluateConditionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706930C1)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70684FAE)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70684C22)
[Address] EAT @explorer.exe (MsiFormatRecordA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692A73)
[Address] EAT @explorer.exe (MsiFormatRecordW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692BF9)
[Address] EAT @explorer.exe (MsiGetActiveDatabase) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692639)
[Address] EAT @explorer.exe (MsiGetComponentPathA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067EEBD)
[Address] EAT @explorer.exe (MsiGetComponentPathExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70686053)
[Address] EAT @explorer.exe (MsiGetComponentPathExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681559)
[Address] EAT @explorer.exe (MsiGetComponentPathW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C62DD)
[Address] EAT @explorer.exe (MsiGetComponentStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706971E3)
[Address] EAT @explorer.exe (MsiGetComponentStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706972DC)
[Address] EAT @explorer.exe (MsiGetDatabaseState) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690ED9)
[Address] EAT @explorer.exe (MsiGetFeatureCostA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706975FD)
[Address] EAT @explorer.exe (MsiGetFeatureCostW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697702)
[Address] EAT @explorer.exe (MsiGetFeatureInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70670D1A)
[Address] EAT @explorer.exe (MsiGetFeatureInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066F5EE)
[Address] EAT @explorer.exe (MsiGetFeatureStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696CD5)
[Address] EAT @explorer.exe (MsiGetFeatureStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696DC3)
[Address] EAT @explorer.exe (MsiGetFeatureUsageA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067A111)
[Address] EAT @explorer.exe (MsiGetFeatureUsageW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067C9BD)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697CC5)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706936EC)
[Address] EAT @explorer.exe (MsiGetFileHashA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671214)
[Address] EAT @explorer.exe (MsiGetFileHashW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CA49)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067128C)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CA9F)
[Address] EAT @explorer.exe (MsiGetFileVersionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70670EF8)
[Address] EAT @explorer.exe (MsiGetFileVersionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70673D2F)
[Address] EAT @explorer.exe (MsiGetLanguage) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692727)
[Address] EAT @explorer.exe (MsiGetLastErrorRecord) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691D69)
[Address] EAT @explorer.exe (MsiGetMode) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069279F)
[Address] EAT @explorer.exe (MsiGetPatchFileListA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068D25D)
[Address] EAT @explorer.exe (MsiGetPatchFileListW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70688B6E)
[Address] EAT @explorer.exe (MsiGetPatchInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067A24F)
[Address] EAT @explorer.exe (MsiGetPatchInfoExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706855E9)
[Address] EAT @explorer.exe (MsiGetPatchInfoExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685177)
[Address] EAT @explorer.exe (MsiGetPatchInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067CAFB)
[Address] EAT @explorer.exe (MsiGetProductCodeA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EEADC)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067ED5F)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F353)
[Address] EAT @explorer.exe (MsiGetProductCodeW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EEE6C)
[Address] EAT @explorer.exe (MsiGetProductInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067D362)
[Address] EAT @explorer.exe (MsiGetProductInfoExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706865DE)
[Address] EAT @explorer.exe (MsiGetProductInfoExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706818FF)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70670880)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066F132)
[Address] EAT @explorer.exe (MsiGetProductInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D4273)
[Address] EAT @explorer.exe (MsiGetProductPropertyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70670B90)
[Address] EAT @explorer.exe (MsiGetProductPropertyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066F48B)
[Address] EAT @explorer.exe (MsiGetPropertyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069596D)
[Address] EAT @explorer.exe (MsiGetPropertyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70695BA3)
[Address] EAT @explorer.exe (MsiGetShortcutTargetA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70672A58)
[Address] EAT @explorer.exe (MsiGetShortcutTargetW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70674689)
[Address] EAT @explorer.exe (MsiGetSourcePathA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696209)
[Address] EAT @explorer.exe (MsiGetSourcePathW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069640D)
[Address] EAT @explorer.exe (MsiGetSummaryInformationA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706958BD)
[Address] EAT @explorer.exe (MsiGetSummaryInformationW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694293)
[Address] EAT @explorer.exe (MsiGetTargetPathA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706965F5)
[Address] EAT @explorer.exe (MsiGetTargetPathW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706967F9)
[Address] EAT @explorer.exe (MsiGetUserInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706791FE)
[Address] EAT @explorer.exe (MsiGetUserInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EE466)
[Address] EAT @explorer.exe (MsiInstallMissingComponentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706722C7)
[Address] EAT @explorer.exe (MsiInstallMissingComponentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706743D9)
[Address] EAT @explorer.exe (MsiInstallMissingFileA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70672067)
[Address] EAT @explorer.exe (MsiInstallMissingFileW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70674179)
[Address] EAT @explorer.exe (MsiInstallProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067197E)
[Address] EAT @explorer.exe (MsiInstallProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CE4B)
[Address] EAT @explorer.exe (MsiInvalidateFeatureCache) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7062D1D3)
[Address] EAT @explorer.exe (MsiIsProductElevatedA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70673306)
[Address] EAT @explorer.exe (MsiIsProductElevatedW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70674A5D)
[Address] EAT @explorer.exe (MsiJoinTransaction) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70683FEB)
[Address] EAT @explorer.exe (MsiLoadStringA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067141F)
[Address] EAT @explorer.exe (MsiLoadStringW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705DAE09)
[Address] EAT @explorer.exe (MsiLocateComponentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F19F)
[Address] EAT @explorer.exe (MsiLocateComponentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F4CA)
[Address] EAT @explorer.exe (MsiMessageBoxA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706716DA)
[Address] EAT @explorer.exe (MsiMessageBoxExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671528)
[Address] EAT @explorer.exe (MsiMessageBoxExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CCB1)
[Address] EAT @explorer.exe (MsiMessageBoxW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CE24)
[Address] EAT @explorer.exe (MsiNotifySidChangeA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067A306)
[Address] EAT @explorer.exe (MsiNotifySidChangeW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067501B)
[Address] EAT @explorer.exe (MsiOpenDatabaseA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694691)
[Address] EAT @explorer.exe (MsiOpenDatabaseW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693D8D)
[Address] EAT @explorer.exe (MsiOpenPackageA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066EDC0)
[Address] EAT @explorer.exe (MsiOpenPackageExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066C63E)
[Address] EAT @explorer.exe (MsiOpenPackageExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066C8E9)
[Address] EAT @explorer.exe (MsiOpenPackageW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066F7AB)
[Address] EAT @explorer.exe (MsiOpenProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70678BF2)
[Address] EAT @explorer.exe (MsiOpenProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067B857)
[Address] EAT @explorer.exe (MsiPreviewBillboardA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697D4E)
[Address] EAT @explorer.exe (MsiPreviewBillboardW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693AEA)
[Address] EAT @explorer.exe (MsiPreviewDialogA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697D0B)
[Address] EAT @explorer.exe (MsiPreviewDialogW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693A96)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067CBB2)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067DF39)
[Address] EAT @explorer.exe (MsiProcessMessage) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692F51)
[Address] EAT @explorer.exe (MsiProvideAssemblyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067FD5D)
[Address] EAT @explorer.exe (MsiProvideAssemblyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70680765)
[Address] EAT @explorer.exe (MsiProvideComponentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F7B9)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067FAB3)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D4F84)
[Address] EAT @explorer.exe (MsiProvideComponentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068030C)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EC385)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705ED411)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C8A47)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C8C86)
[Address] EAT @explorer.exe (MsiQueryComponentStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068687C)
[Address] EAT @explorer.exe (MsiQueryComponentStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681AE1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F6F1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70686A94)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681CD9)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067FC02)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068057D)
[Address] EAT @explorer.exe (MsiQueryFeatureStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C617D)
[Address] EAT @explorer.exe (MsiQueryProductStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067D45D)
[Address] EAT @explorer.exe (MsiQueryProductStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D49FE)
[Address] EAT @explorer.exe (MsiRecordClearData) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691D27)
[Address] EAT @explorer.exe (MsiRecordDataSize) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706916E5)
[Address] EAT @explorer.exe (MsiRecordGetFieldCount) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691916)
[Address] EAT @explorer.exe (MsiRecordGetInteger) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706918B5)
[Address] EAT @explorer.exe (MsiRecordGetStringA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693F1D)
[Address] EAT @explorer.exe (MsiRecordGetStringW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706940CC)
[Address] EAT @explorer.exe (MsiRecordIsNull) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706915F5)
[Address] EAT @explorer.exe (MsiRecordReadStream) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691B6D)
[Address] EAT @explorer.exe (MsiRecordSetInteger) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706917C2)
[Address] EAT @explorer.exe (MsiRecordSetStreamA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70695877)
[Address] EAT @explorer.exe (MsiRecordSetStreamW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691A03)
[Address] EAT @explorer.exe (MsiRecordSetStringA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069561D)
[Address] EAT @explorer.exe (MsiRecordSetStringW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069572E)
[Address] EAT @explorer.exe (MsiReinstallFeatureA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671EDE)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067D8C2)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067E657)
[Address] EAT @explorer.exe (MsiReinstallFeatureW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D8C24)
[Address] EAT @explorer.exe (MsiReinstallProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671AFE)
[Address] EAT @explorer.exe (MsiReinstallProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066CFF1)
[Address] EAT @explorer.exe (MsiRemovePatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70689606)
[Address] EAT @explorer.exe (MsiRemovePatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70683702)
[Address] EAT @explorer.exe (MsiSequenceA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696180)
[Address] EAT @explorer.exe (MsiSequenceW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692E4B)
[Address] EAT @explorer.exe (MsiSetComponentStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706973EB)
[Address] EAT @explorer.exe (MsiSetComponentStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706974E5)
[Address] EAT @explorer.exe (MsiSetExternalUIA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066C72F)
[Address] EAT @explorer.exe (MsiSetExternalUIRecord) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068336B)
[Address] EAT @explorer.exe (MsiSetExternalUIW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D4E86)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697001)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706970B4)
[Address] EAT @explorer.exe (MsiSetFeatureStateA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696E2D)
[Address] EAT @explorer.exe (MsiSetFeatureStateW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696EDF)
[Address] EAT @explorer.exe (MsiSetInstallLevel) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693424)
[Address] EAT @explorer.exe (MsiSetInternalUI) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D4FE6)
[Address] EAT @explorer.exe (MsiSetMode) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706928BB)
[Address] EAT @explorer.exe (MsiSetOfflineContextW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70698485)
[Address] EAT @explorer.exe (MsiSetPropertyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70695DC1)
[Address] EAT @explorer.exe (MsiSetPropertyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70695F85)
[Address] EAT @explorer.exe (MsiSetTargetPathA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706969DD)
[Address] EAT @explorer.exe (MsiSetTargetPathW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70696B61)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687136)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682165)
[Address] EAT @explorer.exe (MsiSourceListAddSourceA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70673037)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70686F13)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681F43)
[Address] EAT @explorer.exe (MsiSourceListAddSourceW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066DC51)
[Address] EAT @explorer.exe (MsiSourceListClearAllA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70672EF0)
[Address] EAT @explorer.exe (MsiSourceListClearAllExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687875)
[Address] EAT @explorer.exe (MsiSourceListClearAllExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068281B)
[Address] EAT @explorer.exe (MsiSourceListClearAllW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066DAEB)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068764A)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068260D)
[Address] EAT @explorer.exe (MsiSourceListClearSourceA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687436)
[Address] EAT @explorer.exe (MsiSourceListClearSourceW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682405)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068834E)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706831B5)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687C4B)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682C07)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706731B8)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687A6C)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682A09)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066DDDB)
[Address] EAT @explorer.exe (MsiSourceListGetInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70687E30)
[Address] EAT @explorer.exe (MsiSourceListGetInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682DB5)
[Address] EAT @explorer.exe (MsiSourceListSetInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706880F8)
[Address] EAT @explorer.exe (MsiSourceListSetInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70682FAB)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706921B9)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyCount) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691E3D)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069238B)
[Address] EAT @explorer.exe (MsiSummaryInfoPersist) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692551)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70695906)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691F2B)
[Address] EAT @explorer.exe (MsiUseFeatureA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70680D83)
[Address] EAT @explorer.exe (MsiUseFeatureExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F9E8)
[Address] EAT @explorer.exe (MsiUseFeatureExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D4D3A)
[Address] EAT @explorer.exe (MsiUseFeatureW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70680DA0)
[Address] EAT @explorer.exe (MsiVerifyDiskSpace) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693863)
[Address] EAT @explorer.exe (MsiVerifyPackageA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706707AA)
[Address] EAT @explorer.exe (MsiVerifyPackageW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066F097)
[Address] EAT @explorer.exe (MsiViewClose) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690BAF)
[Address] EAT @explorer.exe (MsiViewExecute) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069070F)
[Address] EAT @explorer.exe (MsiViewFetch) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690833)
[Address] EAT @explorer.exe (MsiViewGetColumnInfo) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690A91)
[Address] EAT @explorer.exe (MsiViewGetErrorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706903F1)
[Address] EAT @explorer.exe (MsiViewGetErrorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706905CE)
[Address] EAT @explorer.exe (MsiViewModify) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069093F)
[Address] EAT @explorer.exe (QueryInstanceCount) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D2B2A)
[Address] EAT @explorer.exe (DllCanUnloadNow) : wscinterop.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x74353418)
[Address] EAT @explorer.exe (DllGetClassObject) : wscinterop.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x743534C5)
[Address] EAT @explorer.exe (DllRegisterServer) : wscinterop.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x743533A5)
[Address] EAT @explorer.exe (DllUnregisterServer) : wscinterop.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x74353408)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST340014A ATA Device +++++
--- User ---
[MBR] 52906eb79f80aba20185329f1f830943
[BSP] 59e33a97363a159f7e06dc7966f0be44 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38164 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) Maxtor 6Y080L0 ATA Device +++++
--- User ---
[MBR] 73ba24ed873990f2e223d7ae832da07a
[BSP] 5e5b217ffbcbd13a8fb005a504d7003a : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 78165 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST320410A ATA Device +++++
--- User ---
[MBR] 2608f02737e0f7a52a1805d11a124c8a
[BSP] 6da2e78ecf9e702393c7e345fcb40b85 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 19090 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) EPSON Stylus Storage USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_05132014_205718.txt >>

[Orcus]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Popiš problémy.

[Monda]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Markynka [Práva správce]
Mód : Odebrat -- Datum : 05/14/2014 18:47:35
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746109AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746049A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74630731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74606395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746108ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746094AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74606A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746335E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746053E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746051BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74604EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746063E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746306CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74604BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746104BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746105DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74607C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746323B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746086E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746106E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746139D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746322E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74633172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746329C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74632B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74602D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74611081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74602E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746060AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746085B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746073D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74623D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74633296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7460B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7463068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxĨÿ-˜—/ø"S) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7419DD99)
[Address] EAT @explorer.exe (DllCanUnloadNow) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D2B3B)
[Address] EAT @explorer.exe (DllGetClassObject) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705E188E)
[Address] EAT @explorer.exe (DllGetVersion) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D2982)
[Address] EAT @explorer.exe (DllRegisterServer) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70667DC5)
[Address] EAT @explorer.exe (DllUnregisterServer) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066818F)
[Address] EAT @explorer.exe (Migrate10CachedPackagesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066C744)
[Address] EAT @explorer.exe (Migrate10CachedPackagesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066E1AC)
[Address] EAT @explorer.exe (MsiAdvertiseProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067257F)
[Address] EAT @explorer.exe (MsiAdvertiseProductExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706727D7)
[Address] EAT @explorer.exe (MsiAdvertiseProductExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D6C1)
[Address] EAT @explorer.exe (MsiAdvertiseProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D46F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70678A3F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067B641)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685903)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70681057)
[Address] EAT @explorer.exe (MsiApplyPatchA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70672D5D)
[Address] EAT @explorer.exe (MsiApplyPatchW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D943)
[Address] EAT @explorer.exe (MsiBeginTransactionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70689441)
[Address] EAT @explorer.exe (MsiBeginTransactionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706839D4)
[Address] EAT @explorer.exe (MsiCloseAllHandles) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706900C3)
[Address] EAT @explorer.exe (MsiCloseHandle) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690015)
[Address] EAT @explorer.exe (MsiCollectUserInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671C3A)
[Address] EAT @explorer.exe (MsiCollectUserInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D16F)
[Address] EAT @explorer.exe (MsiConfigureFeatureA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70671D5A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067D70A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067E41B)
[Address] EAT @explorer.exe (MsiConfigureFeatureW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066D2B7)
[Address] EAT @explorer.exe (MsiConfigureProductA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F256)
[Address] EAT @explorer.exe (MsiConfigureProductExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067DACA)
[Address] EAT @explorer.exe (MsiConfigureProductExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067E891)
[Address] EAT @explorer.exe (MsiConfigureProductW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067F581)
[Address] EAT @explorer.exe (MsiCreateAndVerifyInstallerDirectory) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EB2E1)
[Address] EAT @explorer.exe (MsiCreateRecord) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691514)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706955D1)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706948EF)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706948A9)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691397)
[Address] EAT @explorer.exe (MsiDatabaseCommit) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690DEB)
[Address] EAT @explorer.exe (MsiDatabaseExportA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694792)
[Address] EAT @explorer.exe (MsiDatabaseExportW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691008)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069485D)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691270)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706945FD)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70693C54)
[Address] EAT @explorer.exe (MsiDatabaseImportA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069472E)
[Address] EAT @explorer.exe (MsiDatabaseImportW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690F1E)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694643)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70690C8F)
[Address] EAT @explorer.exe (MsiDatabaseMergeA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70694817)
[Address] EAT @explorer.exe (MsiDatabaseMergeW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70691111)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706945B7)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706902B7)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067DA7B)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705C6286)
[Address] EAT @explorer.exe (MsiDeleteUserDataA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067A367)
[Address] EAT @explorer.exe (MsiDeleteUserDataW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706769EB)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068D4C5)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068C559)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068D9D9)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068C9E1)
[Address] EAT @explorer.exe (MsiDoActionA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7069613D)
[Address] EAT @explorer.exe (MsiDoActionW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70692D61)
[Address] EAT @explorer.exe (MsiEnableLogA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067189B)
[Address] EAT @explorer.exe (MsiEnableLogW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7066FBE9)
[Address] EAT @explorer.exe (MsiEnableUIPreview) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706939CD)
[Address] EAT @explorer.exe (MsiEndTransaction) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70683E11)
[Address] EAT @explorer.exe (MsiEnumClientsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705EEC96)
[Address] EAT @explorer.exe (MsiEnumClientsExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685D6E)
[Address] EAT @explorer.exe (MsiEnumClientsExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706813A7)
[Address] EAT @explorer.exe (MsiEnumClientsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D3647)
[Address] EAT @explorer.exe (MsiEnumComponentCostsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697847)
[Address] EAT @explorer.exe (MsiEnumComponentCostsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70697A95)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067CD6D)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x705D384D)
[Address] EAT @explorer.exe (MsiEnumComponentsA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x706791B9)
[Address] EAT @explorer.exe (MsiEnumComponentsExA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70685B08)
[Address] EAT @explorer.exe (MsiEnumComponentsExW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7068121D)
[Address] EAT @explorer.exe (MsiEnumComponentsW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067BA57)
[Address] EAT @explorer.exe (MsiEnumFeaturesA) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x70679C04)
[Address] EAT @explorer.exe (MsiEnumFeaturesW) : srchadmin.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7067C259)