Solved Win update impossible and all certificates suddenly expired

[needhelp51]

Hello,

I recently installed win7 and everything was fine up til today. All certificates in all browser seem wrong, my browser suggest I might be being hacked. Windows update worked fine, but impossible since this morning. Also, two Toshiba drivers show as unknown origin even though they were downloaded from Toshiba site and worked fine before today. Computer is suddenly sluggish also. I suspect something is going on.

Here are the logs:

Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 2006-07-01
Scan Time: 02:33:06
Logfile: Log MBAM.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.06.09
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Admin
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 212294
Time Elapsed: 22 min, 12 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 2
PUP.Optional.BundleInstaller, C:\$Recycle.Bin\S-1-5-21-811221372-2198457851-1441504835-1000\$RYUI9P4.exe, Quarantined, [e83969beec8f2d09d9761651827f5ea2],
PUP.Optional.BundleInstaller, C:\Windows\Temp\_avast_\ws1673.dat, Quarantined, [be636dba5c1f8aacdc73df88b9483bc5],
Physical Sectors: 0
(No malicious items detected)

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by Admin at 2:34:43 on 2006-07-01
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.1.1036.18.3070.1774 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 47.55.55.55 142.166.166.166
TCP: Interfaces\{83A967BC-B179-4662-BC85-2206CCDD72C9} : DHCPNameServer = 47.55.55.55 142.166.166.166
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\yk8py79e.default\
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-4-4 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-4-4 180760]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-4-4 776976]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-4-4 411552]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2014-3-25 20072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2014-3-25 607168]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2014-3-25 43728]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-4-4 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-4-4 50344]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-12-6 1229528]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-4-4 67264]
R3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2014-3-25 1663192]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-3 108032]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-12-6 16024]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Service de stockage;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-4-3 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2014-4-3 1343400]
.
=============== Created Last 30 ================
.
2014-04-06 13:53:18 24576 ----a-w- c:\windows\system32\TSCI.dll
2014-04-06 13:53:18 24576 ----a-w- c:\windows\system32\THCI.dll
2014-04-05 19:49:01 -------- d-----w- c:\users\admin\appdata\roaming\OpenOffice
2014-04-05 17:03:10 -------- d-----w- c:\program files\EA GAMES
2014-04-05 17:01:42 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2014-04-05 17:01:42 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2014-04-05 17:01:42 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2014-04-05 17:01:41 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2014-04-05 14:19:56 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-05 14:19:30 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-05 14:19:30 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-05 14:19:30 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-05 14:19:30 -------- d-----w- c:\programdata\Malwarebytes
2014-04-05 14:19:30 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-05 13:47:23 -------- d-----w- c:\programdata\Auslogics
2014-04-05 13:46:50 -------- d-----w- c:\program files\Auslogics
2014-04-05 13:36:06 -------- d-----w- c:\program files\Audacity
2014-04-05 13:31:10 -------- d-----w- c:\programdata\Oracle
2014-04-05 13:25:15 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-05 03:27:25 -------- d-----w- c:\users\admin\appdata\roaming\DonationCoder
2014-04-05 02:47:04 -------- d-----w- c:\programdata\DonationCoder
2014-04-05 02:47:03 -------- d-----w- c:\program files\ScreenshotCaptor
2014-04-05 02:46:50 -------- d-----w- c:\users\admin\appdata\local\Programs
2014-04-04 23:17:06 -------- d-----w- c:\program files\Synaptics
2014-04-04 23:14:16 430080 ----a-w- c:\windows\system32\TOSCDSPD.cpl
2014-04-04 23:12:49 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2014-04-04 23:12:48 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2014-04-04 23:12:48 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2014-04-04 23:12:48 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2014-04-04 23:12:48 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2014-04-04 23:12:48 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2014-04-04 23:12:47 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2014-04-04 23:12:47 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2014-04-04 23:00:49 128344 ----a-w- c:\windows\system32\TODDSrv.exe
2014-04-04 23:00:39 -------- d-----w- c:\program files\TOSHIBA
2014-04-04 22:59:39 -------- d-----w- c:\users\admin\appdata\roaming\WinBatch
2014-04-04 22:17:22 -------- d-s---w- c:\programdata\Shared Space
2014-04-04 22:17:01 -------- d-----w- c:\program files\COMODO
2014-04-04 22:16:49 -------- d-----w- c:\programdata\Comodo Downloader
2014-04-04 22:13:29 -------- d-----w- c:\programdata\Comodo
2014-04-04 22:02:49 -------- d-----w- c:\users\admin\appdata\roaming\AVAST Software
2014-04-04 22:01:49 67264 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-04 22:01:44 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-04 22:01:40 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-04 22:01:37 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-04 22:01:34 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-04 22:01:32 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-04 22:01:19 43152 ----a-w- c:\windows\avastSS.scr
2014-04-04 21:58:34 -------- d-----w- c:\program files\AVAST Software
2014-04-04 21:57:11 -------- d-----w- c:\programdata\AVAST Software
2014-04-04 21:51:12 -------- d-----w- c:\users\admin\appdata\local\Secunia PSI
2014-04-04 21:50:58 -------- d-----w- c:\program files\Secunia
2014-04-04 21:49:30 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2014-04-04 21:49:23 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{86f4a052-cdea-46b7-88e4-279ec55a6db8}\mpengine.dll
2014-04-04 03:44:57 -------- d-----w- c:\users\admin\appdata\roaming\IrfanView
2014-04-04 03:44:56 -------- d-----w- c:\program files\IrfanView
2014-04-04 03:42:12 -------- d-----w- c:\users\admin\appdata\local\Adobe
2014-04-04 03:41:29 -------- d-----w- c:\program files\VideoLAN
2014-04-04 03:28:57 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-04-04 03:23:46 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-04-04 03:23:17 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-04-04 03:23:17 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-04-04 03:15:52 -------- d-----w- c:\windows\system32\MRT
2014-04-04 03:07:38 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-04-04 03:07:28 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-04 03:07:25 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2014-04-04 03:07:22 855552 ----a-w- c:\windows\system32\rdvidcrl.dll
2014-04-04 03:07:22 76288 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-04-04 03:07:22 53248 ----a-w- c:\windows\system32\tsgqec.dll
2014-04-04 03:07:22 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2014-04-04 03:07:22 350208 ----a-w- c:\windows\system32\wksprt.exe
2014-04-04 03:07:22 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2014-04-04 03:07:22 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-04 03:07:18 1068544 ----a-w- c:\windows\system32\mstsc.exe
2014-04-04 03:06:34 -------- d-----w- c:\program files\CONEXANT
2014-04-04 03:05:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2014-04-04 03:05:29 792576 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-04-04 02:58:09 -------- d-----w- c:\windows\Migration
2014-04-04 02:48:04 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-04 02:48:04 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-04 02:47:55 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-04 02:47:55 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-04 02:47:53 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-04 02:47:53 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-04 02:47:53 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-04 02:41:02 -------- d-----w- c:\windows\system32\Wat
2014-04-04 02:29:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-04 02:29:53 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2014-04-04 02:02:03 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-04 02:02:03 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-04 02:00:39 -------- d-----w- c:\users\admin\appdata\local\Skype
2014-04-04 01:59:52 -------- d-----r- c:\program files\Skype
2014-04-04 01:55:17 46704 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
2014-04-04 01:52:59 75376 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2014-04-04 01:52:59 307824 ----a-w- c:\program files\mozilla firefox\freebl3.dll
2014-04-04 01:52:59 275568 ----a-w- c:\program files\mozilla firefox\firefox.exe
2014-04-04 01:52:59 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2014-04-04 01:52:59 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2014-04-04 01:52:59 117360 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2014-04-04 01:50:09 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2014-04-04 01:50:09 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2014-04-04 01:50:09 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2014-04-04 01:50:09 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2014-04-04 01:50:06 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll
2014-04-04 01:50:06 86016 ----a-w- c:\windows\system32\odbccu32.dll
2014-04-04 01:50:06 81920 ----a-w- c:\windows\system32\odbccr32.dll
2014-04-04 01:50:06 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2014-04-04 01:50:06 122880 ----a-w- c:\windows\system32\odbccp32.dll
2014-04-04 01:50:05 163840 ----a-w- c:\windows\system32\odbctrac.dll
2014-04-04 01:41:36 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-04-04 01:41:30 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-04-04 01:41:25 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2014-04-04 01:41:21 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-04-04 01:41:16 626688 ----a-w- c:\windows\system32\usp10.dll
2014-04-04 01:41:12 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-04 01:41:09 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-04-04 01:41:09 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-04-04 01:41:06 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2014-04-04 01:41:04 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-04-04 01:41:03 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-04-04 01:40:59 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-04-04 01:40:46 1796096 ----a-w- c:\windows\system32\authui.dll
2014-04-04 01:40:45 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-04-04 01:40:44 168960 ----a-w- c:\windows\system32\credui.dll
2014-04-04 01:40:11 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-04-04 01:39:50 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2014-04-04 01:39:50 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-04-04 01:39:50 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-04-04 01:39:47 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-04-04 01:39:14 509440 ----a-w- c:\windows\system32\qedit.dll
2014-04-04 01:39:09 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-04-04 01:39:05 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-04-04 01:37:59 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-04-04 01:37:24 75776 ----a-w- c:\windows\system32\psisrndr.ax
2014-04-04 01:37:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2014-04-04 01:37:16 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-04-04 01:37:16 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-04-04 01:36:52 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-04-04 01:36:13 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-04 01:34:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-04-04 01:34:33 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-04-04 01:34:23 492544 ----a-w- c:\windows\system32\win32spl.dll
2014-04-04 01:34:14 1389568 ----a-w- c:\windows\system32\msxml6.dll
2014-04-04 01:34:03 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-04-04 01:34:02 70656 ----a-w- c:\windows\system32\fontsub.dll
2014-04-04 01:34:02 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-04-04 01:34:02 26112 ----a-w- c:\windows\system32\lpk.dll
2014-04-04 01:34:02 10240 ----a-w- c:\windows\system32\dciman32.dll
2014-04-04 01:33:48 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-04-04 01:32:54 903168 ----a-w- c:\windows\system32\certutil.exe
2014-04-04 01:32:52 43008 ----a-w- c:\windows\system32\certenc.dll
2014-04-04 01:32:01 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-04-04 01:32:01 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-04-04 01:32:01 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-04-04 01:32:01 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-04-04 01:32:01 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-04-04 01:32:01 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-04-04 01:32:00 18944 ----a-w- c:\windows\system32\netevent.dll
2014-04-04 01:31:33 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-04 01:29:23 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2014-04-04 01:29:23 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2014-04-04 01:29:23 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2014-04-04 01:28:33 41984 ----a-w- c:\windows\system32\browcli.dll
2014-04-04 01:28:33 102912 ----a-w- c:\windows\system32\browser.dll
2014-04-04 01:25:21 805376 ----a-w- c:\windows\system32\cdosys.dll
2014-04-04 01:25:21 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2014-04-04 01:25:21 1019904 ----a-w- c:\program files\common files\system\ado\msado15.dll
2014-04-04 01:25:20 57344 ----a-w- c:\program files\common files\system\ado\msador15.dll
2014-04-04 01:25:20 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll
2014-04-04 01:25:20 212992 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2014-04-04 01:25:20 143360 ----a-w- c:\program files\common files\system\ado\msjro.dll
2014-04-04 01:25:15 400896 ----a-w- c:\windows\system32\srcore.dll
2014-04-04 01:25:12 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-04-04 01:25:10 1328128 ----a-w- c:\windows\system32\quartz.dll
2014-04-04 01:24:56 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-04-04 01:24:56 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-04-04 01:24:53 850944 ----a-w- c:\windows\system32\sbe.dll
2014-04-04 01:24:53 642048 ----a-w- c:\windows\system32\CPFilters.dll
2014-04-04 01:24:53 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2014-04-04 01:24:12 542208 ----a-w- c:\windows\system32\kerberos.dll
2014-04-04 01:15:48 31232 ----a-w- c:\windows\system32\prevhost.exe
2014-04-04 01:11:10 708608 ----a-w- c:\program files\common files\system\wab32.dll
2014-04-04 01:09:54 478720 ----a-w- c:\windows\system32\timedate.cpl
2014-04-04 01:09:46 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-04-04 01:09:42 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-04-04 01:09:42 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2014-04-04 01:09:42 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-04-04 01:09:39 741376 ----a-w- c:\windows\system32\inetcomm.dll
2014-04-04 01:09:35 67072 ----a-w- c:\windows\system32\packager.dll
2014-04-04 01:09:31 2342400 ----a-w- c:\windows\system32\msi.dll
2014-04-04 01:06:37 314880 ----a-w- c:\windows\system32\webio.dll
2014-04-04 01:05:58 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-04-04 01:05:48 78336 ----a-w- c:\windows\system32\synceng.dll
2014-04-04 01:05:26 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-04-04 01:05:26 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-04-04 01:05:26 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-04-04 01:05:26 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-04-04 01:04:58 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2014-04-04 01:04:37 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-04-04 01:04:36 656896 ----a-w- c:\windows\system32\nshwfp.dll
2014-04-04 01:04:36 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-04-04 01:04:23 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-04-04 01:04:23 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-04-04 01:03:32 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2014-04-04 01:03:32 1168384 ----a-w- c:\windows\system32\crypt32.dll
2014-04-04 01:03:31 103936 ----a-w- c:\windows\system32\cryptnet.dll
2014-04-04 01:02:08 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-04-04 00:59:51 381440 ----a-w- c:\windows\system32\wer.dll
2014-04-04 00:59:31 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2014-04-04 00:59:31 1137664 ----a-w- c:\windows\system32\mfc42.dll
2014-04-04 00:57:21 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2014-04-04 00:57:01 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-04-04 00:57:01 233472 ----a-w- c:\windows\system32\oleacc.dll
2014-04-04 00:53:51 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2014-04-04 00:53:51 666624 ----a-w- c:\windows\system32\mssvp.dll
2014-04-04 00:53:51 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2014-04-04 00:53:51 337408 ----a-w- c:\windows\system32\mssph.dll
2014-04-04 00:53:51 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2014-04-04 00:53:51 1549312 ----a-w- c:\windows\system32\tquery.dll
2014-04-04 00:53:51 1401344 ----a-w- c:\windows\system32\mssrch.dll
2014-04-04 00:53:50 59392 ----a-w- c:\windows\system32\msscntrs.dll
2014-04-04 00:53:50 197120 ----a-w- c:\windows\system32\mssphtb.dll
2014-04-04 00:51:13 534528 ----a-w- c:\windows\system32\EncDec.dll
2014-04-04 00:34:24 -------- d-----w- c:\program files\OpenOffice 4
2014-04-04 00:33:04 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-04-04 00:32:57 690688 ----a-w- c:\windows\system32\msvcrt.dll
2014-04-04 00:32:08 164352 ----a-w- c:\windows\system32\profsvc.dll
2014-04-04 00:24:45 769024 ----a-w- c:\windows\system32\localspl.dll
2014-04-04 00:24:35 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-04-04 00:24:31 442880 ----a-w- c:\windows\system32\ntshrui.dll
2014-04-04 00:12:43 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2014-04-04 00:12:21 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-04-04 00:12:18 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-04-04 00:12:18 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-04-04 00:12:18 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-04-04 00:12:08 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-04 00:12:03 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-04-04 00:12:03 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-04-04 00:12:03 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-04-04 00:12:03 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-04-04 00:12:03 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-04-04 00:12:03 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-04-04 00:04:00 -------- d-----w- c:\windows\system32\wbem\en-US
2014-04-04 00:03:15 -------- d-----w- c:\program files\mp3DirectCut
2014-04-04 00:00:12 -------- d-----w- c:\program files\CCleaner
2014-04-03 23:45:05 101720 ----a-w- c:\windows\system32\consent.exe
2014-04-03 23:45:04 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-04-03 23:40:12 -------- d-sh--w- c:\windows\Installer
2014-04-03 23:39:16 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-04-03 23:37:28 826880 ----a-w- c:\windows\system32\rdpcore.dll
2014-04-03 23:37:28 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-04-03 23:34:22 -------- d-----w- c:\users\admin\appdata\local\Google
2014-04-03 23:33:40 -------- d-----w- c:\users\admin\appdata\local\Apps
2014-04-03 23:33:38 -------- d-----w- c:\users\admin\appdata\local\Deployment
2014-04-03 23:22:27 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-04-03 23:22:27 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-04-03 23:22:24 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-04-03 23:21:44 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-04-03 02:35:23 -------- d-sh--w- C:\Boot
2014-04-02 23:21:03 -------- d-----w- C:\Bureau2014
2014-04-02 21:54:03 -------- d-----w- c:\windows\Panther
2014-04-02 21:40:01 -------- d-----w- C:\Windows.old
2014-03-26 00:22:50 43728 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-03-26 00:22:48 607168 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-03-26 00:22:48 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-03-26 00:22:38 363504 ----a-w- c:\windows\system32\guard32.dll
2014-03-26 00:22:38 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2014-03-26 00:22:26 284888 ----a-w- c:\windows\system32\cmdvrt32.dll
2014-03-26 00:22:24 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2014-03-08 00:51:40 -------- d-----w- C:\Intel
2013-12-29 22:08:29 -------- d-----w- C:\Python27
2013-12-29 21:59:44 -------- d-----w- C:\Python33
2013-12-06 14:47:12 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
2013-09-12 01:21:54 863344 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2013-09-12 01:21:54 501872 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2013-09-12 01:21:54 28776 ----a-w- c:\windows\system32\aspnet_counters.dll
2013-09-12 01:21:54 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-08-22 02:32:42 -------- d-sha-r- C:\cmdcons
2013-06-09 19:44:59 -------- d-----w- C:\Ancien Disque
2013-05-18 20:44:20 -------- d--h--w- C:\VTRoot
2013-05-12 15:13:10 -------- d-----w- C:\97317ce748271ca34c4e3f38a69f021d
2013-05-12 14:51:02 -------- d-----w- C:\Mes Affaires
2013-05-11 22:46:35 -------- d-----w- C:\4996927265dc45c02c01
2013-04-29 03:19:31 -------- d-----w- c:\program files\ImpotRapide 2007
2013-04-29 03:18:44 -------- d-----w- c:\program files\ImpotRapide 2012
2013-04-29 03:18:37 -------- d-----w- c:\program files\ImpotRapide 2010
2013-04-29 03:18:29 -------- d-----w- c:\program files\ImpotRapide 2009
2013-04-29 03:18:23 -------- d-----w- c:\program files\ImpotRapide 2008
2011-04-19 08:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-04-12 01:45:14 -------- d-----w- c:\program files\Windows Journal
2011-04-12 01:45:07 -------- d-----w- c:\windows\ShellNew
2011-04-12 01:45:07 -------- d-----w- c:\windows\ehome
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\winrm
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\WCN
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\slmgr
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\Printing_Admin_Scripts
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\fr
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\drivers\fr-FR
2011-04-12 01:35:38 -------- d-----w- c:\windows\system32\040C
2011-04-12 01:35:38 -------- d-----w- c:\windows\fr-FR
2011-04-12 01:35:38 -------- d-----w- c:\windows\DigitalLocker
2011-04-12 01:35:37 -------- d-----w- c:\windows\system32\wbem\fr-FR
2011-04-12 01:35:19 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\fr-fr\LXKPTPRC.DLL.mui
2011-02-20 03:03:12 421200 ----a-w- c:\windows\system32\msvcp100.dll
2011-02-19 04:40:50 773968 ----a-w- c:\windows\system32\msvcr100.dll
2010-11-20 21:00:53 -------- d-----w- c:\windows\system32\wbem\Performance
2009-07-30 21:45:56 22912 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys
2009-07-14 19:28:42 23512 ----a-w- c:\windows\system32\drivers\TVALZ_O.SYS
2009-07-14 04:53:55 -------- d-sh--we C:\Documents and Settings
2009-07-14 04:53:50 -------- d-----w- c:\windows\system32\wbem\mof\good
2009-07-14 04:53:50 -------- d-----w- c:\windows\system32\wbem\mof\bad
2009-07-14 04:41:11 -------- d-----w- c:\windows\system32\wbem\MOF
2009-07-14 04:34:16 -------- d-----w- c:\windows\Setup
2009-07-14 04:34:13 -------- d-----w- c:\windows\ServiceProfiles
2009-07-14 04:34:06 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================
.
2014-04-04 23:15:55 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2014-04-04 23:15:49 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-04-04 23:15:49 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2014-04-04 23:15:48 179896 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-04-04 23:15:47 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2014-04-04 23:15:46 163840 ----a-w- c:\windows\system32\SynCOM.dll
2014-04-04 22:54:28 172032 ----a-w- c:\windows\system32\UCI32114.dll
2014-04-04 22:54:27 61952 ----a-w- c:\windows\system32\CHDAudPropShortcut.exe
2014-04-04 22:54:26 566272 ----a-w- c:\windows\system32\drivers\CHDAud.sys
2014-04-04 22:54:26 5120 ----a-w- c:\windows\system32\CHdAudPropres.dll
2014-04-04 22:54:26 24064 ----a-w- c:\windows\system32\CHdAudprop.dll
2014-04-04 01:06:14 69632 ----a-w- c:\windows\system32\smss.exe
2014-04-04 01:06:14 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-04-04 01:06:14 619520 ----a-w- c:\windows\system32\tdh.dll
2014-04-04 01:06:14 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-04-04 01:06:14 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-04-04 01:06:14 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-04-04 01:06:14 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-03-01 04:11:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-09 02:22:42 5694464 ----a-w- c:\windows\system32\mstscax.dll
2013-12-06 02:02:08 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-12-06 02:02:08 1237504 ----a-w- c:\windows\system32\msxml3.dll
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- c:\windows\system32\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- c:\windows\system32\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- c:\windows\system32\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2013-10-19 01:36:59 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-12 02:04:36 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-10-12 01:15:48 141824 ----a-w- c:\windows\system32\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- c:\windows\system32\cscript.exe
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-10-02 03:01:40 3584 ----a-w- c:\windows\system32\drivers\fr-fr\tsusbflt.sys.mui
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-08-02 01:50:36 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49:19 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 00:52:57 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43:05 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-04 12:16:47 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-04 11:57:28 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-07-04 11:51:04 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-07-04 09:48:52 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-06-15 03:38:43 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-07-26 04:44:39 2560 ----a-w- c:\windows\system32\drivers\fr-fr\wdf01000.sys.mui
2012-04-26 04:45:55 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41:16 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-17 07:27:18 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-02-11 05:37:49 317440 ----a-w- c:\windows\system32\spoolsv.exe
2011-03-11 05:39:05 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 05:39:00 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 05:39:00 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 05:38:51 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 05:38:37 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 05:38:37 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 05:33:09 1699328 ----a-w- c:\windows\system32\esent.dll
2011-03-11 05:31:07 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-03-03 05:38:01 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36:16 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-02-25 05:30:54 2616320 ----a-w- c:\windows\explorer.exe
2010-11-20 21:31:02 152576 ----a-w- c:\windows\system32\msclmd.dll
2009-07-14 01:26:21 249408 ----a-w- c:\windows\system32\clfs.sys
2009-07-14 01:20:45 12368 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-07-14 01:19:11 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS
2009-07-14 01:17:54 55584 ----a-w- c:\windows\system32\drivers\dumpfve.sys
2009-07-14 01:17:54 249680 ----a-w- c:\windows\system32\bcryptprimitives.dll
2009-07-14 01:17:54 242936 ----a-w- c:\windows\system32\rsaenh.dll
2009-07-14 01:17:54 156728 ----a-w- c:\windows\system32\dssenh.dll
.
============= FINISH: 2:38:30,37 ===============

 

[needhelp51]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professionnel
Boot Device: \Device\HarddiskVolume1
Install Date: 2014-04-02 22:24:38
System Uptime: 2006-07-01 00:30:46 (2 hours ago)
.
Motherboard: TOSHIBA | | Satellite P100
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | U2E1 | 989/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 708,886 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Contrôleur de stockage de masse
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_FF311179&REV_00\4&1423FFA9&0&22F0
Manufacturer:
Name: Contrôleur de stockage de masse
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_FF311179&REV_00\4&1423FFA9&0&22F0
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Reader XI (11.0.06) - Français
Audacity 2.0.5
Auslogics DiskDefrag
avast! Free Antivirus
CCleaner
COMODO Firewall
Conexant HD Audio
Google Chrome
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
IrfanView (remove only)
Java 7 Update 51
Java Auto Updater
Malwarebytes Anti-Malware version 2.0.1.1004
Medal of Honor Allied Assault
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (FRA)
Microsoft .NET Framework 4.5.1 (Français)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 28.0 (x86 fr)
Mozilla Maintenance Service
NVIDIA Drivers
OpenOffice 4.0.1
Réducteur de bruit lect. CD/DVD
Screenshot Captor 4.8
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Skype™ 6.14
Synaptics Pointing Device Driver
TOSHIBA Disc Creator
TOSHIBA Value Added Package
VLC media player 2.1.3
.
==== End Of File ===========================

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

Download RogueKiller from one of the following links and save it to your Desktop:

• Link 1
• Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[needhelp51]

Just noticed my Windows date/time is 2006/07/01 03:49 AM...

Here are the requested logs:

The RK logs are huge (190000 caracters) and there are two of them.

Here is the SEARCH log:

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Admin [Droits d'admin]
Mode : Recherche -- Date : 07/01/2006 03:17:23
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 3 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ACF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox-Lï�?–B#ø"##ÿÿÿÿŒ–B#tD##LïG) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD99)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142B3B)
[Address] EAT @explorer.exe (DllGetClassObject) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415188E)
[Address] EAT @explorer.exe (DllGetVersion) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142982)
[Address] EAT @explorer.exe (DllRegisterServer) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741D7DC5)
[Address] EAT @explorer.exe (DllUnregisterServer) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741D818F)
[Address] EAT @explorer.exe (Migrate10CachedPackagesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC744)
[Address] EAT @explorer.exe (Migrate10CachedPackagesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DE1AC)
[Address] EAT @explorer.exe (MsiAdvertiseProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E257F)
[Address] EAT @explorer.exe (MsiAdvertiseProductExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E27D7)
[Address] EAT @explorer.exe (MsiAdvertiseProductExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD6C1)
[Address] EAT @explorer.exe (MsiAdvertiseProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD46F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E8A3F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB641)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5903)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1057)
[Address] EAT @explorer.exe (MsiApplyPatchA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2D5D)
[Address] EAT @explorer.exe (MsiApplyPatchW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD943)
[Address] EAT @explorer.exe (MsiBeginTransactionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F9441)
[Address] EAT @explorer.exe (MsiBeginTransactionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F39D4)
[Address] EAT @explorer.exe (MsiCloseAllHandles) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742000C3)
[Address] EAT @explorer.exe (MsiCloseHandle) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200015)
[Address] EAT @explorer.exe (MsiCollectUserInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1C3A)
[Address] EAT @explorer.exe (MsiCollectUserInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD16F)
[Address] EAT @explorer.exe (MsiConfigureFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1D5A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED70A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE41B)
[Address] EAT @explorer.exe (MsiConfigureFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD2B7)
[Address] EAT @explorer.exe (MsiConfigureProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF256)
[Address] EAT @explorer.exe (MsiConfigureProductExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDACA)
[Address] EAT @explorer.exe (MsiConfigureProductExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE891)
[Address] EAT @explorer.exe (MsiConfigureProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF581)
[Address] EAT @explorer.exe (MsiCreateAndVerifyInstallerDirectory) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415B2E1)
[Address] EAT @explorer.exe (MsiCreateRecord) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201514)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742055D1)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742048EF)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742048A9)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201397)
[Address] EAT @explorer.exe (MsiDatabaseCommit) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200DEB)
[Address] EAT @explorer.exe (MsiDatabaseExportA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204792)
[Address] EAT @explorer.exe (MsiDatabaseExportW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201008)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420485D)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201270)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742045FD)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203C54)
[Address] EAT @explorer.exe (MsiDatabaseImportA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420472E)
[Address] EAT @explorer.exe (MsiDatabaseImportW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200F1E)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204643)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200C8F)
[Address] EAT @explorer.exe (MsiDatabaseMergeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204817)
[Address] EAT @explorer.exe (MsiDatabaseMergeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201111)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742045B7)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742002B7)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDA7B)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74136286)
[Address] EAT @explorer.exe (MsiDeleteUserDataA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA367)
[Address] EAT @explorer.exe (MsiDeleteUserDataW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E69EB)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD4C5)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FC559)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD9D9)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FC9E1)
[Address] EAT @explorer.exe (MsiDoActionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420613D)
[Address] EAT @explorer.exe (MsiDoActionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202D61)
[Address] EAT @explorer.exe (MsiEnableLogA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E189B)
[Address] EAT @explorer.exe (MsiEnableLogW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DFBE9)
[Address] EAT @explorer.exe (MsiEnableUIPreview) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742039CD)
[Address] EAT @explorer.exe (MsiEndTransaction) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3E11)
[Address] EAT @explorer.exe (MsiEnumClientsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EC96)
[Address] EAT @explorer.exe (MsiEnumClientsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5D6E)
[Address] EAT @explorer.exe (MsiEnumClientsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F13A7)
[Address] EAT @explorer.exe (MsiEnumClientsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74143647)
[Address] EAT @explorer.exe (MsiEnumComponentCostsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207847)
[Address] EAT @explorer.exe (MsiEnumComponentCostsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207A95)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECD6D)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414384D)
[Address] EAT @explorer.exe (MsiEnumComponentsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E91B9)
[Address] EAT @explorer.exe (MsiEnumComponentsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5B08)
[Address] EAT @explorer.exe (MsiEnumComponentsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F121D)
[Address] EAT @explorer.exe (MsiEnumComponentsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EBA57)
[Address] EAT @explorer.exe (MsiEnumFeaturesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9C04)
[Address] EAT @explorer.exe (MsiEnumFeaturesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EC259)
[Address] EAT @explorer.exe (MsiEnumPatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F97EB)
[Address] EAT @explorer.exe (MsiEnumPatchesExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4897)
[Address] EAT @explorer.exe (MsiEnumPatchesExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0E79)
[Address] EAT @explorer.exe (MsiEnumPatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F468E)
[Address] EAT @explorer.exe (MsiEnumProductsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9175)
[Address] EAT @explorer.exe (MsiEnumProductsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6313)
[Address] EAT @explorer.exe (MsiEnumProductsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1729)
[Address] EAT @explorer.exe (MsiEnumProductsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414559D)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9109)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB9EB)
[Address] EAT @explorer.exe (MsiEvaluateConditionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742061C6)
[Address] EAT @explorer.exe (MsiEvaluateConditionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742030C1)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4FAE)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4C22)
[Address] EAT @explorer.exe (MsiFormatRecordA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202A73)
[Address] EAT @explorer.exe (MsiFormatRecordW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202BF9)
[Address] EAT @explorer.exe (MsiGetActiveDatabase) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202639)
[Address] EAT @explorer.exe (MsiGetComponentPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EEEBD)
[Address] EAT @explorer.exe (MsiGetComponentPathExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6053)
[Address] EAT @explorer.exe (MsiGetComponentPathExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1559)
[Address] EAT @explorer.exe (MsiGetComponentPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741362DD)
[Address] EAT @explorer.exe (MsiGetComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742071E3)
[Address] EAT @explorer.exe (MsiGetComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742072DC)
[Address] EAT @explorer.exe (MsiGetDatabaseState) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200ED9)
[Address] EAT @explorer.exe (MsiGetFeatureCostA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742075FD)
[Address] EAT @explorer.exe (MsiGetFeatureCostW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207702)
[Address] EAT @explorer.exe (MsiGetFeatureInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0D1A)
[Address] EAT @explorer.exe (MsiGetFeatureInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF5EE)
[Address] EAT @explorer.exe (MsiGetFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206CD5)
[Address] EAT @explorer.exe (MsiGetFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206DC3)
[Address] EAT @explorer.exe (MsiGetFeatureUsageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA111)
[Address] EAT @explorer.exe (MsiGetFeatureUsageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EC9BD)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207CC5)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742036EC)
[Address] EAT @explorer.exe (MsiGetFileHashA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1214)
[Address] EAT @explorer.exe (MsiGetFileHashW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCA49)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E128C)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCA9F)
[Address] EAT @explorer.exe (MsiGetFileVersionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0EF8)
[Address] EAT @explorer.exe (MsiGetFileVersionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3D2F)
[Address] EAT @explorer.exe (MsiGetLanguage) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202727)
[Address] EAT @explorer.exe (MsiGetLastErrorRecord) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201D69)
[Address] EAT @explorer.exe (MsiGetMode) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420279F)
[Address] EAT @explorer.exe (MsiGetPatchFileListA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD25D)
[Address] EAT @explorer.exe (MsiGetPatchFileListW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F8B6E)
[Address] EAT @explorer.exe (MsiGetPatchInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA24F)
[Address] EAT @explorer.exe (MsiGetPatchInfoExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F55E9)
[Address] EAT @explorer.exe (MsiGetPatchInfoExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5177)
[Address] EAT @explorer.exe (MsiGetPatchInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECAFB)
[Address] EAT @explorer.exe (MsiGetProductCodeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EADC)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EED5F)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF353)
[Address] EAT @explorer.exe (MsiGetProductCodeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EE6C)
[Address] EAT @explorer.exe (MsiGetProductInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED362)
[Address] EAT @explorer.exe (MsiGetProductInfoExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F65DE)
[Address] EAT @explorer.exe (MsiGetProductInfoExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F18FF)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0880)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF132)
[Address] EAT @explorer.exe (MsiGetProductInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144273)
[Address] EAT @explorer.exe (MsiGetProductPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0B90)
[Address] EAT @explorer.exe (MsiGetProductPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF48B)
[Address] EAT @explorer.exe (MsiGetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420596D)
[Address] EAT @explorer.exe (MsiGetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205BA3)
[Address] EAT @explorer.exe (MsiGetShortcutTargetA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2A58)
[Address] EAT @explorer.exe (MsiGetShortcutTargetW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4689)
[Address] EAT @explorer.exe (MsiGetSourcePathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206209)
[Address] EAT @explorer.exe (MsiGetSourcePathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420640D)
[Address] EAT @explorer.exe (MsiGetSummaryInformationA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742058BD)
[Address] EAT @explorer.exe (MsiGetSummaryInformationW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204293)
[Address] EAT @explorer.exe (MsiGetTargetPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742065F5)
[Address] EAT @explorer.exe (MsiGetTargetPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742067F9)
[Address] EAT @explorer.exe (MsiGetUserInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E91FE)
[Address] EAT @explorer.exe (MsiGetUserInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415E466)
[Address] EAT @explorer.exe (MsiInstallMissingComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E22C7)
[Address] EAT @explorer.exe (MsiInstallMissingComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E43D9)
[Address] EAT @explorer.exe (MsiInstallMissingFileA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2067)
[Address] EAT @explorer.exe (MsiInstallMissingFileW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4179)
[Address] EAT @explorer.exe (MsiInstallProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E197E)
[Address] EAT @explorer.exe (MsiInstallProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCE4B)
[Address] EAT @explorer.exe (MsiInvalidateFeatureCache) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7419D1D3)
[Address] EAT @explorer.exe (MsiIsProductElevatedA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3306)
[Address] EAT @explorer.exe (MsiIsProductElevatedW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4A5D)
[Address] EAT @explorer.exe (MsiJoinTransaction) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3FEB)
[Address] EAT @explorer.exe (MsiLoadStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E141F)
[Address] EAT @explorer.exe (MsiLoadStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414AE09)
[Address] EAT @explorer.exe (MsiLocateComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF19F)
[Address] EAT @explorer.exe (MsiLocateComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF4CA)
[Address] EAT @explorer.exe (MsiMessageBoxA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E16DA)
[Address] EAT @explorer.exe (MsiMessageBoxExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1528)
[Address] EAT @explorer.exe (MsiMessageBoxExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCCB1)
[Address] EAT @explorer.exe (MsiMessageBoxW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCE24)
[Address] EAT @explorer.exe (MsiNotifySidChangeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA306)
[Address] EAT @explorer.exe (MsiNotifySidChangeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E501B)
[Address] EAT @explorer.exe (MsiOpenDatabaseA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204691)
[Address] EAT @explorer.exe (MsiOpenDatabaseW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203D8D)
[Address] EAT @explorer.exe (MsiOpenPackageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DEDC0)
[Address] EAT @explorer.exe (MsiOpenPackageExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC63E)
[Address] EAT @explorer.exe (MsiOpenPackageExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC8E9)
[Address] EAT @explorer.exe (MsiOpenPackageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF7AB)
[Address] EAT @explorer.exe (MsiOpenProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E8BF2)
[Address] EAT @explorer.exe (MsiOpenProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB857)
[Address] EAT @explorer.exe (MsiPreviewBillboardA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207D4E)
[Address] EAT @explorer.exe (MsiPreviewBillboardW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203AEA)
[Address] EAT @explorer.exe (MsiPreviewDialogA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207D0B)
[Address] EAT @explorer.exe (MsiPreviewDialogW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203A96)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECBB2)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDF39)
[Address] EAT @explorer.exe (MsiProcessMessage) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202F51)
[Address] EAT @explorer.exe (MsiProvideAssemblyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFD5D)
[Address] EAT @explorer.exe (MsiProvideAssemblyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0765)
[Address] EAT @explorer.exe (MsiProvideComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF7B9)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFAB3)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144F84)
[Address] EAT @explorer.exe (MsiProvideComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F030C)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415C385)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415D411)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74138A47)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74138C86)
[Address] EAT @explorer.exe (MsiQueryComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F687C)
[Address] EAT @explorer.exe (MsiQueryComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1AE1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF6F1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6A94)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1CD9)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFC02)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F057D)
[Address] EAT @explorer.exe (MsiQueryFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7413617D)
[Address] EAT @explorer.exe (MsiQueryProductStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED45D)
[Address] EAT @explorer.exe (MsiQueryProductStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741449FE)
[Address] EAT @explorer.exe (MsiRecordClearData) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201D27)
[Address] EAT @explorer.exe (MsiRecordDataSize) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742016E5)
[Address] EAT @explorer.exe (MsiRecordGetFieldCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201916)
[Address] EAT @explorer.exe (MsiRecordGetInteger) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742018B5)
[Address] EAT @explorer.exe (MsiRecordGetStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203F1D)
[Address] EAT @explorer.exe (MsiRecordGetStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742040CC)
[Address] EAT @explorer.exe (MsiRecordIsNull) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742015F5)
[Address] EAT @explorer.exe (MsiRecordReadStream) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201B6D)
[Address] EAT @explorer.exe (MsiRecordSetInteger) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742017C2)
[Address] EAT @explorer.exe (MsiRecordSetStreamA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205877)
[Address] EAT @explorer.exe (MsiRecordSetStreamW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201A03)
[Address] EAT @explorer.exe (MsiRecordSetStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420561D)
[Address] EAT @explorer.exe (MsiRecordSetStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420572E)
[Address] EAT @explorer.exe (MsiReinstallFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1EDE)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED8C2)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE657)
[Address] EAT @explorer.exe (MsiReinstallFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74148C24)
[Address] EAT @explorer.exe (MsiReinstallProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1AFE)
[Address] EAT @explorer.exe (MsiReinstallProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCFF1)
[Address] EAT @explorer.exe (MsiRemovePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F9606)
[Address] EAT @explorer.exe (MsiRemovePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3702)
[Address] EAT @explorer.exe (MsiSequenceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206180)
[Address] EAT @explorer.exe (MsiSequenceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202E4B)
[Address] EAT @explorer.exe (MsiSetComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742073EB)
[Address] EAT @explorer.exe (MsiSetComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742074E5)
[Address] EAT @explorer.exe (MsiSetExternalUIA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC72F)
[Address] EAT @explorer.exe (MsiSetExternalUIRecord) : WTSAPI32.dll -> HOOKED

 

[needhelp51]

Here is search log part 2

(C:\Windows\system32\msi.dll @ 0x741F336B)
[Address] EAT @explorer.exe (MsiSetExternalUIW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144E86)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207001)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742070B4)
[Address] EAT @explorer.exe (MsiSetFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206E2D)
[Address] EAT @explorer.exe (MsiSetFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206EDF)
[Address] EAT @explorer.exe (MsiSetInstallLevel) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203424)
[Address] EAT @explorer.exe (MsiSetInternalUI) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144FE6)
[Address] EAT @explorer.exe (MsiSetMode) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742028BB)
[Address] EAT @explorer.exe (MsiSetOfflineContextW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74208485)
[Address] EAT @explorer.exe (MsiSetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205DC1)
[Address] EAT @explorer.exe (MsiSetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205F85)
[Address] EAT @explorer.exe (MsiSetTargetPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742069DD)
[Address] EAT @explorer.exe (MsiSetTargetPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206B61)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7136)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2165)
[Address] EAT @explorer.exe (MsiSourceListAddSourceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3037)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6F13)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1F43)
[Address] EAT @explorer.exe (MsiSourceListAddSourceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDC51)
[Address] EAT @explorer.exe (MsiSourceListClearAllA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2EF0)
[Address] EAT @explorer.exe (MsiSourceListClearAllExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7875)
[Address] EAT @explorer.exe (MsiSourceListClearAllExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F281B)
[Address] EAT @explorer.exe (MsiSourceListClearAllW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDAEB)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F764A)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F260D)
[Address] EAT @explorer.exe (MsiSourceListClearSourceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7436)
[Address] EAT @explorer.exe (MsiSourceListClearSourceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2405)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F834E)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F31B5)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7C4B)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2C07)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E31B8)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7A6C)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2A09)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDDDB)
[Address] EAT @explorer.exe (MsiSourceListGetInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7E30)
[Address] EAT @explorer.exe (MsiSourceListGetInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2DB5)
[Address] EAT @explorer.exe (MsiSourceListSetInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F80F8)
[Address] EAT @explorer.exe (MsiSourceListSetInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2FAB)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742021B9)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201E3D)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420238B)
[Address] EAT @explorer.exe (MsiSummaryInfoPersist) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202551)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205906)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201F2B)
[Address] EAT @explorer.exe (MsiUseFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0D83)
[Address] EAT @explorer.exe (MsiUseFeatureExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF9E8)
[Address] EAT @explorer.exe (MsiUseFeatureExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144D3A)
[Address] EAT @explorer.exe (MsiUseFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0DA0)
[Address] EAT @explorer.exe (MsiVerifyDiskSpace) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203863)
[Address] EAT @explorer.exe (MsiVerifyPackageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E07AA)
[Address] EAT @explorer.exe (MsiVerifyPackageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF097)
[Address] EAT @explorer.exe (MsiViewClose) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200BAF)
[Address] EAT @explorer.exe (MsiViewExecute) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420070F)
[Address] EAT @explorer.exe (MsiViewFetch) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200833)
[Address] EAT @explorer.exe (MsiViewGetColumnInfo) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200A91)
[Address] EAT @explorer.exe (MsiViewGetErrorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742003F1)
[Address] EAT @explorer.exe (MsiViewGetErrorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742005CE)
[Address] EAT @explorer.exe (MsiViewModify) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420093F)
[Address] EAT @explorer.exe (QueryInstanceCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142B2A)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E309AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E249A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E50731)
[Address] EAT @explorer.exe (BufferedPaintClear) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E26395)
[Address] EAT @explorer.exe (BufferedPaintInit) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E308ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E294AB)
[Address] EAT @explorer.exe (CloseThemeData) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E26A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E535E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E253E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E251BF)
[Address] EAT @explorer.exe (DrawThemeText) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E24EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E263E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2FCAF)
[Address] EAT @explorer.exe (EnableTheming) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E506CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E24BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E304BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E305DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2BF93)
[Address] EAT @explorer.exe (GetThemeBool) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E27C1F)
[Address] EAT @explorer.exe (GetThemeColor) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeFilename) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52412)
[Address] EAT @explorer.exe (GetThemeFont) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2FF21)
[Address] EAT @explorer.exe (GetThemeInt) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeIntList) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E523B1)
[Address] EAT @explorer.exe (GetThemeMargins) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E286E9)
[Address] EAT @explorer.exe (GetThemeMetric) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E306E2)
[Address] EAT @explorer.exe (GetThemePartSize) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43FBB)
[Address] EAT @explorer.exe (GetThemeRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E33611)
[Address] EAT @explorer.exe (GetThemeStream) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E339D9)
[Address] EAT @explorer.exe (GetThemeString) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E522E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E53172)
[Address] EAT @explorer.exe (GetThemeSysColor) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E529C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5320B)
[Address] EAT @explorer.exe (GetThemeSysString) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E22D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E31081)
[Address] EAT @explorer.exe (GetWindowTheme) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E33CE3)
[Address] EAT @explorer.exe (IsAppThemed) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F869)
[Address] EAT @explorer.exe (IsCompositionActive) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E22E9A)
[Address] EAT @explorer.exe (IsThemeActive) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E260AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E285B4)
[Address] EAT @explorer.exe (OpenThemeData) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E273D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E53296)
[Address] EAT @explorer.exe (SetWindowTheme) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5068D)
[Address] EAT @explorer.exe (GdipAddPathArc) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE74C6)
[Address] EAT @explorer.exe (GdipAddPathArcI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7599)
[Address] EAT @explorer.exe (GdipAddPathBezier) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE760F)
[Address] EAT @explorer.exe (GdipAddPathBezierI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE76F4)
[Address] EAT @explorer.exe (GdipAddPathBeziers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7778)
[Address] EAT @explorer.exe (GdipAddPathBeziersI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7838)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7F15)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE80DE)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE81A5)
[Address] EAT @explorer.exe (GdipAddPathClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7FD5)
[Address] EAT @explorer.exe (GdipAddPathCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7941)
[Address] EAT @explorer.exe (GdipAddPathCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7B2D)
[Address] EAT @explorer.exe (GdipAddPathCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7BFB)
[Address] EAT @explorer.exe (GdipAddPathCurve3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7D2E)
[Address] EAT @explorer.exe (GdipAddPathCurve3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7DFF)
[Address] EAT @explorer.exe (GdipAddPathCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7A01)
[Address] EAT @explorer.exe (GdipAddPathEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE85A8)
[Address] EAT @explorer.exe (GdipAddPathEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8667)
[Address] EAT @explorer.exe (GdipAddPathLine) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE71D4)
[Address] EAT @explorer.exe (GdipAddPathLine2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE72FD)
[Address] EAT @explorer.exe (GdipAddPathLine2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE73BD)
[Address] EAT @explorer.exe (GdipAddPathLineI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7295)
[Address] EAT @explorer.exe (GdipAddPathPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE89E1)
[Address] EAT @explorer.exe (GdipAddPathPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE86CF)
[Address] EAT @explorer.exe (GdipAddPathPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE87A2)
[Address] EAT @explorer.exe (GdipAddPathPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8818)
[Address] EAT @explorer.exe (GdipAddPathPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE88D8)
[Address] EAT @explorer.exe (GdipAddPathRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE82B5)
[Address] EAT @explorer.exe (GdipAddPathRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8376)
[Address] EAT @explorer.exe (GdipAddPathRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE83DE)
[Address] EAT @explorer.exe (GdipAddPathRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE849E)
[Address] EAT @explorer.exe (GdipAddPathString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8A8A)
[Address] EAT @explorer.exe (GdipAddPathStringI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8C03)
[Address] EAT @explorer.exe (GdipAlloc) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F024CB)
[Address] EAT @explorer.exe (GdipBeginContainer) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00E5E)
[Address] EAT @explorer.exe (GdipBeginContainer2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00F5F)
[Address] EAT @explorer.exe (GdipBeginContainerI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01023)
[Address] EAT @explorer.exe (GdipBitmapApplyEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7307)
[Address] EAT @explorer.exe (GdipBitmapConvertFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF709C)
[Address] EAT @explorer.exe (GdipBitmapCreateApplyEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF726A)
[Address] EAT @explorer.exe (GdipBitmapGetHistogram) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF73BB)
[Address] EAT @explorer.exe (GdipBitmapGetHistogramSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7490)
[Address] EAT @explorer.exe (GdipBitmapGetPixel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6CFA)
[Address] EAT @explorer.exe (GdipBitmapLockBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6B83)
[Address] EAT @explorer.exe (GdipBitmapSetPixel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6DC0)
[Address] EAT @explorer.exe (GdipBitmapSetResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF762F)
[Address] EAT @explorer.exe (GdipBitmapUnlockBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6C43)
[Address] EAT @explorer.exe (GdipClearPathMarkers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6FD4)
[Address] EAT @explorer.exe (GdipCloneBitmapArea) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06C2A)
[Address] EAT @explorer.exe (GdipCloneBitmapAreaI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6A8F)
[Address] EAT @explorer.exe (GdipCloneBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED87E)
[Address] EAT @explorer.exe (GdipCloneCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2EB5)
[Address] EAT @explorer.exe (GdipCloneFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02FAC)
[Address] EAT @explorer.exe (GdipCloneFontFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02A1B)
[Address] EAT @explorer.exe (GdipCloneImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4C90)
[Address] EAT @explorer.exe (GdipCloneImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF77B1)
[Address] EAT @explorer.exe (GdipCloneMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAA39)
[Address] EAT @explorer.exe (GdipClonePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE651A)
[Address] EAT @explorer.exe (GdipClonePen) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0B54)
[Address] EAT @explorer.exe (GdipCloneRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBEC7)
[Address] EAT @explorer.exe (GdipCloneStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03F8B)
[Address] EAT @explorer.exe (GdipClosePathFigure) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6DEB)
[Address] EAT @explorer.exe (GdipClosePathFigures) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6E8E)
[Address] EAT @explorer.exe (GdipCombineRegionPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC310)
[Address] EAT @explorer.exe (GdipCombineRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC1BC)
[Address] EAT @explorer.exe (GdipCombineRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC293)
[Address] EAT @explorer.exe (GdipCombineRegionRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC43E)
[Address] EAT @explorer.exe (GdipComment) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0325C)
[Address] EAT @explorer.exe (GdipConvertToEmfPlus) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04F0F)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04FEF)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F050E3)
[Address] EAT @explorer.exe (GdipCreateAdjustableArrowCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06B65)
[Address] EAT @explorer.exe (GdipCreateBitmapFromDirectDrawSurface) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6518)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5EB5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFileICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6151)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGdiDib) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6605)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF63C5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHBITMAP) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6707)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHICON) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6885)
[Address] EAT @explorer.exe (GdipCreateBitmapFromResource) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6917)
[Address] EAT @explorer.exe (GdipCreateBitmapFromScan0) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF62A0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5D68)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStreamICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6003)
[Address] EAT @explorer.exe (GdipCreateCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04A81)
[Address] EAT @explorer.exe (GdipCreateCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2CCB)
[Address] EAT @explorer.exe (GdipCreateEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6E69)
[Address] EAT @explorer.exe (GdipCreateFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F027CA)
[Address] EAT @explorer.exe (GdipCreateFontFamilyFromName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02590)
[Address] EAT @explorer.exe (GdipCreateFontFromDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03636)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03730)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontW) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03833)
[Address] EAT @explorer.exe (GdipCreateFromHDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8301)
[Address] EAT @explorer.exe (GdipCreateFromHDC2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF83AB)
[Address] EAT @explorer.exe (GdipCreateFromHWND) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8456)
[Address] EAT @explorer.exe (GdipCreateFromHWNDICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8500)
[Address] EAT @explorer.exe (GdipCreateHBITMAPFromBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF679C)
[Address] EAT @explorer.exe (GdipCreateHICONFromBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF69AC)
[Address] EAT @explorer.exe (GdipCreateHalftonePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04D8C)
[Address] EAT @explorer.exe (GdipCreateHatchBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F062CA)
[Address] EAT @explorer.exe (GdipCreateImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF76DE)
[Address] EAT @explorer.exe (GdipCreateLineBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDFFA)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE1BF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE2AF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE377)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE46E)
[Address] EAT @explorer.exe (GdipCreateLineBrushI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE0F0)
[Address] EAT @explorer.exe (GdipCreateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA68E)
[Address] EAT @explorer.exe (GdipCreateMatrix2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA744)
[Address] EAT @explorer.exe (GdipCreateMatrix3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA884)
[Address] EAT @explorer.exe (GdipCreateMatrix3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA94C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromEmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0153C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01614)
[Address] EAT @explorer.exe (GdipCreateMetafileFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F017C3)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0145F)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmfFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F016EB)
[Address] EAT @explorer.exe (GdipCreatePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F061D9)
[Address] EAT @explorer.exe (GdipCreatePath2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE627E)
[Address] EAT @explorer.exe (GdipCreatePath2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE634F)
[Address] EAT @explorer.exe (GdipCreatePathGradient) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06893)
[Address] EAT @explorer.exe (GdipCreatePathGradientFromPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06AA7)
[Address] EAT @explorer.exe (GdipCreatePathGradientI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06955)
[Address] EAT @explorer.exe (GdipCreatePathIter) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9AB7)
[Address] EAT @explorer.exe (GdipCreatePen1) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF08D0)
[Address] EAT @explorer.exe (GdipCreatePen2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0A01)
[Address] EAT @explorer.exe (GdipCreateRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB9CE)
[Address] EAT @explorer.exe (GdipCreateRegionHrgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBDF8)
[Address] EAT @explorer.exe (GdipCreateRegionPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBBF4)
[Address] EAT @explorer.exe (GdipCreateRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBA87)
[Address] EAT @explorer.exe (GdipCreateRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBB49)
[Address] EAT @explorer.exe (GdipCreateRegionRgnData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBD16)
[Address] EAT @explorer.exe (GdipCreateSolidFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0707F)
[Address] EAT @explorer.exe (GdipCreateStreamOnFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE5877)
[Address] EAT @explorer.exe (GdipCreateStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03DC1)
[Address] EAT @explorer.exe (GdipCreateTexture) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F063AB)
[Address] EAT @explorer.exe (GdipCreateTexture2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F064CD)
[Address] EAT @explorer.exe (GdipCreateTexture2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F067B9)
[Address] EAT @explorer.exe (GdipCreateTextureIA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0660F)
[Address] EAT @explorer.exe (GdipCreateTextureIAI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06859)
[Address] EAT @explorer.exe (GdipDeleteBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED958)
[Address] EAT @explorer.exe (GdipDeleteCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04BEC)
[Address] EAT @explorer.exe (GdipDeleteCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3069)
[Address] EAT @explorer.exe (GdipDeleteEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6EFA)
[Address] EAT @explorer.exe (GdipDeleteFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03065)
[Address] EAT @explorer.exe (GdipDeleteFontFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02922)
[Address] EAT @explorer.exe (GdipDeleteGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF85AA)
[Address] EAT @explorer.exe (GdipDeleteMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAB0E)
[Address] EAT @explorer.exe (GdipDeletePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE65EE)
[Address] EAT @explorer.exe (GdipDeletePathIter) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9B70)
[Address] EAT @explorer.exe (GdipDeletePen) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0C2B)
[Address] EAT @explorer.exe (GdipDeletePrivateFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03A7D)
[Address] EAT @explorer.exe (GdipDeleteRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBFE6)
[Address] EAT @explorer.exe (GdipDeleteStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04036)
[Address] EAT @explorer.exe (GdipDisposeImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4D5E)
[Address] EAT @explorer.exe (GdipDisposeImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF787F)
[Address] EAT @explorer.exe (GdipDrawArc) : OLEACC.dll -> HOOKED

 

[needhelp51]

Here is search log part 3:

(C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA4A5)
[Address] EAT @explorer.exe (GdipDrawArcI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA5DF)
[Address] EAT @explorer.exe (GdipDrawBezier) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA658)
[Address] EAT @explorer.exe (GdipDrawBezierI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA7A0)
[Address] EAT @explorer.exe (GdipDrawBeziers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA827)
[Address] EAT @explorer.exe (GdipDrawBeziersI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA951)
[Address] EAT @explorer.exe (GdipDrawCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04C86)
[Address] EAT @explorer.exe (GdipDrawClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBC79)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBEBC)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBFED)
[Address] EAT @explorer.exe (GdipDrawClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBDA3)
[Address] EAT @explorer.exe (GdipDrawCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB581)
[Address] EAT @explorer.exe (GdipDrawCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB7C4)
[Address] EAT @explorer.exe (GdipDrawCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB8FC)
[Address] EAT @explorer.exe (GdipDrawCurve3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBA1C)
[Address] EAT @explorer.exe (GdipDrawCurve3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBB53)
[Address] EAT @explorer.exe (GdipDrawCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB6AB)
[Address] EAT @explorer.exe (GdipDrawDriverString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDA1A)
[Address] EAT @explorer.exe (GdipDrawEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAE82)
[Address] EAT @explorer.exe (GdipDrawEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAFA6)
[Address] EAT @explorer.exe (GdipDrawImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDF1E)
[Address] EAT @explorer.exe (GdipDrawImageFX) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEB79)
[Address] EAT @explorer.exe (GdipDrawImageI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE099)
[Address] EAT @explorer.exe (GdipDrawImagePointRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE553)
[Address] EAT @explorer.exe (GdipDrawImagePointRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE6EF)
[Address] EAT @explorer.exe (GdipDrawImagePoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE2BF)
[Address] EAT @explorer.exe (GdipDrawImagePointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE417)
[Address] EAT @explorer.exe (GdipDrawImagePointsRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE78B)
[Address] EAT @explorer.exe (GdipDrawImagePointsRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE9EA)
[Address] EAT @explorer.exe (GdipDrawImageRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE0F5)
[Address] EAT @explorer.exe (GdipDrawImageRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE254)
[Address] EAT @explorer.exe (GdipDrawImageRectRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06CAE)
[Address] EAT @explorer.exe (GdipDrawImageRectRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06F04)
[Address] EAT @explorer.exe (GdipDrawLine) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA0D1)
[Address] EAT @explorer.exe (GdipDrawLineI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA1F5)
[Address] EAT @explorer.exe (GdipDrawLines) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA260)
[Address] EAT @explorer.exe (GdipDrawLinesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA38C)
[Address] EAT @explorer.exe (GdipDrawPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB407)
[Address] EAT @explorer.exe (GdipDrawPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB011)
[Address] EAT @explorer.exe (GdipDrawPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB14B)
[Address] EAT @explorer.exe (GdipDrawPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB1C4)
[Address] EAT @explorer.exe (GdipDrawPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB2EE)
[Address] EAT @explorer.exe (GdipDrawRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAA8D)
[Address] EAT @explorer.exe (GdipDrawRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFABB1)
[Address] EAT @explorer.exe (GdipDrawRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAC1C)
[Address] EAT @explorer.exe (GdipDrawRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAD46)
[Address] EAT @explorer.exe (GdipDrawString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD512)
[Address] EAT @explorer.exe (GdipEmfToWmfBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04EB9)
[Address] EAT @explorer.exe (GdipEndContainer) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F010D0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFECBA)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEE6B)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF0F8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF2AC)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEED3)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF084)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF417)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF5F7)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF8F5)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFAD8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF680)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF860)
[Address] EAT @explorer.exe (GdipFillClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCEEC)
[Address] EAT @explorer.exe (GdipFillClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD13E)
[Address] EAT @explorer.exe (GdipFillClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD275)
[Address] EAT @explorer.exe (GdipFillClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD025)
[Address] EAT @explorer.exe (GdipFillEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCA23)
[Address] EAT @explorer.exe (GdipFillEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCB4E)
[Address] EAT @explorer.exe (GdipFillPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCD6F)
[Address] EAT @explorer.exe (GdipFillPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCBB9)
[Address] EAT @explorer.exe (GdipFillPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCCF6)
[Address] EAT @explorer.exe (GdipFillPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC591)
[Address] EAT @explorer.exe (GdipFillPolygon2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC7DD)
[Address] EAT @explorer.exe (GdipFillPolygon2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC90A)
[Address] EAT @explorer.exe (GdipFillPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC6C1)
[Address] EAT @explorer.exe (GdipFillRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC1B5)
[Address] EAT @explorer.exe (GdipFillRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC2E0)
[Address] EAT @explorer.exe (GdipFillRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC34B)
[Address] EAT @explorer.exe (GdipFillRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC478)
[Address] EAT @explorer.exe (GdipFillRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD398)
[Address] EAT @explorer.exe (GdipFindFirstImageItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5ABA)
[Address] EAT @explorer.exe (GdipFindNextImageItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5B60)
[Address] EAT @explorer.exe (GdipFlattenPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8C93)
[Address] EAT @explorer.exe (GdipFlush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8645)
[Address] EAT @explorer.exe (GdipFree) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02546)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapFillState) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3CA4)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3897)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapMiddleInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3B4D)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF39F2)
[Address] EAT @explorer.exe (GdipGetAllPropertyItems) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4AB3)
[Address] EAT @explorer.exe (GdipGetBrushType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED9F5)
[Address] EAT @explorer.exe (GdipGetCellAscent) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03456)
[Address] EAT @explorer.exe (GdipGetCellDescent) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F034F6)
[Address] EAT @explorer.exe (GdipGetClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F004CC)
[Address] EAT @explorer.exe (GdipGetClipBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F005C4)
[Address] EAT @explorer.exe (GdipGetClipBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00677)
[Address] EAT @explorer.exe (GdipGetCompositingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF88EF)
[Address] EAT @explorer.exe (GdipGetCompositingQuality) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8A3F)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3485)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF35DC)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeCaps) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF31A9)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3325)
[Address] EAT @explorer.exe (GdipGetCustomLineCapType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2FB2)
[Address] EAT @explorer.exe (GdipGetCustomLineCapWidthScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3733)
[Address] EAT @explorer.exe (GdipGetDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F030DD)
[Address] EAT @explorer.exe (GdipGetDpiX) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9BE3)
[Address] EAT @explorer.exe (GdipGetDpiY) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9C94)
[Address] EAT @explorer.exe (GdipGetEffectParameterSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6FCE)
[Address] EAT @explorer.exe (GdipGetEffectParameters) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7033)
[Address] EAT @explorer.exe (GdipGetEmHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F033B6)
[Address] EAT @explorer.exe (GdipGetEncoderParameterList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4145)
[Address] EAT @explorer.exe (GdipGetEncoderParameterListSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF40A4)
[Address] EAT @explorer.exe (GdipGetFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04140)
[Address] EAT @explorer.exe (GdipGetFamilyName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDE91)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03B31)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03BCD)
[Address] EAT @explorer.exe (GdipGetFontHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02DFB)
[Address] EAT @explorer.exe (GdipGetFontHeightGivenDPI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02F03)
[Address] EAT @explorer.exe (GdipGetFontSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02D5D)
[Address] EAT @explorer.exe (GdipGetFontStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02ABB)
[Address] EAT @explorer.exe (GdipGetFontUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0432A)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilyMonospace) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02751)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySansSerif) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0265F)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySerif) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F026D8)
[Address] EAT @explorer.exe (GdipGetHatchBackgroundColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDC14)
[Address] EAT @explorer.exe (GdipGetHatchForegroundColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDB5E)
[Address] EAT @explorer.exe (GdipGetHatchStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDAA8)
[Address] EAT @explorer.exe (GdipGetHemfFromMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F013A4)
[Address] EAT @explorer.exe (GdipGetImageAttributesAdjustedPalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8219)
[Address] EAT @explorer.exe (GdipGetImageBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4F73)
[Address] EAT @explorer.exe (GdipGetImageDecoders) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F020EC)
[Address] EAT @explorer.exe (GdipGetImageDecodersSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02063)
[Address] EAT @explorer.exe (GdipGetImageDimension) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5048)
[Address] EAT @explorer.exe (GdipGetImageEncoders) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02320)
[Address] EAT @explorer.exe (GdipGetImageEncodersSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02297)
[Address] EAT @explorer.exe (GdipGetImageFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5459)
[Address] EAT @explorer.exe (GdipGetImageGraphicsContext) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4E9C)
[Address] EAT @explorer.exe (GdipGetImageHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF51DA)
[Address] EAT @explorer.exe (GdipGetImageHorizontalResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF52AF)
[Address] EAT @explorer.exe (GdipGetImageItemData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5C06)
[Address] EAT @explorer.exe (GdipGetImagePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF56DC)
[Address] EAT @explorer.exe (GdipGetImagePaletteSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5864)
[Address] EAT @explorer.exe (GdipGetImagePixelFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5607)
[Address] EAT @explorer.exe (GdipGetImageRawFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF552E)
[Address] EAT @explorer.exe (GdipGetImageThumbnail) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF59E3)
[Address] EAT @explorer.exe (GdipGetImageType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5933)
[Address] EAT @explorer.exe (GdipGetImageVerticalResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5384)
[Address] EAT @explorer.exe (GdipGetImageWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5105)
[Address] EAT @explorer.exe (GdipGetInterpolationMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9195)
[Address] EAT @explorer.exe (GdipGetLineBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE767)
[Address] EAT @explorer.exe (GdipGetLineBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE6B1)
[Address] EAT @explorer.exe (GdipGetLineColors) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE5F2)
[Address] EAT @explorer.exe (GdipGetLineGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE57EC)
[Address] EAT @explorer.exe (GdipGetLinePresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE90F)
[Address] EAT @explorer.exe (GdipGetLinePresetBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFC74)
[Address] EAT @explorer.exe (GdipGetLineRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF8E3)
[Address] EAT @explorer.exe (GdipGetLineRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF998)
[Address] EAT @explorer.exe (GdipGetLineSpacing) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03596)
[Address] EAT @explorer.exe (GdipGetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetLineWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetLogFontA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02B59)
[Address] EAT @explorer.exe (GdipGetLogFontW) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02C5B)
[Address] EAT @explorer.exe (GdipGetMatrixElements) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB67E)
[Address] EAT @explorer.exe (GdipGetMetafileDownLevelRasterizationLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01F4B)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromEmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F011D9)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0123C)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01300)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0129D)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromWmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0116F)
[Address] EAT @explorer.exe (GdipGetNearestColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA01A)
[Address] EAT @explorer.exe (GdipGetPageScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9A8D)
[Address] EAT @explorer.exe (GdipGetPageUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF991E)
[Address] EAT @explorer.exe (GdipGetPathData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6CA4)
[Address] EAT @explorer.exe (GdipGetPathFillMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6B4A)
[Address] EAT @explorer.exe (GdipGetPathGradientBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFBA0)
[Address] EAT @explorer.exe (GdipGetPathGradientBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE6B1)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF067)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF500)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF5BA)
[Address] EAT @explorer.exe (GdipGetPathGradientFocusScales) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0744)
[Address] EAT @explorer.exe (GdipGetPathGradientGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFAED)
[Address] EAT @explorer.exe (GdipGetPathGradientPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF4BD)
[Address] EAT @explorer.exe (GdipGetPathGradientPointCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF776)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFD2E)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFC74)
[Address] EAT @explorer.exe (GdipGetPathGradientRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF8E3)
[Address] EAT @explorer.exe (GdipGetPathGradientRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF998)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF829)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorsWithCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF1D3)
[Address] EAT @explorer.exe (GdipGetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetPathGradientWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetPathLastPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE711A)
[Address] EAT @explorer.exe (GdipGetPathPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE68FA)
[Address] EAT @explorer.exe (GdipGetPathPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6A06)
[Address] EAT @explorer.exe (GdipGetPathTypes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE67F1)
[Address] EAT @explorer.exe (GdipGetPathWorldBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE92AF)
[Address] EAT @explorer.exe (GdipGetPathWorldBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE947B)
[Address] EAT @explorer.exe (GdipGetPenBrushFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2462)
[Address] EAT @explorer.exe (GdipGetPenColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2297)
[Address] EAT @explorer.exe (GdipGetPenCompoundArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2C11)
[Address] EAT @explorer.exe (GdipGetPenCompoundCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2AA7)
[Address] EAT @explorer.exe (GdipGetPenCustomEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1856)
[Address] EAT @explorer.exe (GdipGetPenCustomStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1697)
[Address] EAT @explorer.exe (GdipGetPenDashArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF29ED)
[Address] EAT @explorer.exe (GdipGetPenDashCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF138A)
[Address] EAT @explorer.exe (GdipGetPenDashCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2883)
[Address] EAT @explorer.exe (GdipGetPenDashOffset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2735)
[Address] EAT @explorer.exe (GdipGetPenDashStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF25E4)
[Address] EAT @explorer.exe (GdipGetPenEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF12DA)
[Address] EAT @explorer.exe (GdipGetPenFillType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2527)
[Address] EAT @explorer.exe (GdipGetPenLineJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF14DF)
[Address] EAT @explorer.exe (GdipGetPenMiterLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF19B2)
[Address] EAT @explorer.exe (GdipGetPenMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1B05)
[Address] EAT @explorer.exe (GdipGetPenStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF122A)
[Address] EAT @explorer.exe (GdipGetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1CBB)
[Address] EAT @explorer.exe (GdipGetPenUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0EF0)
[Address] EAT @explorer.exe (GdipGetPenWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0D81)
[Address] EAT @explorer.exe (GdipGetPixelOffsetMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8D3E)
[Address] EAT @explorer.exe (GdipGetPointCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE673E)
[Address] EAT @explorer.exe (GdipGetPropertyCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF479D)
[Address] EAT @explorer.exe (GdipGetPropertyIdList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4838)
[Address] EAT @explorer.exe (GdipGetPropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4974)
[Address] EAT @explorer.exe (GdipGetPropertyItemSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF48D6)
[Address] EAT @explorer.exe (GdipGetPropertySize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4A15)
[Address] EAT @explorer.exe (GdipGetRegionBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC754)
[Address] EAT @explorer.exe (GdipGetRegionBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC876)
[Address] EAT @explorer.exe (GdipGetRegionData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED062)
[Address] EAT @explorer.exe (GdipGetRegionDataSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECF89)
[Address] EAT @explorer.exe (GdipGetRegionHRgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC9F1)
[Address] EAT @explorer.exe (GdipGetRegionScans) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED62C)
[Address] EAT @explorer.exe (GdipGetRegionScansCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED504)
[Address] EAT @explorer.exe (GdipGetRegionScansI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED755)
[Address] EAT @explorer.exe (GdipGetRenderingOrigin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF877D)
[Address] EAT @explorer.exe (GdipGetSmoothingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8BAF)
[Address] EAT @explorer.exe (GdipGetSolidFillColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDF44)
[Address] EAT @explorer.exe (GdipGetStringFormatAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02ABB)
[Address] EAT @explorer.exe (GdipGetStringFormatDigitSubstitution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F048AF)
[Address] EAT @explorer.exe (GdipGetStringFormatFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04140)
[Address] EAT @explorer.exe (GdipGetStringFormatHotkeyPrefix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04469)
[Address] EAT @explorer.exe (GdipGetStringFormatLineAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0432A)
[Address] EAT @explorer.exe (GdipGetStringFormatMeasurableCharacterRangeCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04704)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStopCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F045B7)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStops) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04659)
[Address] EAT @explorer.exe (GdipGetStringFormatTrimming) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d

 

[needhelp51]

Here is search log part 4 (last):

2e82386681b36\gdiplus.dll @ 0x73F049DF)
[Address] EAT @explorer.exe (GdipGetTextContrast) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8F4F)
[Address] EAT @explorer.exe (GdipGetTextRenderingHint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9000)
[Address] EAT @explorer.exe (GdipGetTextureImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDD6E)
[Address] EAT @explorer.exe (GdipGetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetTextureWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetVisibleClipBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00837)
[Address] EAT @explorer.exe (GdipGetVisibleClipBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F008EA)
[Address] EAT @explorer.exe (GdipGetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9782)
[Address] EAT @explorer.exe (GdipGraphicsClear) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC10D)
[Address] EAT @explorer.exe (GdipGraphicsSetAbort) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7590)
[Address] EAT @explorer.exe (GdipImageForceValidation) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5CAC)
[Address] EAT @explorer.exe (GdipImageGetFrameCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF45B5)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4482)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF451A)
[Address] EAT @explorer.exe (GdipImageRotateFlip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4705)
[Address] EAT @explorer.exe (GdipImageSelectActiveFrame) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4650)
[Address] EAT @explorer.exe (GdipImageSetAbort) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF74EA)
[Address] EAT @explorer.exe (GdipInitializePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF718C)
[Address] EAT @explorer.exe (GdipInvertMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB0F4)
[Address] EAT @explorer.exe (GdipIsClipEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00782)
[Address] EAT @explorer.exe (GdipIsEmptyRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECB35)
[Address] EAT @explorer.exe (GdipIsEqualRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECDC5)
[Address] EAT @explorer.exe (GdipIsInfiniteRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECC7D)
[Address] EAT @explorer.exe (GdipIsMatrixEqual) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB899)
[Address] EAT @explorer.exe (GdipIsMatrixIdentity) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB7E6)
[Address] EAT @explorer.exe (GdipIsMatrixInvertible) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB731)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE982D)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9A55)
[Address] EAT @explorer.exe (GdipIsStyleAvailable) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03317)
[Address] EAT @explorer.exe (GdipIsVisibleClipEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F009F5)
[Address] EAT @explorer.exe (GdipIsVisiblePathPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9647)
[Address] EAT @explorer.exe (GdipIsVisiblePathPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE97CE)
[Address] EAT @explorer.exe (GdipIsVisiblePoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00AAA)
[Address] EAT @explorer.exe (GdipIsVisiblePointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00B6F)
[Address] EAT @explorer.exe (GdipIsVisibleRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00BCB)
[Address] EAT @explorer.exe (GdipIsVisibleRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00C9F)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED155)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED2C0)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED31F)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED496)
[Address] EAT @explorer.exe (GdipLoadImageFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3E2B)
[Address] EAT @explorer.exe (GdipLoadImageFromFileICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3FD1)
[Address] EAT @explorer.exe (GdipLoadImageFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3D58)
[Address] EAT @explorer.exe (GdipLoadImageFromStreamICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3EFE)
[Address] EAT @explorer.exe (GdipMeasureCharacterRanges) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD896)
[Address] EAT @explorer.exe (GdipMeasureDriverString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDC8D)
[Address] EAT @explorer.exe (GdipMeasureString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD6FB)
[Address] EAT @explorer.exe (GdipMultiplyLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAC7D)
[Address] EAT @explorer.exe (GdipMultiplyPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1E61)
[Address] EAT @explorer.exe (GdipMultiplyTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF93D4)
[Address] EAT @explorer.exe (GdipNewInstalledFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03936)
[Address] EAT @explorer.exe (GdipNewPrivateFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F039B9)
[Address] EAT @explorer.exe (GdipPathIterCopyData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA586)
[Address] EAT @explorer.exe (GdipPathIterEnumerate) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA481)
[Address] EAT @explorer.exe (GdipPathIterGetCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA0EA)
[Address] EAT @explorer.exe (GdipPathIterGetSubpathCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA1A7)
[Address] EAT @explorer.exe (GdipPathIterHasCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA321)
[Address] EAT @explorer.exe (GdipPathIterIsValid) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA264)
[Address] EAT @explorer.exe (GdipPathIterNextMarker) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9F2B)
[Address] EAT @explorer.exe (GdipPathIterNextMarkerPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA02A)
[Address] EAT @explorer.exe (GdipPathIterNextPathType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9E0D)
[Address] EAT @explorer.exe (GdipPathIterNextSubpath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9C0A)
[Address] EAT @explorer.exe (GdipPathIterNextSubpathPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9D28)
[Address] EAT @explorer.exe (GdipPathIterRewind) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA3D2)
[Address] EAT @explorer.exe (GdipPlayMetafileRecord) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFC76)
[Address] EAT @explorer.exe (GdipPlayTSClientRecord) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F051D7)
[Address] EAT @explorer.exe (GdipPrivateAddFontFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03C82)
[Address] EAT @explorer.exe (GdipPrivateAddMemoryFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03D20)
[Address] EAT @explorer.exe (GdipRecordMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01898)
[Address] EAT @explorer.exe (GdipRecordMetafileFileName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01A6D)
[Address] EAT @explorer.exe (GdipRecordMetafileFileNameI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01BA5)
[Address] EAT @explorer.exe (GdipRecordMetafileI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F019B7)
[Address] EAT @explorer.exe (GdipRecordMetafileStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01C5E)
[Address] EAT @explorer.exe (GdipRecordMetafileStreamI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01D96)
[Address] EAT @explorer.exe (GdipReleaseDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F031A4)
[Address] EAT @explorer.exe (GdipRemovePropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4B54)
[Address] EAT @explorer.exe (GdipResetClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00328)
[Address] EAT @explorer.exe (GdipResetImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF79D5)
[Address] EAT @explorer.exe (GdipResetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetPageTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9878)
[Address] EAT @explorer.exe (GdipResetPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE669B)
[Address] EAT @explorer.exe (GdipResetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1DC1)
[Address] EAT @explorer.exe (GdipResetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9336)
[Address] EAT @explorer.exe (GdipRestoreGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00DBF)
[Address] EAT @explorer.exe (GdipReversePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7077)
[Address] EAT @explorer.exe (GdipRotateLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAF5C)
[Address] EAT @explorer.exe (GdipRotatePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotatePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2123)
[Address] EAT @explorer.exe (GdipRotateTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotateWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF96BA)
[Address] EAT @explorer.exe (GdipSaveAdd) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF433D)
[Address] EAT @explorer.exe (GdipSaveAddImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF43DB)
[Address] EAT @explorer.exe (GdipSaveGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00D0A)
[Address] EAT @explorer.exe (GdipSaveImageToFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4293)
[Address] EAT @explorer.exe (GdipSaveImageToStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF41E9)
[Address] EAT @explorer.exe (GdipScaleLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScaleMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAE8A)
[Address] EAT @explorer.exe (GdipScalePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScalePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF204D)
[Address] EAT @explorer.exe (GdipScaleTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScaleWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF95E6)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapFillState) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3C01)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF37F0)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapMiddleInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3AA6)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF394B)
[Address] EAT @explorer.exe (GdipSetClipGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFD64)
[Address] EAT @explorer.exe (GdipSetClipHrgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0023B)
[Address] EAT @explorer.exe (GdipSetClipPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFFDA)
[Address] EAT @explorer.exe (GdipSetClipRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFE90)
[Address] EAT @explorer.exe (GdipSetClipRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFF6F)
[Address] EAT @explorer.exe (GdipSetClipRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0010D)
[Address] EAT @explorer.exe (GdipSetCompositingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8850)
[Address] EAT @explorer.exe (GdipSetCompositingQuality) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF89A0)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF33E2)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3542)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeCaps) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3103)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF328B)
[Address] EAT @explorer.exe (GdipSetCustomLineCapWidthScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3699)
[Address] EAT @explorer.exe (GdipSetEffectParameters) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6F65)
[Address] EAT @explorer.exe (GdipSetEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC11E)
[Address] EAT @explorer.exe (GdipSetImageAttributesCachedBackground) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF80CD)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorKeys) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7DA9)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7A92)
[Address] EAT @explorer.exe (GdipSetImageAttributesGamma) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7C22)
[Address] EAT @explorer.exe (GdipSetImageAttributesNoOp) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7CE9)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7E81)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannelColorProfile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7F44)
[Address] EAT @explorer.exe (GdipSetImageAttributesRemapTable) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8007)
[Address] EAT @explorer.exe (GdipSetImageAttributesThreshold) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7B5B)
[Address] EAT @explorer.exe (GdipSetImageAttributesToIdentity) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7918)
[Address] EAT @explorer.exe (GdipSetImageAttributesWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8170)
[Address] EAT @explorer.exe (GdipSetImagePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5796)
[Address] EAT @explorer.exe (GdipSetInfinite) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC080)
[Address] EAT @explorer.exe (GdipSetInterpolationMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF90B1)
[Address] EAT @explorer.exe (GdipSetLineBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE83B)
[Address] EAT @explorer.exe (GdipSetLineColors) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE53D)
[Address] EAT @explorer.exe (GdipSetLineGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE5793)
[Address] EAT @explorer.exe (GdipSetLineLinearBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEE2A)
[Address] EAT @explorer.exe (GdipSetLinePresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEB24)
[Address] EAT @explorer.exe (GdipSetLineSigmaBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEED78)
[Address] EAT @explorer.exe (GdipSetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetLineWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEEDC)
[Address] EAT @explorer.exe (GdipSetMatrixElements) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEABB9)
[Address] EAT @explorer.exe (GdipSetMetafileDownLevelRasterizationLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01E4F)
[Address] EAT @explorer.exe (GdipSetPageScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9B3E)
[Address] EAT @explorer.exe (GdipSetPageUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF99CF)
[Address] EAT @explorer.exe (GdipSetPathFillMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6C00)
[Address] EAT @explorer.exe (GdipSetPathGradientBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE83B)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF12F)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF64E)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF708)
[Address] EAT @explorer.exe (GdipSetPathGradientFocusScales) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0829)
[Address] EAT @explorer.exe (GdipSetPathGradientGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFA50)
[Address] EAT @explorer.exe (GdipSetPathGradientLinearBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEE2A)
[Address] EAT @explorer.exe (GdipSetPathGradientPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF4BD)
[Address] EAT @explorer.exe (GdipSetPathGradientPresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFEDA)
[Address] EAT @explorer.exe (GdipSetPathGradientSigmaBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEED78)
[Address] EAT @explorer.exe (GdipSetPathGradientSurroundColorsWithCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF301)
[Address] EAT @explorer.exe (GdipSetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetPathGradientWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDCCA)
[Address] EAT @explorer.exe (GdipSetPathMarker) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6F31)
[Address] EAT @explorer.exe (GdipSetPenBrushFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2357)
[Address] EAT @explorer.exe (GdipSetPenColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF21ED)
[Address] EAT @explorer.exe (GdipSetPenCompoundArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2B57)
[Address] EAT @explorer.exe (GdipSetPenCustomEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF174E)
[Address] EAT @explorer.exe (GdipSetPenCustomStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF158F)
[Address] EAT @explorer.exe (GdipSetPenDashArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2933)
[Address] EAT @explorer.exe (GdipSetPenDashCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1189)
[Address] EAT @explorer.exe (GdipSetPenDashOffset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF27E5)
[Address] EAT @explorer.exe (GdipSetPenDashStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2694)
[Address] EAT @explorer.exe (GdipSetPenEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF10E8)
[Address] EAT @explorer.exe (GdipSetPenLineCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0FA0)
[Address] EAT @explorer.exe (GdipSetPenLineJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1441)
[Address] EAT @explorer.exe (GdipSetPenMiterLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF190D)
[Address] EAT @explorer.exe (GdipSetPenMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1A62)
[Address] EAT @explorer.exe (GdipSetPenStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1047)
[Address] EAT @explorer.exe (GdipSetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1BB5)
[Address] EAT @explorer.exe (GdipSetPenUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0E31)
[Address] EAT @explorer.exe (GdipSetPenWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0CE3)
[Address] EAT @explorer.exe (GdipSetPixelOffsetMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8C85)
[Address] EAT @explorer.exe (GdipSetPropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4BEF)
[Address] EAT @explorer.exe (GdipSetRenderingOrigin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF86DB)
[Address] EAT @explorer.exe (GdipSetSmoothingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8AF0)
[Address] EAT @explorer.exe (GdipSetSolidFillColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDEA1)
[Address] EAT @explorer.exe (GdipSetStringFormatAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F041DE)
[Address] EAT @explorer.exe (GdipSetStringFormatDigitSubstitution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0481E)
[Address] EAT @explorer.exe (GdipSetStringFormatFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F040B4)
[Address] EAT @explorer.exe (GdipSetStringFormatHotkeyPrefix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F043C8)
[Address] EAT @explorer.exe (GdipSetStringFormatLineAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04284)
[Address] EAT @explorer.exe (GdipSetStringFormatMeasurableCharacterRanges) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04786)
[Address] EAT @explorer.exe (GdipSetStringFormatTabStops) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0450B)
[Address] EAT @explorer.exe (GdipSetStringFormatTrimming) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04940)
[Address] EAT @explorer.exe (GdipSetTextContrast) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8EAE)
[Address] EAT @explorer.exe (GdipSetTextRenderingHint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8DEF)
[Address] EAT @explorer.exe (GdipSetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetTextureWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDCCA)
[Address] EAT @explorer.exe (GdipSetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9232)
[Address] EAT @explorer.exe (GdipShearMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB022)
[Address] EAT @explorer.exe (GdipStartPathFigure) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6D4A)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericDefault) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03E91)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericTypographic) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03F14)
[Address] EAT @explorer.exe (GdipTestControl) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04E42)
[Address] EAT @explorer.exe (GdipTransformMatrixPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB192)
[Address] EAT @explorer.exe (GdipTransformMatrixPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB24B)
[Address] EAT @explorer.exe (GdipTransformPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE91A8)
[Address] EAT @explorer.exe (GdipTransformPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9D45)
[Address] EAT @explorer.exe (GdipTransformPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9E06)
[Address] EAT @explorer.exe (GdipTransformRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC64E)
[Address] EAT @explorer.exe (GdipTranslateClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F003C6)
[Address] EAT @explorer.exe (GdipTranslateClipI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00473)
[Address] EAT @explorer.exe (GdipTranslateLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEADB8)
[Address] EAT @explorer.exe (GdipTranslatePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslatePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1F77)
[Address] EAT @explorer.exe (GdipTranslateRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC56E)
[Address] EAT @explorer.exe (GdipTranslateRegionI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC5F5)
[Address] EAT @explorer.exe (GdipTranslateTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslateWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9512)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB3C1)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB47A)
[Address] EAT @explorer.exe (GdipWarpPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9048)
[Address] EAT @explorer.exe (GdipWidenPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8EC5)
[Address] EAT @explorer.exe (GdipWindingModeOutline) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8DAB)
[Address] EAT @explorer.exe (GdiplusNotificationHook) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6189)
[Address] EAT @explorer.exe (GdiplusNotificationUnhook) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6205)
[Address] EAT @explorer.exe (GdiplusShutdown) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE56EC)
[Address] EAT @explorer.exe (GdiplusStartup) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE562E)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MQ01ABD100 ATA Device +++++
--- User ---
[MBR] 66b391a23e756908897a22067406417e
[BSP] 66b9074cfe339a50f6f3163c89590255 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_07012006_031723.txt >>

 

[needhelp51]

Here is delete log part 1:

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Admin [Droits d'admin]
Mode : Suppression -- Date : 07/01/2006 03:17:46
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 3 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ACF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox-Lï�?–B#ø"##ÿÿÿÿŒ–B#tD##LïG) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AEB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AD217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735AE1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x735ADD99)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142B3B)
[Address] EAT @explorer.exe (DllGetClassObject) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415188E)
[Address] EAT @explorer.exe (DllGetVersion) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142982)
[Address] EAT @explorer.exe (DllRegisterServer) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741D7DC5)
[Address] EAT @explorer.exe (DllUnregisterServer) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741D818F)
[Address] EAT @explorer.exe (Migrate10CachedPackagesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC744)
[Address] EAT @explorer.exe (Migrate10CachedPackagesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DE1AC)
[Address] EAT @explorer.exe (MsiAdvertiseProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E257F)
[Address] EAT @explorer.exe (MsiAdvertiseProductExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E27D7)
[Address] EAT @explorer.exe (MsiAdvertiseProductExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD6C1)
[Address] EAT @explorer.exe (MsiAdvertiseProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD46F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E8A3F)
[Address] EAT @explorer.exe (MsiAdvertiseScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB641)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5903)
[Address] EAT @explorer.exe (MsiApplyMultiplePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1057)
[Address] EAT @explorer.exe (MsiApplyPatchA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2D5D)
[Address] EAT @explorer.exe (MsiApplyPatchW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD943)
[Address] EAT @explorer.exe (MsiBeginTransactionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F9441)
[Address] EAT @explorer.exe (MsiBeginTransactionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F39D4)
[Address] EAT @explorer.exe (MsiCloseAllHandles) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742000C3)
[Address] EAT @explorer.exe (MsiCloseHandle) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200015)
[Address] EAT @explorer.exe (MsiCollectUserInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1C3A)
[Address] EAT @explorer.exe (MsiCollectUserInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD16F)
[Address] EAT @explorer.exe (MsiConfigureFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1D5A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED70A)
[Address] EAT @explorer.exe (MsiConfigureFeatureFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE41B)
[Address] EAT @explorer.exe (MsiConfigureFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DD2B7)
[Address] EAT @explorer.exe (MsiConfigureProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF256)
[Address] EAT @explorer.exe (MsiConfigureProductExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDACA)
[Address] EAT @explorer.exe (MsiConfigureProductExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE891)
[Address] EAT @explorer.exe (MsiConfigureProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF581)
[Address] EAT @explorer.exe (MsiCreateAndVerifyInstallerDirectory) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415B2E1)
[Address] EAT @explorer.exe (MsiCreateRecord) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201514)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742055D1)
[Address] EAT @explorer.exe (MsiCreateTransformSummaryInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742048EF)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742048A9)
[Address] EAT @explorer.exe (MsiDatabaseApplyTransformW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201397)
[Address] EAT @explorer.exe (MsiDatabaseCommit) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200DEB)
[Address] EAT @explorer.exe (MsiDatabaseExportA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204792)
[Address] EAT @explorer.exe (MsiDatabaseExportW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201008)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420485D)
[Address] EAT @explorer.exe (MsiDatabaseGenerateTransformW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201270)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742045FD)
[Address] EAT @explorer.exe (MsiDatabaseGetPrimaryKeysW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203C54)
[Address] EAT @explorer.exe (MsiDatabaseImportA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420472E)
[Address] EAT @explorer.exe (MsiDatabaseImportW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200F1E)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204643)
[Address] EAT @explorer.exe (MsiDatabaseIsTablePersistentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200C8F)
[Address] EAT @explorer.exe (MsiDatabaseMergeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204817)
[Address] EAT @explorer.exe (MsiDatabaseMergeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201111)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742045B7)
[Address] EAT @explorer.exe (MsiDatabaseOpenViewW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742002B7)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDA7B)
[Address] EAT @explorer.exe (MsiDecomposeDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74136286)
[Address] EAT @explorer.exe (MsiDeleteUserDataA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA367)
[Address] EAT @explorer.exe (MsiDeleteUserDataW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E69EB)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD4C5)
[Address] EAT @explorer.exe (MsiDetermineApplicablePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FC559)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD9D9)
[Address] EAT @explorer.exe (MsiDeterminePatchSequenceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FC9E1)
[Address] EAT @explorer.exe (MsiDoActionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420613D)
[Address] EAT @explorer.exe (MsiDoActionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202D61)
[Address] EAT @explorer.exe (MsiEnableLogA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E189B)
[Address] EAT @explorer.exe (MsiEnableLogW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DFBE9)
[Address] EAT @explorer.exe (MsiEnableUIPreview) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742039CD)
[Address] EAT @explorer.exe (MsiEndTransaction) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3E11)
[Address] EAT @explorer.exe (MsiEnumClientsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EC96)
[Address] EAT @explorer.exe (MsiEnumClientsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5D6E)
[Address] EAT @explorer.exe (MsiEnumClientsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F13A7)
[Address] EAT @explorer.exe (MsiEnumClientsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74143647)
[Address] EAT @explorer.exe (MsiEnumComponentCostsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207847)
[Address] EAT @explorer.exe (MsiEnumComponentCostsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207A95)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECD6D)
[Address] EAT @explorer.exe (MsiEnumComponentQualifiersW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414384D)
[Address] EAT @explorer.exe (MsiEnumComponentsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E91B9)
[Address] EAT @explorer.exe (MsiEnumComponentsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5B08)
[Address] EAT @explorer.exe (MsiEnumComponentsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F121D)
[Address] EAT @explorer.exe (MsiEnumComponentsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EBA57)
[Address] EAT @explorer.exe (MsiEnumFeaturesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9C04)
[Address] EAT @explorer.exe (MsiEnumFeaturesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EC259)
[Address] EAT @explorer.exe (MsiEnumPatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F97EB)
[Address] EAT @explorer.exe (MsiEnumPatchesExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4897)
[Address] EAT @explorer.exe (MsiEnumPatchesExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0E79)
[Address] EAT @explorer.exe (MsiEnumPatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F468E)
[Address] EAT @explorer.exe (MsiEnumProductsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9175)
[Address] EAT @explorer.exe (MsiEnumProductsExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6313)
[Address] EAT @explorer.exe (MsiEnumProductsExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1729)
[Address] EAT @explorer.exe (MsiEnumProductsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414559D)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E9109)
[Address] EAT @explorer.exe (MsiEnumRelatedProductsW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB9EB)
[Address] EAT @explorer.exe (MsiEvaluateConditionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742061C6)
[Address] EAT @explorer.exe (MsiEvaluateConditionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742030C1)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4FAE)
[Address] EAT @explorer.exe (MsiExtractPatchXMLDataW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F4C22)
[Address] EAT @explorer.exe (MsiFormatRecordA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202A73)
[Address] EAT @explorer.exe (MsiFormatRecordW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202BF9)
[Address] EAT @explorer.exe (MsiGetActiveDatabase) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202639)
[Address] EAT @explorer.exe (MsiGetComponentPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EEEBD)
[Address] EAT @explorer.exe (MsiGetComponentPathExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6053)
[Address] EAT @explorer.exe (MsiGetComponentPathExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1559)
[Address] EAT @explorer.exe (MsiGetComponentPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741362DD)
[Address] EAT @explorer.exe (MsiGetComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742071E3)
[Address] EAT @explorer.exe (MsiGetComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742072DC)
[Address] EAT @explorer.exe (MsiGetDatabaseState) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200ED9)
[Address] EAT @explorer.exe (MsiGetFeatureCostA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742075FD)
[Address] EAT @explorer.exe (MsiGetFeatureCostW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207702)
[Address] EAT @explorer.exe (MsiGetFeatureInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0D1A)
[Address] EAT @explorer.exe (MsiGetFeatureInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF5EE)
[Address] EAT @explorer.exe (MsiGetFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206CD5)
[Address] EAT @explorer.exe (MsiGetFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206DC3)
[Address] EAT @explorer.exe (MsiGetFeatureUsageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA111)
[Address] EAT @explorer.exe (MsiGetFeatureUsageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EC9BD)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207CC5)
[Address] EAT @explorer.exe (MsiGetFeatureValidStatesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742036EC)
[Address] EAT @explorer.exe (MsiGetFileHashA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1214)
[Address] EAT @explorer.exe (MsiGetFileHashW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCA49)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E128C)
[Address] EAT @explorer.exe (MsiGetFileSignatureInformationW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCA9F)
[Address] EAT @explorer.exe (MsiGetFileVersionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0EF8)
[Address] EAT @explorer.exe (MsiGetFileVersionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3D2F)
[Address] EAT @explorer.exe (MsiGetLanguage) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202727)
[Address] EAT @explorer.exe (MsiGetLastErrorRecord) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201D69)
[Address] EAT @explorer.exe (MsiGetMode) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420279F)
[Address] EAT @explorer.exe (MsiGetPatchFileListA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741FD25D)
[Address] EAT @explorer.exe (MsiGetPatchFileListW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F8B6E)
[Address] EAT @explorer.exe (MsiGetPatchInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA24F)
[Address] EAT @explorer.exe (MsiGetPatchInfoExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F55E9)
[Address] EAT @explorer.exe (MsiGetPatchInfoExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F5177)
[Address] EAT @explorer.exe (MsiGetPatchInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECAFB)
[Address] EAT @explorer.exe (MsiGetProductCodeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EADC)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EED5F)
[Address] EAT @explorer.exe (MsiGetProductCodeFromPackageCodeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF353)
[Address] EAT @explorer.exe (MsiGetProductCodeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415EE6C)
[Address] EAT @explorer.exe (MsiGetProductInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED362)
[Address] EAT @explorer.exe (MsiGetProductInfoExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F65DE)
[Address] EAT @explorer.exe (MsiGetProductInfoExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F18FF)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0880)
[Address] EAT @explorer.exe (MsiGetProductInfoFromScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF132)
[Address] EAT @explorer.exe (MsiGetProductInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144273)
[Address] EAT @explorer.exe (MsiGetProductPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E0B90)
[Address] EAT @explorer.exe (MsiGetProductPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF48B)
[Address] EAT @explorer.exe (MsiGetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420596D)
[Address] EAT @explorer.exe (MsiGetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205BA3)
[Address] EAT @explorer.exe (MsiGetShortcutTargetA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2A58)
[Address] EAT @explorer.exe (MsiGetShortcutTargetW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4689)
[Address] EAT @explorer.exe (MsiGetSourcePathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206209)
[Address] EAT @explorer.exe (MsiGetSourcePathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420640D)
[Address] EAT @explorer.exe (MsiGetSummaryInformationA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742058BD)
[Address] EAT @explorer.exe (MsiGetSummaryInformationW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204293)
[Address] EAT @explorer.exe (MsiGetTargetPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742065F5)
[Address] EAT @explorer.exe (MsiGetTargetPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742067F9)
[Address] EAT @explorer.exe (MsiGetUserInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E91FE)
[Address] EAT @explorer.exe (MsiGetUserInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415E466)
[Address] EAT @explorer.exe (MsiInstallMissingComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E22C7)
[Address] EAT @explorer.exe (MsiInstallMissingComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E43D9)
[Address] EAT @explorer.exe (MsiInstallMissingFileA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2067)
[Address] EAT @explorer.exe (MsiInstallMissingFileW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4179)
[Address] EAT @explorer.exe (MsiInstallProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E197E)
[Address] EAT @explorer.exe (MsiInstallProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCE4B)
[Address] EAT @explorer.exe (MsiInvalidateFeatureCache) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7419D1D3)
[Address] EAT @explorer.exe (MsiIsProductElevatedA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3306)
[Address] EAT @explorer.exe (MsiIsProductElevatedW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E4A5D)
[Address] EAT @explorer.exe (MsiJoinTransaction) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3FEB)
[Address] EAT @explorer.exe (MsiLoadStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E141F)
[Address] EAT @explorer.exe (MsiLoadStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7414AE09)
[Address] EAT @explorer.exe (MsiLocateComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF19F)
[Address] EAT @explorer.exe (MsiLocateComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF4CA)
[Address] EAT @explorer.exe (MsiMessageBoxA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E16DA)
[Address] EAT @explorer.exe (MsiMessageBoxExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1528)
[Address] EAT @explorer.exe (MsiMessageBoxExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCCB1)
[Address] EAT @explorer.exe (MsiMessageBoxW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCE24)
[Address] EAT @explorer.exe (MsiNotifySidChangeA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EA306)
[Address] EAT @explorer.exe (MsiNotifySidChangeW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E501B)
[Address] EAT @explorer.exe (MsiOpenDatabaseA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74204691)
[Address] EAT @explorer.exe (MsiOpenDatabaseW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203D8D)
[Address] EAT @explorer.exe (MsiOpenPackageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DEDC0)
[Address] EAT @explorer.exe (MsiOpenPackageExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC63E)
[Address] EAT @explorer.exe (MsiOpenPackageExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC8E9)
[Address] EAT @explorer.exe (MsiOpenPackageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF7AB)
[Address] EAT @explorer.exe (MsiOpenProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E8BF2)
[Address] EAT @explorer.exe (MsiOpenProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EB857)
[Address] EAT @explorer.exe (MsiPreviewBillboardA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207D4E)
[Address] EAT @explorer.exe (MsiPreviewBillboardW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203AEA)
[Address] EAT @explorer.exe (MsiPreviewDialogA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207D0B)
[Address] EAT @explorer.exe (MsiPreviewDialogW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203A96)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ECBB2)
[Address] EAT @explorer.exe (MsiProcessAdvertiseScriptW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EDF39)
[Address] EAT @explorer.exe (MsiProcessMessage) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202F51)
[Address] EAT @explorer.exe (MsiProvideAssemblyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFD5D)
[Address] EAT @explorer.exe (MsiProvideAssemblyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0765)
[Address] EAT @explorer.exe (MsiProvideComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF7B9)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFAB3)
[Address] EAT @explorer.exe (MsiProvideComponentFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144F84)
[Address] EAT @explorer.exe (MsiProvideComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F030C)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415C385)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7415D411)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74138A47)
[Address] EAT @explorer.exe (MsiProvideQualifiedComponentW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74138C86)
[Address] EAT @explorer.exe (MsiQueryComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F687C)
[Address] EAT @explorer.exe (MsiQueryComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1AE1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF6F1)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6A94)
[Address] EAT @explorer.exe (MsiQueryFeatureStateExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1CD9)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EFC02)
[Address] EAT @explorer.exe (MsiQueryFeatureStateFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F057D)
[Address] EAT @explorer.exe (MsiQueryFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7413617D)
[Address] EAT @explorer.exe (MsiQueryProductStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED45D)
[Address] EAT @explorer.exe (MsiQueryProductStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741449FE)
[Address] EAT @explorer.exe (MsiRecordClearData) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201D27)
[Address] EAT @explorer.exe (MsiRecordDataSize) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742016E5)
[Address] EAT @explorer.exe (MsiRecordGetFieldCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201916)
[Address] EAT @explorer.exe (MsiRecordGetInteger) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742018B5)
[Address] EAT @explorer.exe (MsiRecordGetStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203F1D)
[Address] EAT @explorer.exe (MsiRecordGetStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742040CC)
[Address] EAT @explorer.exe (MsiRecordIsNull) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742015F5)
[Address] EAT @explorer.exe (MsiRecordReadStream) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201B6D)
[Address] EAT @explorer.exe (MsiRecordSetInteger) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742017C2)
[Address] EAT @explorer.exe (MsiRecordSetStreamA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205877)
[Address] EAT @explorer.exe (MsiRecordSetStreamW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201A03)
[Address] EAT @explorer.exe (MsiRecordSetStringA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420561D)
[Address] EAT @explorer.exe (MsiRecordSetStringW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420572E)
[Address] EAT @explorer.exe (MsiReinstallFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1EDE)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741ED8C2)
[Address] EAT @explorer.exe (MsiReinstallFeatureFromDescriptorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EE657)
[Address] EAT @explorer.exe (MsiReinstallFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74148C24)
[Address] EAT @explorer.exe (MsiReinstallProductA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E1AFE)
[Address] EAT @explorer.exe (MsiReinstallProductW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DCFF1)
[Address] EAT @explorer.exe (MsiRemovePatchesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F9606)
[Address] EAT @explorer.exe (MsiRemovePatchesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F3702)
[Address] EAT @explorer.exe (MsiSequenceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206180)
[Address] EAT @explorer.exe (MsiSequenceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202E4B)
[Address] EAT @explorer.exe (MsiSetComponentStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742073EB)
[Address] EAT @explorer.exe (MsiSetComponentStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742074E5)
[Address] EAT @explorer.exe (MsiSetExternalUIA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DC72F)
[Address] EAT @explorer.exe (MsiSetExternalUIRecord) : WTSAPI32.dll -> HOOKED

 

[needhelp51]

Here is delete log part 2:

(C:\Windows\system32\msi.dll @ 0x741F336B)
[Address] EAT @explorer.exe (MsiSetExternalUIW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144E86)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74207001)
[Address] EAT @explorer.exe (MsiSetFeatureAttributesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742070B4)
[Address] EAT @explorer.exe (MsiSetFeatureStateA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206E2D)
[Address] EAT @explorer.exe (MsiSetFeatureStateW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206EDF)
[Address] EAT @explorer.exe (MsiSetInstallLevel) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203424)
[Address] EAT @explorer.exe (MsiSetInternalUI) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144FE6)
[Address] EAT @explorer.exe (MsiSetMode) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742028BB)
[Address] EAT @explorer.exe (MsiSetOfflineContextW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74208485)
[Address] EAT @explorer.exe (MsiSetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205DC1)
[Address] EAT @explorer.exe (MsiSetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205F85)
[Address] EAT @explorer.exe (MsiSetTargetPathA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742069DD)
[Address] EAT @explorer.exe (MsiSetTargetPathW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74206B61)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7136)
[Address] EAT @explorer.exe (MsiSourceListAddMediaDiskW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2165)
[Address] EAT @explorer.exe (MsiSourceListAddSourceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E3037)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F6F13)
[Address] EAT @explorer.exe (MsiSourceListAddSourceExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F1F43)
[Address] EAT @explorer.exe (MsiSourceListAddSourceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDC51)
[Address] EAT @explorer.exe (MsiSourceListClearAllA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E2EF0)
[Address] EAT @explorer.exe (MsiSourceListClearAllExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7875)
[Address] EAT @explorer.exe (MsiSourceListClearAllExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F281B)
[Address] EAT @explorer.exe (MsiSourceListClearAllW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDAEB)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F764A)
[Address] EAT @explorer.exe (MsiSourceListClearMediaDiskW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F260D)
[Address] EAT @explorer.exe (MsiSourceListClearSourceA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7436)
[Address] EAT @explorer.exe (MsiSourceListClearSourceW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2405)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F834E)
[Address] EAT @explorer.exe (MsiSourceListEnumMediaDisksW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F31B5)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7C4B)
[Address] EAT @explorer.exe (MsiSourceListEnumSourcesW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2C07)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E31B8)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7A6C)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2A09)
[Address] EAT @explorer.exe (MsiSourceListForceResolutionW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DDDDB)
[Address] EAT @explorer.exe (MsiSourceListGetInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F7E30)
[Address] EAT @explorer.exe (MsiSourceListGetInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2DB5)
[Address] EAT @explorer.exe (MsiSourceListSetInfoA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F80F8)
[Address] EAT @explorer.exe (MsiSourceListSetInfoW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F2FAB)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742021B9)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201E3D)
[Address] EAT @explorer.exe (MsiSummaryInfoGetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420238B)
[Address] EAT @explorer.exe (MsiSummaryInfoPersist) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74202551)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74205906)
[Address] EAT @explorer.exe (MsiSummaryInfoSetPropertyW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74201F2B)
[Address] EAT @explorer.exe (MsiUseFeatureA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0D83)
[Address] EAT @explorer.exe (MsiUseFeatureExA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741EF9E8)
[Address] EAT @explorer.exe (MsiUseFeatureExW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74144D3A)
[Address] EAT @explorer.exe (MsiUseFeatureW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741F0DA0)
[Address] EAT @explorer.exe (MsiVerifyDiskSpace) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74203863)
[Address] EAT @explorer.exe (MsiVerifyPackageA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741E07AA)
[Address] EAT @explorer.exe (MsiVerifyPackageW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x741DF097)
[Address] EAT @explorer.exe (MsiViewClose) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200BAF)
[Address] EAT @explorer.exe (MsiViewExecute) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420070F)
[Address] EAT @explorer.exe (MsiViewFetch) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200833)
[Address] EAT @explorer.exe (MsiViewGetColumnInfo) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74200A91)
[Address] EAT @explorer.exe (MsiViewGetErrorA) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742003F1)
[Address] EAT @explorer.exe (MsiViewGetErrorW) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x742005CE)
[Address] EAT @explorer.exe (MsiViewModify) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x7420093F)
[Address] EAT @explorer.exe (QueryInstanceCount) : WTSAPI32.dll -> HOOKED (C:\Windows\system32\msi.dll @ 0x74142B2A)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E309AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E249A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E50731)
[Address] EAT @explorer.exe (BufferedPaintClear) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E26395)
[Address] EAT @explorer.exe (BufferedPaintInit) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E308ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E294AB)
[Address] EAT @explorer.exe (CloseThemeData) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E26A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E535E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E253E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E251BF)
[Address] EAT @explorer.exe (DrawThemeText) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E24EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E263E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2FCAF)
[Address] EAT @explorer.exe (EnableTheming) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E23F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E506CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E24BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E304BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E305DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2BF93)
[Address] EAT @explorer.exe (GetThemeBool) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E27C1F)
[Address] EAT @explorer.exe (GetThemeColor) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeFilename) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52412)
[Address] EAT @explorer.exe (GetThemeFont) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2FF21)
[Address] EAT @explorer.exe (GetThemeInt) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2616C)
[Address] EAT @explorer.exe (GetThemeIntList) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E523B1)
[Address] EAT @explorer.exe (GetThemeMargins) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E286E9)
[Address] EAT @explorer.exe (GetThemeMetric) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E306E2)
[Address] EAT @explorer.exe (GetThemePartSize) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43FBB)
[Address] EAT @explorer.exe (GetThemeRect) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E33611)
[Address] EAT @explorer.exe (GetThemeStream) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E339D9)
[Address] EAT @explorer.exe (GetThemeString) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E522E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E53172)
[Address] EAT @explorer.exe (GetThemeSysColor) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E529C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5320B)
[Address] EAT @explorer.exe (GetThemeSysString) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E52B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E22D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E31081)
[Address] EAT @explorer.exe (GetWindowTheme) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E33CE3)
[Address] EAT @explorer.exe (IsAppThemed) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F869)
[Address] EAT @explorer.exe (IsCompositionActive) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E22E9A)
[Address] EAT @explorer.exe (IsThemeActive) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E260AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E285B4)
[Address] EAT @explorer.exe (OpenThemeData) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E273D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E43D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E53296)
[Address] EAT @explorer.exe (SetWindowTheme) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E30134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E3CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E2B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : WINSPOOL.DRV -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73E5068D)
[Address] EAT @explorer.exe (GdipAddPathArc) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE74C6)
[Address] EAT @explorer.exe (GdipAddPathArcI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7599)
[Address] EAT @explorer.exe (GdipAddPathBezier) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE760F)
[Address] EAT @explorer.exe (GdipAddPathBezierI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE76F4)
[Address] EAT @explorer.exe (GdipAddPathBeziers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7778)
[Address] EAT @explorer.exe (GdipAddPathBeziersI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7838)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7F15)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE80DE)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE81A5)
[Address] EAT @explorer.exe (GdipAddPathClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7FD5)
[Address] EAT @explorer.exe (GdipAddPathCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7941)
[Address] EAT @explorer.exe (GdipAddPathCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7B2D)
[Address] EAT @explorer.exe (GdipAddPathCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7BFB)
[Address] EAT @explorer.exe (GdipAddPathCurve3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7D2E)
[Address] EAT @explorer.exe (GdipAddPathCurve3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7DFF)
[Address] EAT @explorer.exe (GdipAddPathCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7A01)
[Address] EAT @explorer.exe (GdipAddPathEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE85A8)
[Address] EAT @explorer.exe (GdipAddPathEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8667)
[Address] EAT @explorer.exe (GdipAddPathLine) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE71D4)
[Address] EAT @explorer.exe (GdipAddPathLine2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE72FD)
[Address] EAT @explorer.exe (GdipAddPathLine2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE73BD)
[Address] EAT @explorer.exe (GdipAddPathLineI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7295)
[Address] EAT @explorer.exe (GdipAddPathPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE89E1)
[Address] EAT @explorer.exe (GdipAddPathPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE86CF)
[Address] EAT @explorer.exe (GdipAddPathPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE87A2)
[Address] EAT @explorer.exe (GdipAddPathPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8818)
[Address] EAT @explorer.exe (GdipAddPathPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE88D8)
[Address] EAT @explorer.exe (GdipAddPathRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE82B5)
[Address] EAT @explorer.exe (GdipAddPathRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8376)
[Address] EAT @explorer.exe (GdipAddPathRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE83DE)
[Address] EAT @explorer.exe (GdipAddPathRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE849E)
[Address] EAT @explorer.exe (GdipAddPathString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8A8A)
[Address] EAT @explorer.exe (GdipAddPathStringI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8C03)
[Address] EAT @explorer.exe (GdipAlloc) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F024CB)
[Address] EAT @explorer.exe (GdipBeginContainer) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00E5E)
[Address] EAT @explorer.exe (GdipBeginContainer2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00F5F)
[Address] EAT @explorer.exe (GdipBeginContainerI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01023)
[Address] EAT @explorer.exe (GdipBitmapApplyEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7307)
[Address] EAT @explorer.exe (GdipBitmapConvertFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF709C)
[Address] EAT @explorer.exe (GdipBitmapCreateApplyEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF726A)
[Address] EAT @explorer.exe (GdipBitmapGetHistogram) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF73BB)
[Address] EAT @explorer.exe (GdipBitmapGetHistogramSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7490)
[Address] EAT @explorer.exe (GdipBitmapGetPixel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6CFA)
[Address] EAT @explorer.exe (GdipBitmapLockBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6B83)
[Address] EAT @explorer.exe (GdipBitmapSetPixel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6DC0)
[Address] EAT @explorer.exe (GdipBitmapSetResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF762F)
[Address] EAT @explorer.exe (GdipBitmapUnlockBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6C43)
[Address] EAT @explorer.exe (GdipClearPathMarkers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6FD4)
[Address] EAT @explorer.exe (GdipCloneBitmapArea) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06C2A)
[Address] EAT @explorer.exe (GdipCloneBitmapAreaI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6A8F)
[Address] EAT @explorer.exe (GdipCloneBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED87E)
[Address] EAT @explorer.exe (GdipCloneCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2EB5)
[Address] EAT @explorer.exe (GdipCloneFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02FAC)
[Address] EAT @explorer.exe (GdipCloneFontFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02A1B)
[Address] EAT @explorer.exe (GdipCloneImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4C90)
[Address] EAT @explorer.exe (GdipCloneImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF77B1)
[Address] EAT @explorer.exe (GdipCloneMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAA39)
[Address] EAT @explorer.exe (GdipClonePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE651A)
[Address] EAT @explorer.exe (GdipClonePen) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0B54)
[Address] EAT @explorer.exe (GdipCloneRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBEC7)
[Address] EAT @explorer.exe (GdipCloneStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03F8B)
[Address] EAT @explorer.exe (GdipClosePathFigure) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6DEB)
[Address] EAT @explorer.exe (GdipClosePathFigures) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6E8E)
[Address] EAT @explorer.exe (GdipCombineRegionPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC310)
[Address] EAT @explorer.exe (GdipCombineRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC1BC)
[Address] EAT @explorer.exe (GdipCombineRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC293)
[Address] EAT @explorer.exe (GdipCombineRegionRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC43E)
[Address] EAT @explorer.exe (GdipComment) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0325C)
[Address] EAT @explorer.exe (GdipConvertToEmfPlus) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04F0F)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04FEF)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F050E3)
[Address] EAT @explorer.exe (GdipCreateAdjustableArrowCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06B65)
[Address] EAT @explorer.exe (GdipCreateBitmapFromDirectDrawSurface) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6518)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5EB5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFileICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6151)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGdiDib) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6605)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF63C5)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHBITMAP) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6707)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHICON) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6885)
[Address] EAT @explorer.exe (GdipCreateBitmapFromResource) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6917)
[Address] EAT @explorer.exe (GdipCreateBitmapFromScan0) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF62A0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5D68)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStreamICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6003)
[Address] EAT @explorer.exe (GdipCreateCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04A81)
[Address] EAT @explorer.exe (GdipCreateCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2CCB)
[Address] EAT @explorer.exe (GdipCreateEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6E69)
[Address] EAT @explorer.exe (GdipCreateFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F027CA)
[Address] EAT @explorer.exe (GdipCreateFontFamilyFromName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02590)
[Address] EAT @explorer.exe (GdipCreateFontFromDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03636)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03730)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontW) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03833)
[Address] EAT @explorer.exe (GdipCreateFromHDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8301)
[Address] EAT @explorer.exe (GdipCreateFromHDC2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF83AB)
[Address] EAT @explorer.exe (GdipCreateFromHWND) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8456)
[Address] EAT @explorer.exe (GdipCreateFromHWNDICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8500)
[Address] EAT @explorer.exe (GdipCreateHBITMAPFromBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF679C)
[Address] EAT @explorer.exe (GdipCreateHICONFromBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF69AC)
[Address] EAT @explorer.exe (GdipCreateHalftonePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04D8C)
[Address] EAT @explorer.exe (GdipCreateHatchBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F062CA)
[Address] EAT @explorer.exe (GdipCreateImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF76DE)
[Address] EAT @explorer.exe (GdipCreateLineBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDFFA)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE1BF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE2AF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE377)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE46E)
[Address] EAT @explorer.exe (GdipCreateLineBrushI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE0F0)
[Address] EAT @explorer.exe (GdipCreateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA68E)
[Address] EAT @explorer.exe (GdipCreateMatrix2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA744)
[Address] EAT @explorer.exe (GdipCreateMatrix3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA884)
[Address] EAT @explorer.exe (GdipCreateMatrix3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA94C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromEmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0153C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01614)
[Address] EAT @explorer.exe (GdipCreateMetafileFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F017C3)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0145F)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmfFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F016EB)
[Address] EAT @explorer.exe (GdipCreatePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F061D9)
[Address] EAT @explorer.exe (GdipCreatePath2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE627E)
[Address] EAT @explorer.exe (GdipCreatePath2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE634F)
[Address] EAT @explorer.exe (GdipCreatePathGradient) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06893)
[Address] EAT @explorer.exe (GdipCreatePathGradientFromPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06AA7)
[Address] EAT @explorer.exe (GdipCreatePathGradientI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06955)
[Address] EAT @explorer.exe (GdipCreatePathIter) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9AB7)
[Address] EAT @explorer.exe (GdipCreatePen1) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF08D0)
[Address] EAT @explorer.exe (GdipCreatePen2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0A01)
[Address] EAT @explorer.exe (GdipCreateRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB9CE)
[Address] EAT @explorer.exe (GdipCreateRegionHrgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBDF8)
[Address] EAT @explorer.exe (GdipCreateRegionPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBBF4)
[Address] EAT @explorer.exe (GdipCreateRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBA87)
[Address] EAT @explorer.exe (GdipCreateRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBB49)
[Address] EAT @explorer.exe (GdipCreateRegionRgnData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBD16)
[Address] EAT @explorer.exe (GdipCreateSolidFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0707F)
[Address] EAT @explorer.exe (GdipCreateStreamOnFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE5877)
[Address] EAT @explorer.exe (GdipCreateStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03DC1)
[Address] EAT @explorer.exe (GdipCreateTexture) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F063AB)
[Address] EAT @explorer.exe (GdipCreateTexture2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F064CD)
[Address] EAT @explorer.exe (GdipCreateTexture2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F067B9)
[Address] EAT @explorer.exe (GdipCreateTextureIA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0660F)
[Address] EAT @explorer.exe (GdipCreateTextureIAI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06859)
[Address] EAT @explorer.exe (GdipDeleteBrush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED958)
[Address] EAT @explorer.exe (GdipDeleteCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04BEC)
[Address] EAT @explorer.exe (GdipDeleteCustomLineCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3069)
[Address] EAT @explorer.exe (GdipDeleteEffect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6EFA)
[Address] EAT @explorer.exe (GdipDeleteFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03065)
[Address] EAT @explorer.exe (GdipDeleteFontFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02922)
[Address] EAT @explorer.exe (GdipDeleteGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF85AA)
[Address] EAT @explorer.exe (GdipDeleteMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAB0E)
[Address] EAT @explorer.exe (GdipDeletePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE65EE)
[Address] EAT @explorer.exe (GdipDeletePathIter) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9B70)
[Address] EAT @explorer.exe (GdipDeletePen) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0C2B)
[Address] EAT @explorer.exe (GdipDeletePrivateFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03A7D)
[Address] EAT @explorer.exe (GdipDeleteRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEBFE6)
[Address] EAT @explorer.exe (GdipDeleteStringFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04036)
[Address] EAT @explorer.exe (GdipDisposeImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4D5E)
[Address] EAT @explorer.exe (GdipDisposeImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF787F)
[Address] EAT @explorer.exe (GdipDrawArc) : OLEACC.dll -> HOOKED

 

[needhelp51]

Here is delete log part 3:

(C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA4A5)
[Address] EAT @explorer.exe (GdipDrawArcI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA5DF)
[Address] EAT @explorer.exe (GdipDrawBezier) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA658)
[Address] EAT @explorer.exe (GdipDrawBezierI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA7A0)
[Address] EAT @explorer.exe (GdipDrawBeziers) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA827)
[Address] EAT @explorer.exe (GdipDrawBeziersI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA951)
[Address] EAT @explorer.exe (GdipDrawCachedBitmap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04C86)
[Address] EAT @explorer.exe (GdipDrawClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBC79)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBEBC)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBFED)
[Address] EAT @explorer.exe (GdipDrawClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBDA3)
[Address] EAT @explorer.exe (GdipDrawCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB581)
[Address] EAT @explorer.exe (GdipDrawCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB7C4)
[Address] EAT @explorer.exe (GdipDrawCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB8FC)
[Address] EAT @explorer.exe (GdipDrawCurve3) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBA1C)
[Address] EAT @explorer.exe (GdipDrawCurve3I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFBB53)
[Address] EAT @explorer.exe (GdipDrawCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB6AB)
[Address] EAT @explorer.exe (GdipDrawDriverString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDA1A)
[Address] EAT @explorer.exe (GdipDrawEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAE82)
[Address] EAT @explorer.exe (GdipDrawEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAFA6)
[Address] EAT @explorer.exe (GdipDrawImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDF1E)
[Address] EAT @explorer.exe (GdipDrawImageFX) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEB79)
[Address] EAT @explorer.exe (GdipDrawImageI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE099)
[Address] EAT @explorer.exe (GdipDrawImagePointRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE553)
[Address] EAT @explorer.exe (GdipDrawImagePointRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE6EF)
[Address] EAT @explorer.exe (GdipDrawImagePoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE2BF)
[Address] EAT @explorer.exe (GdipDrawImagePointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE417)
[Address] EAT @explorer.exe (GdipDrawImagePointsRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE78B)
[Address] EAT @explorer.exe (GdipDrawImagePointsRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE9EA)
[Address] EAT @explorer.exe (GdipDrawImageRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE0F5)
[Address] EAT @explorer.exe (GdipDrawImageRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFE254)
[Address] EAT @explorer.exe (GdipDrawImageRectRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06CAE)
[Address] EAT @explorer.exe (GdipDrawImageRectRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F06F04)
[Address] EAT @explorer.exe (GdipDrawLine) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA0D1)
[Address] EAT @explorer.exe (GdipDrawLineI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA1F5)
[Address] EAT @explorer.exe (GdipDrawLines) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA260)
[Address] EAT @explorer.exe (GdipDrawLinesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA38C)
[Address] EAT @explorer.exe (GdipDrawPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB407)
[Address] EAT @explorer.exe (GdipDrawPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB011)
[Address] EAT @explorer.exe (GdipDrawPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB14B)
[Address] EAT @explorer.exe (GdipDrawPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB1C4)
[Address] EAT @explorer.exe (GdipDrawPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFB2EE)
[Address] EAT @explorer.exe (GdipDrawRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAA8D)
[Address] EAT @explorer.exe (GdipDrawRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFABB1)
[Address] EAT @explorer.exe (GdipDrawRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAC1C)
[Address] EAT @explorer.exe (GdipDrawRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFAD46)
[Address] EAT @explorer.exe (GdipDrawString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD512)
[Address] EAT @explorer.exe (GdipEmfToWmfBits) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04EB9)
[Address] EAT @explorer.exe (GdipEndContainer) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F010D0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFECBA)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEE6B)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF0F8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF2AC)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFEED3)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF084)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF417)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF5F7)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF8F5)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFAD8)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF680)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFF860)
[Address] EAT @explorer.exe (GdipFillClosedCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCEEC)
[Address] EAT @explorer.exe (GdipFillClosedCurve2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD13E)
[Address] EAT @explorer.exe (GdipFillClosedCurve2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD275)
[Address] EAT @explorer.exe (GdipFillClosedCurveI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD025)
[Address] EAT @explorer.exe (GdipFillEllipse) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCA23)
[Address] EAT @explorer.exe (GdipFillEllipseI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCB4E)
[Address] EAT @explorer.exe (GdipFillPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCD6F)
[Address] EAT @explorer.exe (GdipFillPie) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCBB9)
[Address] EAT @explorer.exe (GdipFillPieI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFCCF6)
[Address] EAT @explorer.exe (GdipFillPolygon) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC591)
[Address] EAT @explorer.exe (GdipFillPolygon2) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC7DD)
[Address] EAT @explorer.exe (GdipFillPolygon2I) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC90A)
[Address] EAT @explorer.exe (GdipFillPolygonI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC6C1)
[Address] EAT @explorer.exe (GdipFillRectangle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC1B5)
[Address] EAT @explorer.exe (GdipFillRectangleI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC2E0)
[Address] EAT @explorer.exe (GdipFillRectangles) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC34B)
[Address] EAT @explorer.exe (GdipFillRectanglesI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC478)
[Address] EAT @explorer.exe (GdipFillRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD398)
[Address] EAT @explorer.exe (GdipFindFirstImageItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5ABA)
[Address] EAT @explorer.exe (GdipFindNextImageItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5B60)
[Address] EAT @explorer.exe (GdipFlattenPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8C93)
[Address] EAT @explorer.exe (GdipFlush) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8645)
[Address] EAT @explorer.exe (GdipFree) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02546)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapFillState) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3CA4)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3897)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapMiddleInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3B4D)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF39F2)
[Address] EAT @explorer.exe (GdipGetAllPropertyItems) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4AB3)
[Address] EAT @explorer.exe (GdipGetBrushType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED9F5)
[Address] EAT @explorer.exe (GdipGetCellAscent) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03456)
[Address] EAT @explorer.exe (GdipGetCellDescent) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F034F6)
[Address] EAT @explorer.exe (GdipGetClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F004CC)
[Address] EAT @explorer.exe (GdipGetClipBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F005C4)
[Address] EAT @explorer.exe (GdipGetClipBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00677)
[Address] EAT @explorer.exe (GdipGetCompositingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF88EF)
[Address] EAT @explorer.exe (GdipGetCompositingQuality) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8A3F)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3485)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF35DC)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeCaps) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF31A9)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3325)
[Address] EAT @explorer.exe (GdipGetCustomLineCapType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2FB2)
[Address] EAT @explorer.exe (GdipGetCustomLineCapWidthScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3733)
[Address] EAT @explorer.exe (GdipGetDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F030DD)
[Address] EAT @explorer.exe (GdipGetDpiX) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9BE3)
[Address] EAT @explorer.exe (GdipGetDpiY) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9C94)
[Address] EAT @explorer.exe (GdipGetEffectParameterSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6FCE)
[Address] EAT @explorer.exe (GdipGetEffectParameters) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7033)
[Address] EAT @explorer.exe (GdipGetEmHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F033B6)
[Address] EAT @explorer.exe (GdipGetEncoderParameterList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4145)
[Address] EAT @explorer.exe (GdipGetEncoderParameterListSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF40A4)
[Address] EAT @explorer.exe (GdipGetFamily) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04140)
[Address] EAT @explorer.exe (GdipGetFamilyName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDE91)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03B31)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03BCD)
[Address] EAT @explorer.exe (GdipGetFontHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02DFB)
[Address] EAT @explorer.exe (GdipGetFontHeightGivenDPI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02F03)
[Address] EAT @explorer.exe (GdipGetFontSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02D5D)
[Address] EAT @explorer.exe (GdipGetFontStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02ABB)
[Address] EAT @explorer.exe (GdipGetFontUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0432A)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilyMonospace) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02751)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySansSerif) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0265F)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySerif) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F026D8)
[Address] EAT @explorer.exe (GdipGetHatchBackgroundColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDC14)
[Address] EAT @explorer.exe (GdipGetHatchForegroundColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDB5E)
[Address] EAT @explorer.exe (GdipGetHatchStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDAA8)
[Address] EAT @explorer.exe (GdipGetHemfFromMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F013A4)
[Address] EAT @explorer.exe (GdipGetImageAttributesAdjustedPalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8219)
[Address] EAT @explorer.exe (GdipGetImageBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4F73)
[Address] EAT @explorer.exe (GdipGetImageDecoders) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F020EC)
[Address] EAT @explorer.exe (GdipGetImageDecodersSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02063)
[Address] EAT @explorer.exe (GdipGetImageDimension) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5048)
[Address] EAT @explorer.exe (GdipGetImageEncoders) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02320)
[Address] EAT @explorer.exe (GdipGetImageEncodersSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02297)
[Address] EAT @explorer.exe (GdipGetImageFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5459)
[Address] EAT @explorer.exe (GdipGetImageGraphicsContext) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4E9C)
[Address] EAT @explorer.exe (GdipGetImageHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF51DA)
[Address] EAT @explorer.exe (GdipGetImageHorizontalResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF52AF)
[Address] EAT @explorer.exe (GdipGetImageItemData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5C06)
[Address] EAT @explorer.exe (GdipGetImagePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF56DC)
[Address] EAT @explorer.exe (GdipGetImagePaletteSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5864)
[Address] EAT @explorer.exe (GdipGetImagePixelFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5607)
[Address] EAT @explorer.exe (GdipGetImageRawFormat) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF552E)
[Address] EAT @explorer.exe (GdipGetImageThumbnail) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF59E3)
[Address] EAT @explorer.exe (GdipGetImageType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5933)
[Address] EAT @explorer.exe (GdipGetImageVerticalResolution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5384)
[Address] EAT @explorer.exe (GdipGetImageWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5105)
[Address] EAT @explorer.exe (GdipGetInterpolationMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9195)
[Address] EAT @explorer.exe (GdipGetLineBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE767)
[Address] EAT @explorer.exe (GdipGetLineBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE6B1)
[Address] EAT @explorer.exe (GdipGetLineColors) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE5F2)
[Address] EAT @explorer.exe (GdipGetLineGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE57EC)
[Address] EAT @explorer.exe (GdipGetLinePresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE90F)
[Address] EAT @explorer.exe (GdipGetLinePresetBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFC74)
[Address] EAT @explorer.exe (GdipGetLineRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF8E3)
[Address] EAT @explorer.exe (GdipGetLineRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF998)
[Address] EAT @explorer.exe (GdipGetLineSpacing) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03596)
[Address] EAT @explorer.exe (GdipGetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetLineWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetLogFontA) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02B59)
[Address] EAT @explorer.exe (GdipGetLogFontW) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02C5B)
[Address] EAT @explorer.exe (GdipGetMatrixElements) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB67E)
[Address] EAT @explorer.exe (GdipGetMetafileDownLevelRasterizationLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01F4B)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromEmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F011D9)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0123C)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01300)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0129D)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromWmf) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0116F)
[Address] EAT @explorer.exe (GdipGetNearestColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFA01A)
[Address] EAT @explorer.exe (GdipGetPageScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9A8D)
[Address] EAT @explorer.exe (GdipGetPageUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF991E)
[Address] EAT @explorer.exe (GdipGetPathData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6CA4)
[Address] EAT @explorer.exe (GdipGetPathFillMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6B4A)
[Address] EAT @explorer.exe (GdipGetPathGradientBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFBA0)
[Address] EAT @explorer.exe (GdipGetPathGradientBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE6B1)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF067)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF500)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF5BA)
[Address] EAT @explorer.exe (GdipGetPathGradientFocusScales) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0744)
[Address] EAT @explorer.exe (GdipGetPathGradientGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFAED)
[Address] EAT @explorer.exe (GdipGetPathGradientPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF4BD)
[Address] EAT @explorer.exe (GdipGetPathGradientPointCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF776)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFD2E)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlendCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFC74)
[Address] EAT @explorer.exe (GdipGetPathGradientRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF8E3)
[Address] EAT @explorer.exe (GdipGetPathGradientRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF998)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF829)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorsWithCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF1D3)
[Address] EAT @explorer.exe (GdipGetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetPathGradientWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetPathLastPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE711A)
[Address] EAT @explorer.exe (GdipGetPathPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE68FA)
[Address] EAT @explorer.exe (GdipGetPathPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6A06)
[Address] EAT @explorer.exe (GdipGetPathTypes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE67F1)
[Address] EAT @explorer.exe (GdipGetPathWorldBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE92AF)
[Address] EAT @explorer.exe (GdipGetPathWorldBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE947B)
[Address] EAT @explorer.exe (GdipGetPenBrushFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2462)
[Address] EAT @explorer.exe (GdipGetPenColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2297)
[Address] EAT @explorer.exe (GdipGetPenCompoundArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2C11)
[Address] EAT @explorer.exe (GdipGetPenCompoundCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2AA7)
[Address] EAT @explorer.exe (GdipGetPenCustomEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1856)
[Address] EAT @explorer.exe (GdipGetPenCustomStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1697)
[Address] EAT @explorer.exe (GdipGetPenDashArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF29ED)
[Address] EAT @explorer.exe (GdipGetPenDashCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF138A)
[Address] EAT @explorer.exe (GdipGetPenDashCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2883)
[Address] EAT @explorer.exe (GdipGetPenDashOffset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2735)
[Address] EAT @explorer.exe (GdipGetPenDashStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF25E4)
[Address] EAT @explorer.exe (GdipGetPenEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF12DA)
[Address] EAT @explorer.exe (GdipGetPenFillType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2527)
[Address] EAT @explorer.exe (GdipGetPenLineJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF14DF)
[Address] EAT @explorer.exe (GdipGetPenMiterLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF19B2)
[Address] EAT @explorer.exe (GdipGetPenMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1B05)
[Address] EAT @explorer.exe (GdipGetPenStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF122A)
[Address] EAT @explorer.exe (GdipGetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1CBB)
[Address] EAT @explorer.exe (GdipGetPenUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0EF0)
[Address] EAT @explorer.exe (GdipGetPenWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0D81)
[Address] EAT @explorer.exe (GdipGetPixelOffsetMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8D3E)
[Address] EAT @explorer.exe (GdipGetPointCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE673E)
[Address] EAT @explorer.exe (GdipGetPropertyCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF479D)
[Address] EAT @explorer.exe (GdipGetPropertyIdList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4838)
[Address] EAT @explorer.exe (GdipGetPropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4974)
[Address] EAT @explorer.exe (GdipGetPropertyItemSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF48D6)
[Address] EAT @explorer.exe (GdipGetPropertySize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4A15)
[Address] EAT @explorer.exe (GdipGetRegionBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC754)
[Address] EAT @explorer.exe (GdipGetRegionBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC876)
[Address] EAT @explorer.exe (GdipGetRegionData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED062)
[Address] EAT @explorer.exe (GdipGetRegionDataSize) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECF89)
[Address] EAT @explorer.exe (GdipGetRegionHRgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC9F1)
[Address] EAT @explorer.exe (GdipGetRegionScans) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED62C)
[Address] EAT @explorer.exe (GdipGetRegionScansCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED504)
[Address] EAT @explorer.exe (GdipGetRegionScansI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED755)
[Address] EAT @explorer.exe (GdipGetRenderingOrigin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF877D)
[Address] EAT @explorer.exe (GdipGetSmoothingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8BAF)
[Address] EAT @explorer.exe (GdipGetSolidFillColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDF44)
[Address] EAT @explorer.exe (GdipGetStringFormatAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F02ABB)
[Address] EAT @explorer.exe (GdipGetStringFormatDigitSubstitution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F048AF)
[Address] EAT @explorer.exe (GdipGetStringFormatFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04140)
[Address] EAT @explorer.exe (GdipGetStringFormatHotkeyPrefix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04469)
[Address] EAT @explorer.exe (GdipGetStringFormatLineAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0432A)
[Address] EAT @explorer.exe (GdipGetStringFormatMeasurableCharacterRangeCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04704)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStopCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F045B7)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStops) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04659)
[Address] EAT @explorer.exe (GdipGetStringFormatTrimming) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d

 

[needhelp51]

Here is delete log part 4 (last):

2e82386681b36\gdiplus.dll @ 0x73F049DF)
[Address] EAT @explorer.exe (GdipGetTextContrast) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8F4F)
[Address] EAT @explorer.exe (GdipGetTextRenderingHint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9000)
[Address] EAT @explorer.exe (GdipGetTextureImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDD6E)
[Address] EAT @explorer.exe (GdipGetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF01D0)
[Address] EAT @explorer.exe (GdipGetTextureWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF011D)
[Address] EAT @explorer.exe (GdipGetVisibleClipBounds) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00837)
[Address] EAT @explorer.exe (GdipGetVisibleClipBoundsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F008EA)
[Address] EAT @explorer.exe (GdipGetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9782)
[Address] EAT @explorer.exe (GdipGraphicsClear) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFC10D)
[Address] EAT @explorer.exe (GdipGraphicsSetAbort) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7590)
[Address] EAT @explorer.exe (GdipImageForceValidation) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5CAC)
[Address] EAT @explorer.exe (GdipImageGetFrameCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF45B5)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4482)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsList) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF451A)
[Address] EAT @explorer.exe (GdipImageRotateFlip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4705)
[Address] EAT @explorer.exe (GdipImageSelectActiveFrame) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4650)
[Address] EAT @explorer.exe (GdipImageSetAbort) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF74EA)
[Address] EAT @explorer.exe (GdipInitializePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF718C)
[Address] EAT @explorer.exe (GdipInvertMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB0F4)
[Address] EAT @explorer.exe (GdipIsClipEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00782)
[Address] EAT @explorer.exe (GdipIsEmptyRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECB35)
[Address] EAT @explorer.exe (GdipIsEqualRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECDC5)
[Address] EAT @explorer.exe (GdipIsInfiniteRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EECC7D)
[Address] EAT @explorer.exe (GdipIsMatrixEqual) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB899)
[Address] EAT @explorer.exe (GdipIsMatrixIdentity) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB7E6)
[Address] EAT @explorer.exe (GdipIsMatrixInvertible) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB731)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE982D)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9A55)
[Address] EAT @explorer.exe (GdipIsStyleAvailable) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03317)
[Address] EAT @explorer.exe (GdipIsVisibleClipEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F009F5)
[Address] EAT @explorer.exe (GdipIsVisiblePathPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9647)
[Address] EAT @explorer.exe (GdipIsVisiblePathPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE97CE)
[Address] EAT @explorer.exe (GdipIsVisiblePoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00AAA)
[Address] EAT @explorer.exe (GdipIsVisiblePointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00B6F)
[Address] EAT @explorer.exe (GdipIsVisibleRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00BCB)
[Address] EAT @explorer.exe (GdipIsVisibleRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00C9F)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED155)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED2C0)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED31F)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EED496)
[Address] EAT @explorer.exe (GdipLoadImageFromFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3E2B)
[Address] EAT @explorer.exe (GdipLoadImageFromFileICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3FD1)
[Address] EAT @explorer.exe (GdipLoadImageFromStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3D58)
[Address] EAT @explorer.exe (GdipLoadImageFromStreamICM) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3EFE)
[Address] EAT @explorer.exe (GdipMeasureCharacterRanges) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD896)
[Address] EAT @explorer.exe (GdipMeasureDriverString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFDC8D)
[Address] EAT @explorer.exe (GdipMeasureString) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFD6FB)
[Address] EAT @explorer.exe (GdipMultiplyLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAC7D)
[Address] EAT @explorer.exe (GdipMultiplyPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1E61)
[Address] EAT @explorer.exe (GdipMultiplyTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0485)
[Address] EAT @explorer.exe (GdipMultiplyWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF93D4)
[Address] EAT @explorer.exe (GdipNewInstalledFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03936)
[Address] EAT @explorer.exe (GdipNewPrivateFontCollection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F039B9)
[Address] EAT @explorer.exe (GdipPathIterCopyData) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA586)
[Address] EAT @explorer.exe (GdipPathIterEnumerate) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA481)
[Address] EAT @explorer.exe (GdipPathIterGetCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA0EA)
[Address] EAT @explorer.exe (GdipPathIterGetSubpathCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA1A7)
[Address] EAT @explorer.exe (GdipPathIterHasCurve) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA321)
[Address] EAT @explorer.exe (GdipPathIterIsValid) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA264)
[Address] EAT @explorer.exe (GdipPathIterNextMarker) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9F2B)
[Address] EAT @explorer.exe (GdipPathIterNextMarkerPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA02A)
[Address] EAT @explorer.exe (GdipPathIterNextPathType) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9E0D)
[Address] EAT @explorer.exe (GdipPathIterNextSubpath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9C0A)
[Address] EAT @explorer.exe (GdipPathIterNextSubpathPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9D28)
[Address] EAT @explorer.exe (GdipPathIterRewind) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEA3D2)
[Address] EAT @explorer.exe (GdipPlayMetafileRecord) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFC76)
[Address] EAT @explorer.exe (GdipPlayTSClientRecord) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F051D7)
[Address] EAT @explorer.exe (GdipPrivateAddFontFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03C82)
[Address] EAT @explorer.exe (GdipPrivateAddMemoryFont) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03D20)
[Address] EAT @explorer.exe (GdipRecordMetafile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01898)
[Address] EAT @explorer.exe (GdipRecordMetafileFileName) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01A6D)
[Address] EAT @explorer.exe (GdipRecordMetafileFileNameI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01BA5)
[Address] EAT @explorer.exe (GdipRecordMetafileI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F019B7)
[Address] EAT @explorer.exe (GdipRecordMetafileStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01C5E)
[Address] EAT @explorer.exe (GdipRecordMetafileStreamI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01D96)
[Address] EAT @explorer.exe (GdipReleaseDC) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F031A4)
[Address] EAT @explorer.exe (GdipRemovePropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4B54)
[Address] EAT @explorer.exe (GdipResetClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00328)
[Address] EAT @explorer.exe (GdipResetImageAttributes) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF79D5)
[Address] EAT @explorer.exe (GdipResetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetPageTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9878)
[Address] EAT @explorer.exe (GdipResetPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE669B)
[Address] EAT @explorer.exe (GdipResetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1DC1)
[Address] EAT @explorer.exe (GdipResetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF03E2)
[Address] EAT @explorer.exe (GdipResetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9336)
[Address] EAT @explorer.exe (GdipRestoreGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00DBF)
[Address] EAT @explorer.exe (GdipReversePath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE7077)
[Address] EAT @explorer.exe (GdipRotateLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAF5C)
[Address] EAT @explorer.exe (GdipRotatePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotatePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2123)
[Address] EAT @explorer.exe (GdipRotateTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0677)
[Address] EAT @explorer.exe (GdipRotateWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF96BA)
[Address] EAT @explorer.exe (GdipSaveAdd) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF433D)
[Address] EAT @explorer.exe (GdipSaveAddImage) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF43DB)
[Address] EAT @explorer.exe (GdipSaveGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00D0A)
[Address] EAT @explorer.exe (GdipSaveImageToFile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4293)
[Address] EAT @explorer.exe (GdipSaveImageToStream) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF41E9)
[Address] EAT @explorer.exe (GdipScaleLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScaleMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEAE8A)
[Address] EAT @explorer.exe (GdipScalePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScalePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF204D)
[Address] EAT @explorer.exe (GdipScaleTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF059E)
[Address] EAT @explorer.exe (GdipScaleWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF95E6)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapFillState) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3C01)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapHeight) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF37F0)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapMiddleInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3AA6)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF394B)
[Address] EAT @explorer.exe (GdipSetClipGraphics) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFD64)
[Address] EAT @explorer.exe (GdipSetClipHrgn) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0023B)
[Address] EAT @explorer.exe (GdipSetClipPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFFDA)
[Address] EAT @explorer.exe (GdipSetClipRect) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFE90)
[Address] EAT @explorer.exe (GdipSetClipRectI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EFFF6F)
[Address] EAT @explorer.exe (GdipSetClipRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0010D)
[Address] EAT @explorer.exe (GdipSetCompositingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8850)
[Address] EAT @explorer.exe (GdipSetCompositingQuality) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF89A0)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF33E2)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseInset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3542)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeCaps) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3103)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF328B)
[Address] EAT @explorer.exe (GdipSetCustomLineCapWidthScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF3699)
[Address] EAT @explorer.exe (GdipSetEffectParameters) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF6F65)
[Address] EAT @explorer.exe (GdipSetEmpty) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC11E)
[Address] EAT @explorer.exe (GdipSetImageAttributesCachedBackground) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF80CD)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorKeys) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7DA9)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7A92)
[Address] EAT @explorer.exe (GdipSetImageAttributesGamma) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7C22)
[Address] EAT @explorer.exe (GdipSetImageAttributesNoOp) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7CE9)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannel) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7E81)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannelColorProfile) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7F44)
[Address] EAT @explorer.exe (GdipSetImageAttributesRemapTable) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8007)
[Address] EAT @explorer.exe (GdipSetImageAttributesThreshold) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7B5B)
[Address] EAT @explorer.exe (GdipSetImageAttributesToIdentity) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF7918)
[Address] EAT @explorer.exe (GdipSetImageAttributesWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8170)
[Address] EAT @explorer.exe (GdipSetImagePalette) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF5796)
[Address] EAT @explorer.exe (GdipSetInfinite) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC080)
[Address] EAT @explorer.exe (GdipSetInterpolationMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF90B1)
[Address] EAT @explorer.exe (GdipSetLineBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE83B)
[Address] EAT @explorer.exe (GdipSetLineColors) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE53D)
[Address] EAT @explorer.exe (GdipSetLineGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE5793)
[Address] EAT @explorer.exe (GdipSetLineLinearBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEE2A)
[Address] EAT @explorer.exe (GdipSetLinePresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEB24)
[Address] EAT @explorer.exe (GdipSetLineSigmaBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEED78)
[Address] EAT @explorer.exe (GdipSetLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetLineWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEEDC)
[Address] EAT @explorer.exe (GdipSetMatrixElements) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEABB9)
[Address] EAT @explorer.exe (GdipSetMetafileDownLevelRasterizationLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F01E4F)
[Address] EAT @explorer.exe (GdipSetPageScale) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9B3E)
[Address] EAT @explorer.exe (GdipSetPageUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF99CF)
[Address] EAT @explorer.exe (GdipSetPathFillMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6C00)
[Address] EAT @explorer.exe (GdipSetPathGradientBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEE83B)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF12F)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPoint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF64E)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPointI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF708)
[Address] EAT @explorer.exe (GdipSetPathGradientFocusScales) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0829)
[Address] EAT @explorer.exe (GdipSetPathGradientGammaCorrection) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFA50)
[Address] EAT @explorer.exe (GdipSetPathGradientLinearBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEE2A)
[Address] EAT @explorer.exe (GdipSetPathGradientPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF4BD)
[Address] EAT @explorer.exe (GdipSetPathGradientPresetBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEFEDA)
[Address] EAT @explorer.exe (GdipSetPathGradientSigmaBlend) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEED78)
[Address] EAT @explorer.exe (GdipSetPathGradientSurroundColorsWithCount) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEF301)
[Address] EAT @explorer.exe (GdipSetPathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetPathGradientWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDCCA)
[Address] EAT @explorer.exe (GdipSetPathMarker) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6F31)
[Address] EAT @explorer.exe (GdipSetPenBrushFill) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2357)
[Address] EAT @explorer.exe (GdipSetPenColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF21ED)
[Address] EAT @explorer.exe (GdipSetPenCompoundArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2B57)
[Address] EAT @explorer.exe (GdipSetPenCustomEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF174E)
[Address] EAT @explorer.exe (GdipSetPenCustomStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF158F)
[Address] EAT @explorer.exe (GdipSetPenDashArray) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2933)
[Address] EAT @explorer.exe (GdipSetPenDashCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1189)
[Address] EAT @explorer.exe (GdipSetPenDashOffset) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF27E5)
[Address] EAT @explorer.exe (GdipSetPenDashStyle) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF2694)
[Address] EAT @explorer.exe (GdipSetPenEndCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF10E8)
[Address] EAT @explorer.exe (GdipSetPenLineCap197819) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0FA0)
[Address] EAT @explorer.exe (GdipSetPenLineJoin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1441)
[Address] EAT @explorer.exe (GdipSetPenMiterLimit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF190D)
[Address] EAT @explorer.exe (GdipSetPenMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1A62)
[Address] EAT @explorer.exe (GdipSetPenStartCap) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1047)
[Address] EAT @explorer.exe (GdipSetPenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1BB5)
[Address] EAT @explorer.exe (GdipSetPenUnit) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0E31)
[Address] EAT @explorer.exe (GdipSetPenWidth) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF0CE3)
[Address] EAT @explorer.exe (GdipSetPixelOffsetMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8C85)
[Address] EAT @explorer.exe (GdipSetPropertyItem) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF4BEF)
[Address] EAT @explorer.exe (GdipSetRenderingOrigin) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF86DB)
[Address] EAT @explorer.exe (GdipSetSmoothingMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8AF0)
[Address] EAT @explorer.exe (GdipSetSolidFillColor) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDEA1)
[Address] EAT @explorer.exe (GdipSetStringFormatAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F041DE)
[Address] EAT @explorer.exe (GdipSetStringFormatDigitSubstitution) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0481E)
[Address] EAT @explorer.exe (GdipSetStringFormatFlags) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F040B4)
[Address] EAT @explorer.exe (GdipSetStringFormatHotkeyPrefix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F043C8)
[Address] EAT @explorer.exe (GdipSetStringFormatLineAlign) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04284)
[Address] EAT @explorer.exe (GdipSetStringFormatMeasurableCharacterRanges) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04786)
[Address] EAT @explorer.exe (GdipSetStringFormatTabStops) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F0450B)
[Address] EAT @explorer.exe (GdipSetStringFormatTrimming) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04940)
[Address] EAT @explorer.exe (GdipSetTextContrast) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8EAE)
[Address] EAT @explorer.exe (GdipSetTextRenderingHint) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF8DEF)
[Address] EAT @explorer.exe (GdipSetTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF02D9)
[Address] EAT @explorer.exe (GdipSetTextureWrapMode) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEDCCA)
[Address] EAT @explorer.exe (GdipSetWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9232)
[Address] EAT @explorer.exe (GdipShearMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB022)
[Address] EAT @explorer.exe (GdipStartPathFigure) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6D4A)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericDefault) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03E91)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericTypographic) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F03F14)
[Address] EAT @explorer.exe (GdipTestControl) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F04E42)
[Address] EAT @explorer.exe (GdipTransformMatrixPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB192)
[Address] EAT @explorer.exe (GdipTransformMatrixPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB24B)
[Address] EAT @explorer.exe (GdipTransformPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE91A8)
[Address] EAT @explorer.exe (GdipTransformPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9D45)
[Address] EAT @explorer.exe (GdipTransformPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9E06)
[Address] EAT @explorer.exe (GdipTransformRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC64E)
[Address] EAT @explorer.exe (GdipTranslateClip) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F003C6)
[Address] EAT @explorer.exe (GdipTranslateClipI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73F00473)
[Address] EAT @explorer.exe (GdipTranslateLineTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslateMatrix) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEADB8)
[Address] EAT @explorer.exe (GdipTranslatePathGradientTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslatePenTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF1F77)
[Address] EAT @explorer.exe (GdipTranslateRegion) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC56E)
[Address] EAT @explorer.exe (GdipTranslateRegionI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEC5F5)
[Address] EAT @explorer.exe (GdipTranslateTextureTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEEF8E)
[Address] EAT @explorer.exe (GdipTranslateWorldTransform) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EF9512)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPoints) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB3C1)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPointsI) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EEB47A)
[Address] EAT @explorer.exe (GdipWarpPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE9048)
[Address] EAT @explorer.exe (GdipWidenPath) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8EC5)
[Address] EAT @explorer.exe (GdipWindingModeOutline) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE8DAB)
[Address] EAT @explorer.exe (GdiplusNotificationHook) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6189)
[Address] EAT @explorer.exe (GdiplusNotificationUnhook) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE6205)
[Address] EAT @explorer.exe (GdiplusShutdown) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE56EC)
[Address] EAT @explorer.exe (GdiplusStartup) : OLEACC.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll @ 0x73EE562E)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MQ01ABD100 ATA Device +++++
--- User ---
[MBR] 66b391a23e756908897a22067406417e
[BSP] 66b9074cfe339a50f6f3163c89590255 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_07012006_031723.txt >>

 

[needhelp51]

Here are MBR logs:

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.04.06.10
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
Admin :: ADMIN-PC [administrator]
2006-07-01 03:21:43
mbar-log-2006-07-01 (03-21-43).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 210495
Time elapsed: 24 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 11.0.9600.16521
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.839000 GHz
Memory total: 3219316736, free: 2165690368
Downloaded database version: v2014.04.06.10
Downloaded database version: v2014.03.27.01
=======================================
Initializing...
------------ Kernel report ------------
07/01/2006 03:21:21
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\cmderd.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\DRIVERS\cmdguard.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\cmdhlp.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\inspect.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\e1e6032.sys
\SystemRoot\system32\DRIVERS\netw5v32.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\CHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\HSFHWAZL.sys
\SystemRoot\system32\DRIVERS\HSF_DPV.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Admin\AppData\Local\Temp\mbr.sys
\??\C:\Windows\system32\TrueSight.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\kernel32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imagehlp.dll
\Windows\System32\lpk.dll
\Windows\System32\nsi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\wininet.dll
\Windows\System32\urlmon.dll
\Windows\System32\setupapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\ole32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msctf.dll
\Windows\System32\psapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\user32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8606c7f0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff85bc9908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8606c7f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8606c428, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8606c7f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85b8c910, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85bc9908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 90199019
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 1953520002
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

 

[Broni]

Just noticed my Windows date/time is 2006/07/01 03:49 AM...

Did you correct it?

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[needhelp51]

Seems my BIOS time was also in 2006. I corrected in BIOS and time was ok in windows upon reboot, I'll run COmbofix and come back with results.

 

[Broni]

 

[needhelp51]

Here is Rkill because Combofix would not load at first:

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/06/2014 07:03:19 AM in x86 mode. (Safe Mode)
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Système d’événement COM+ (EventSystem) is not Running.
Startup Type set to: Automatic

* Centre de sécurité (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/06/2014 07:04:41 AM
Execution time: 0 hours(s), 1 minute(s), and 22 seconds(s)

Here is Combofix:

ComboFix 14-04-06.01 - Admin 2014-04-06 7:07.1.2 - x86 NETWORK
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.1.1036.18.3070.2190 [GMT -4:00]
Lancé depuis: c:\users\Admin\Desktop\NotCF.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVAST Software\Avast\setup\d6490987-5cf9-4c81-a5fd-6e3adb4dac10.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-03-06 au 2014-04-06 ))))))))))))))))))))))))))))))))))))
.
.
2014-04-06 13:53 . 1999-10-12 22:47 24576 ----a-w- c:\windows\system32\TSCI.dll
2014-04-06 13:53 . 1999-10-12 22:45 24576 ----a-w- c:\windows\system32\THCI.dll
2014-04-06 11:13 . 2014-04-06 11:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-05 17:03 . 2014-04-05 17:03 -------- d-----w- c:\program files\EA GAMES
2014-04-05 14:19 . 2006-07-01 07:21 107224 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-05 14:19 . 2014-04-05 14:19 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-05 14:19 . 2014-04-05 14:19 -------- d-----w- c:\programdata\Malwarebytes
2014-04-05 14:19 . 2014-04-03 13:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-05 14:19 . 2014-04-03 13:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-05 14:19 . 2006-07-01 07:19 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-05 13:47 . 2014-04-05 13:47 -------- d-----w- c:\programdata\Auslogics
2014-04-05 13:46 . 2014-04-05 13:46 -------- d-----w- c:\program files\Auslogics
2014-04-05 13:36 . 2014-04-05 13:36 -------- d-----w- c:\program files\Audacity
2014-04-05 13:31 . 2014-04-05 13:31 -------- d-----w- c:\programdata\Oracle
2014-04-05 13:26 . 2014-04-05 13:26 -------- d-----w- c:\program files\Common Files\Java
2014-04-05 13:25 . 2014-04-05 13:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-05 13:24 . 2014-04-05 13:24 -------- d-----w- c:\program files\Java
2014-04-05 02:47 . 2014-04-05 02:47 -------- d-----w- c:\programdata\DonationCoder
2014-04-05 02:47 . 2014-04-05 02:47 -------- d-----w- c:\program files\ScreenshotCaptor
2014-04-04 23:17 . 2014-04-04 23:17 -------- d-----w- c:\program files\Synaptics
2014-04-04 23:14 . 2006-11-14 15:26 430080 ----a-w- c:\windows\system32\TOSCDSPD.cpl
2014-04-04 23:14 . 2014-04-06 14:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2014-04-04 23:12 . 2014-04-05 17:01 -------- d-----w- c:\program files\Common Files\InstallShield
2014-04-04 23:00 . 2009-07-28 19:43 128344 ----a-w- c:\windows\system32\TODDSrv.exe
2014-04-04 23:00 . 2014-04-06 13:58 -------- d-----w- c:\program files\TOSHIBA
2014-04-04 22:17 . 2014-04-04 22:19 -------- d-s---w- c:\programdata\Shared Space
2014-04-04 22:17 . 2014-04-04 22:17 -------- d-----w- c:\program files\COMODO
2014-04-04 22:16 . 2014-04-04 22:16 -------- d-----w- c:\programdata\Comodo Downloader
2014-04-04 22:13 . 2014-04-04 22:19 -------- d-----w- c:\programdata\Comodo
2014-04-04 22:01 . 2014-04-04 22:01 67264 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-04 22:01 . 2014-04-04 22:01 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-04 22:01 . 2014-04-04 22:01 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-04 22:01 . 2014-04-04 22:01 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-04 22:01 . 2014-04-04 22:01 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-04 22:01 . 2014-04-04 22:01 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-04 22:01 . 2014-04-04 22:01 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-04 22:01 . 2014-04-04 22:01 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-04 22:01 . 2014-04-04 22:01 43152 ----a-w- c:\windows\avastSS.scr
2014-04-04 21:58 . 2014-04-04 21:58 -------- d-----w- c:\program files\AVAST Software
2014-04-04 21:57 . 2014-04-04 21:57 -------- d-----w- c:\programdata\AVAST Software
2014-04-04 21:50 . 2014-04-04 21:50 -------- d-----w- c:\program files\Secunia
2014-04-04 21:49 . 2014-03-17 14:16 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{86F4A052-CDEA-46B7-88E4-279EC55A6DB8}\mpengine.dll
2014-04-04 03:44 . 2014-04-04 03:44 -------- d-----w- c:\program files\IrfanView
2014-04-04 03:44 . 2014-04-04 03:44 -------- d-----w- c:\program files\Common Files\Adobe
2014-04-04 03:41 . 2014-04-04 03:41 -------- d-----w- c:\program files\VideoLAN
2014-04-04 03:28 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-04-04 03:23 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-04-04 03:23 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-04-04 03:23 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-04-04 03:15 . 2014-04-04 03:18 -------- d-----w- c:\windows\system32\MRT
2014-04-04 03:07 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-04-04 03:07 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-04 03:07 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2014-04-04 03:07 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-04 03:07 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2014-04-04 03:07 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2014-04-04 03:07 . 2013-10-01 23:58 53248 ----a-w- c:\windows\system32\tsgqec.dll
2014-04-04 03:07 . 2013-10-01 23:08 855552 ----a-w- c:\windows\system32\rdvidcrl.dll
2014-04-04 03:07 . 2013-10-01 23:00 76288 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-04-04 03:07 . 2013-10-01 22:53 350208 ----a-w- c:\windows\system32\wksprt.exe
2014-04-04 03:07 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2014-04-04 03:06 . 2014-04-04 22:56 -------- d-----w- c:\program files\CONEXANT
2014-04-04 03:05 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2014-04-04 03:05 . 2013-09-25 01:57 792576 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-04-04 02:58 . 2014-04-04 02:58 -------- d-----w- c:\program files\Microsoft.NET
2014-04-04 02:58 . 2014-04-04 02:58 -------- d-----w- c:\windows\Migration
2014-04-04 02:48 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-04 02:48 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-04 02:47 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-04 02:47 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-04 02:47 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-04 02:47 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-04 02:47 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-04 02:41 . 2014-04-04 02:41 -------- d-----w- c:\windows\system32\Wat
2014-04-04 02:29 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-04 02:29 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-04 02:02 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-04 02:02 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-04 01:59 . 2014-04-04 01:59 -------- d-----w- c:\program files\Common Files\Skype
2014-04-04 01:59 . 2014-04-04 01:59 -------- d-----r- c:\program files\Skype
2014-04-04 01:59 . 2014-04-04 01:59 -------- d-----w- c:\programdata\Skype
2014-04-04 01:53 . 2014-04-04 01:55 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-04-04 01:50 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-04-04 01:50 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-04 01:50 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-04-04 01:50 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-04-04 01:50 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll
2014-04-04 01:50 . 2011-06-15 08:55 81920 ----a-w- c:\windows\system32\odbccr32.dll
2014-04-04 01:50 . 2011-06-15 08:55 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2014-04-04 01:50 . 2011-06-15 08:55 122880 ----a-w- c:\windows\system32\odbccp32.dll
2014-04-04 01:50 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2014-04-04 01:50 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll
2014-04-04 01:41 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-04-04 01:41 . 2014-02-07 01:07 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-04-04 01:41 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2014-04-04 01:41 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-04-04 01:41 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2014-04-04 01:41 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-04 01:41 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-04-04 01:41 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-04-04 01:41 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2014-04-04 01:41 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-04-04 01:41 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-04-04 01:40 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-04-04 01:40 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\system32\authui.dll
2014-04-04 01:40 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-04-04 01:40 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2014-04-04 01:40 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-04-04 01:39 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2014-04-04 01:39 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-04-04 01:39 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-04-04 01:39 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-04-04 01:39 . 2014-02-04 02:04 509440 ----a-w- c:\windows\system32\qedit.dll
2014-04-04 01:39 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-04-04 01:39 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-04-04 01:37 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-04-04 01:37 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2014-04-04 01:37 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2014-04-04 01:37 . 2013-08-01 11:03 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-04-04 01:37 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-04-04 01:36 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-04-04 01:36 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-04 01:34 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-04-04 01:34 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-04-04 01:34 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-04 23:15 . 2006-03-09 14:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2014-04-04 23:15 . 2006-10-27 18:11 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2014-04-04 23:15 . 2006-10-27 17:24 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-04-04 23:15 . 2006-10-27 18:14 179896 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-04-04 23:15 . 2006-10-27 17:14 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2014-04-04 23:15 . 2006-10-27 17:13 163840 ----a-w- c:\windows\system32\SynCOM.dll
2014-04-04 22:54 . 2006-11-07 13:54 172032 ----a-w- c:\windows\system32\UCI32114.dll
2014-04-04 22:54 . 2006-03-23 19:45 61952 ----a-w- c:\windows\system32\CHDAudPropShortcut.exe
2014-04-04 22:54 . 2006-03-23 19:45 5120 ----a-w- c:\windows\system32\CHdAudPropres.dll
2014-04-04 22:54 . 2006-03-23 19:45 24064 ----a-w- c:\windows\system32\CHdAudprop.dll
2014-04-04 22:54 . 2006-03-23 19:45 566272 ----a-w- c:\windows\system32\drivers\CHDAud.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-04 22:01 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2006-11-13 413696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-04 3854640]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-26 1225944]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2014-04-04 61952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2014-04-04 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-21 476512]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-04-04 776976]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-04-04 411552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2014-03-26 607168]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-04-04 67824]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-04-04 67264]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-26 1663192]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_x86.sys [2013-12-06 16024]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-04-04 1343400]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2014-03-26 20072]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2014-03-26 43728]
S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-03 23:40 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-03 23:34]
.
2014-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-03 23:34]
.
.
------- Examen supplémentaire -------
.
TCP: DhcpNameServer = 47.55.55.55 142.166.166.166
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yk8py79e.default\
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Heure de fin: 2014-04-06 07:15:05
ComboFix-quarantined-files.txt 2014-04-06 11:15
.
Avant-CF: 760 783 863 808 octets libres
Après-CF: 760 733 167 616 octets libres
.
- - End Of File - - 661F9419A95493C24992F4FCBF3B6A6F
A36C5E4F47E84449FF07ED3517B43A31

 

[Broni]

Looks good.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[needhelp51]

Here is adwcleaner log:

# AdwCleaner v3.023 - Rapport créé le 06/04/2014 à 08:00:55
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
# Nom d'utilisateur : Admin - ADMIN-PC
# Exécuté depuis : C:\Users\Admin\Desktop\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (fr)

[ Fichier : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yk8py79e.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ Fichier : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [934 octets] - [06/04/2014 07:56:07]
AdwCleaner[S0].txt - [856 octets] - [06/04/2014 08:00:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [915 octets] ##########

Here is JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Admin on 2014-04-06 at 8:08:42,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-04-06 at 8:41:57,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here is extra log

OTL Extras logfile created on: 06/04/2014 08:42:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 0000040c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 78,51% Memory free
5,99 Gb Paging File | 5,19 Gb Available in Paging File | 86,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 708,59 Gb Free Space | 76,07% Space Free | Partition Type: NTFS
Drive D: | 626,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-811221372-2198457851-1441504835-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20D8E360-26EF-4DB8-B9E0-1CE127362ED0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{264B5290-64C5-49E2-A03D-B025AEF1A5E9}" = lport=445 | protocol=6 | dir=in | app=system |
"{304A2530-2E3D-44A2-A1E5-C766BF75FD63}" = lport=138 | protocol=17 | dir=in | app=system |
"{56955EDD-6598-4B6C-A388-41345EBF3B82}" = lport=139 | protocol=6 | dir=in | app=system |
"{5D64E515-2228-4D24-AC60-D669D2CED137}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F83D034-070F-4DBE-9F1F-6580B8AA50F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{732FBBC7-B516-492B-83F1-EDA4B98A4343}" = rport=139 | protocol=6 | dir=out | app=system |
"{7F993FCC-F60D-4F73-8EEA-B5315EA1A296}" = rport=137 | protocol=17 | dir=out | app=system |
"{8366369E-758F-4DD7-9C0E-6CBFC17BAE6C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BA6E21F-B110-4B1B-8F9B-45978029DBD8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{969FE27B-05B6-4A57-A717-F4D888486CD9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9A1D3C90-C157-4EAE-A4AA-9EF998A92790}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AEC5953-FC10-4F88-B19D-9502A67F5F4E}" = rport=445 | protocol=6 | dir=out | app=system |
"{A34983BE-C905-4D47-BB7C-6629E6981401}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE7FAF1D-1570-4DF7-B363-2AC0640236FB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BABB0199-C8C2-4356-8A78-124F416973DE}" = lport=137 | protocol=17 | dir=in | app=system |
"{C39BB5E8-DC51-47EB-83F7-725AD01143A1}" = rport=138 | protocol=17 | dir=out | app=system |
"{DAD462DA-C63B-45F0-A744-9AEBADBD8990}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD38138C-C32E-45D9-87B9-9337376B6D3C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E8CC1F15-A826-4603-A77D-9873F50F4DDD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{ED25AE5E-B536-4CBE-8BAB-FBE8AE715F0F}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00029821-A688-4B93-876A-AC7792EBF01D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{203523BA-BA86-4B95-AD16-106A4AC4FB68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C8FEBEA-86AE-4434-B641-BF29E85A5EFD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{506CBBD0-B872-4D45-AFD0-FCD96CD9D533}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5317ED17-DD00-488F-A940-8C5292699720}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A4639D9-067B-4A1A-8144-BF235939A9D0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B0C452F-9995-4C34-9BB0-3BA64DD5EBF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74E9D70C-90ED-4003-8A54-93C5C2162AB7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77ADD751-59A0-495E-8668-B8AA556FCCD6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{884E0973-6B40-46BF-818E-34DB8A4C8F44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96F4D021-9378-4644-A781-09D11DC08465}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B7D1FF4A-C760-4A38-98DC-83294967B184}" = protocol=6 | dir=out | app=system |
"{C87ED231-6A6E-4848-8740-01A18A73B91B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D51E337D-B1CE-40C5-8062-7A8AC4AEE315}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6600C86-55E2-45B8-8EF1-6DAC3B58DDF3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FC3BE086-4360-422D-8A82-14E3DD7ACF5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD738DDA-7FE8-4655-BCAA-F2E4D67AF94C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}" = OpenOffice 4.0.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Français
"{C507986C-A83D-3F09-9099-5E1AF20BE648}" = Microsoft .NET Framework 4.5.1 (FRA)
"{D32EF4F9-1506-434E-A813-3D4C0AA50300}" = COMODO Firewall
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Audacity_is1" = Audacity 2.0.5
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP
"Google Chrome" = Google Chrome
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Mozilla Firefox 28.0 (x86 fr)" = Mozilla Firefox 28.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"ScreenshotCaptor_is1" = Screenshot Captor 4.8
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.1.3

< End of report >

 

[needhelp51]

Here is OTL:
OTL logfile created on: 06/04/2014 08:42:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 0000040c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 78,51% Memory free
5,99 Gb Paging File | 5,19 Gb Available in Paging File | 86,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 708,59 Gb Free Space | 76,07% Space Free | Partition Type: NTFS
Drive D: | 626,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/06 07:52:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2014/04/04 18:01:17 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/04 18:01:17 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/03 20:33:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/03/25 20:22:40 | 005,302,384 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2014/03/25 20:22:16 | 001,864,408 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/06 10:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\PSIA.exe
PRC - [2013/12/06 10:47:18 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/21 09:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/21 09:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 14:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 14:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2006/11/13 13:01:34 | 000,413,696 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/04 18:01:18 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2009/07/25 11:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 15:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 15:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/03/12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll


========== Services (SafeList) ==========

SRV - [2014/04/04 18:01:17 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/04/03 22:29:17 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014/03/25 20:22:40 | 005,302,384 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (CmdAgent)
SRV - [2014/03/25 20:22:16 | 001,663,192 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2014/03/15 04:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/28 23:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/06 10:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/08/21 09:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Admin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014/04/04 18:54:26 | 000,566,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2014/04/04 18:01:19 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/04/04 18:01:19 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/04/04 18:01:19 | 000,180,760 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/04/04 18:01:19 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/04/04 18:01:19 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/04/04 18:01:19 | 000,067,264 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/04/04 18:01:19 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/03/25 20:22:50 | 000,092,656 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2014/03/25 20:22:50 | 000,043,728 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2014/03/25 20:22:48 | 000,607,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2014/03/25 20:22:48 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2013/12/06 10:47:12 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/10/01 20:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 17:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 17:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 17:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 17:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/13 18:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009/03/06 11:52:00 | 007,545,088 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005/11/08 15:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/11/08 15:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/11/08 15:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWAZL.sys -- (HSFHWAZL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-CA
IE - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC F5 63 36 9A 4F CF 01 [binary data]
IE - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2016.82
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/04 18:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/04/03 21:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2014/04/04 19:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\yk8py79e.default\extensions
[2014/04/03 21:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2014/04/03 21:55:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/04 18:01:19 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: Google Wallet = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/04/06 07:13:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\Windows\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-811221372-2198457851-1441504835-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-811221372-2198457851-1441504835-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 47.55.55.55 142.166.166.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83A967BC-B179-4662-BC85-2206CCDD72C9}: DhcpNameServer = 47.55.55.55 142.166.166.166
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/12/15 01:21:26 | 000,765,952 | R--- | M] (Quarium, Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001/11/22 00:59:50 | 000,000,053 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/06 09:59:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\toshiba
[2014/04/06 08:08:39 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/06 07:56:04 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/06 07:52:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2014/04/06 07:52:11 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Admin\Desktop\JRT.exe
[2014/04/06 07:15:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/04/06 07:15:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/04/06 07:15:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp
[2014/04/06 07:06:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/04/06 07:06:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/04/06 07:06:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/04/06 07:05:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/04/06 07:05:39 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/04/06 06:56:11 | 005,195,663 | R--- | C] (Swearware) -- C:\Users\Admin\Desktop\NotCF.exe
[2014/04/06 06:24:03 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Admin\Desktop\iExplore.exe
[2014/04/06 06:23:31 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Admin\Desktop\rkill.exe
[2014/04/05 15:49:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\OpenOffice
[2014/04/05 13:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2014/04/05 13:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2014/04/05 10:19:56 | 000,107,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/04/05 10:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/05 10:19:30 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/04/05 10:19:30 | 000,051,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/05 10:19:30 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/04/05 10:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/05 10:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/05 09:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2014/04/05 09:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2014/04/05 09:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2014/04/05 09:36:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Audacity
[2014/04/05 09:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2014/04/05 09:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/04/05 09:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/04/05 09:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/04/05 09:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/05 09:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/04/04 23:27:25 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DonationCoder
[2014/04/04 23:27:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\DonationCoder
[2014/04/04 22:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
[2014/04/04 22:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2014/04/04 22:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\ScreenshotCaptor
[2014/04/04 22:46:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs
[2014/04/04 19:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/04/04 19:14:15 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/04/04 19:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/04/04 19:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[2014/04/04 19:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\TOSHIBA
[2014/04/04 18:59:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\WinBatch
[2014/04/04 18:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2014/04/04 18:17:22 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2014/04/04 18:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2014/04/04 18:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2014/04/04 18:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2014/04/04 18:02:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\AVAST Software
[2014/04/04 18:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/04/04 18:01:49 | 000,067,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/04/04 18:01:40 | 000,776,976 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/04/04 18:01:39 | 000,411,552 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/04/04 18:01:34 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/04/04 18:01:32 | 000,081,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/04/04 18:01:21 | 000,271,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/04/04 18:01:19 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/04 17:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/04/04 17:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/04/04 17:51:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Secunia PSI
[2014/04/04 17:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2014/04/03 23:44:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2014/04/03 23:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
[2014/04/03 23:44:56 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2014/04/03 23:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/04/03 23:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/04/03 23:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/04/03 23:43:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\vlc
[2014/04/03 23:42:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe
[2014/04/03 23:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/03 23:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/04/03 23:15:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/04/03 23:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2014/04/03 22:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/04/03 22:58:09 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/04/03 22:41:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014/04/03 22:00:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Skype
[2014/04/03 22:00:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Skype
[2014/04/03 21:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/04/03 21:59:52 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014/04/03 21:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/04/03 21:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/04/03 21:53:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2014/04/03 21:53:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Mozilla
[2014/04/03 21:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/04/03 21:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/04/03 21:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/04/03 20:46:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Adobe
[2014/04/03 20:35:11 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2014/04/03 20:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2014/04/03 20:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\mp3DirectCut
[2014/04/03 20:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/04/03 20:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/04/03 19:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/04/03 19:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/04/03 19:40:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/04/03 19:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/04/03 19:34:22 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Google
[2014/04/03 19:33:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Apps
[2014/04/03 19:33:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Deployment
[2014/04/02 23:25:32 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/02 23:25:32 | 000,000,000 | R--D | C] -- C:\Users\Admin\Searches
[2014/04/02 23:25:32 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/02 23:25:32 | 000,000,000 | -H-D | C] -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/02 23:25:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Identities
[2014/04/02 23:25:14 | 000,000,000 | R--D | C] -- C:\Users\Admin\Contacts
[2014/04/02 23:24:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VirtualStore
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Voisinage réseau
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Voisinage d'impression
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Temporary Internet Files
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\SendTo
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Recent
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Modèles
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Mes vidéos
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Menu Démarrer
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Local Settings
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Historique
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Cookies
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Application Data
[2014/04/02 23:24:53 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Application Data
[2014/04/02 23:24:52 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Mes images
[2014/04/02 23:24:52 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Mes documents
[2014/04/02 23:24:52 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Ma musique
[2014/04/02 23:24:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft
[2014/04/02 23:24:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2014/04/02 23:24:51 | 000,000,000 | --SD | C] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Videos
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Saved Games
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Pictures
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Music
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Links
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Favorites
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Downloads
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Documents
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\Desktop
[2014/04/02 23:24:51 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/02 23:24:51 | 000,000,000 | -H-D | C] -- C:\Users\Admin\AppData
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2014/04/02 23:24:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2014/04/02 23:24:31 | 000,000,000 | ---D | C] -- C:\Recovery
[2014/04/02 22:35:23 | 000,000,000 | ---D | C] -- C:\Boot
[2014/04/02 19:21:03 | 000,000,000 | ---D | C] -- C:\Bureau2014
[2014/04/02 17:54:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/04/02 17:40:01 | 000,000,000 | ---D | C] -- C:\Windows.old
[2014/04/02 16:59:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/04/02 16:56:48 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/03/25 20:22:50 | 000,092,656 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2014/03/25 20:22:50 | 000,043,728 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2014/03/25 20:22:48 | 000,607,168 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2014/03/25 20:22:48 | 000,020,072 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2014/03/25 20:22:38 | 000,363,504 | ---- | C] (COMODO) -- C:\Windows\System32\guard32.dll
[2014/03/25 20:22:38 | 000,036,000 | ---- | C] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2014/03/25 20:22:26 | 000,284,888 | ---- | C] (COMODO) -- C:\Windows\System32\cmdvrt32.dll
[2014/03/25 20:22:24 | 000,040,664 | ---- | C] (COMODO) -- C:\Windows\System32\cmdkbd32.dll
[2014/03/12 14:38:02 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014/03/07 20:51:40 | 000,000,000 | ---D | C] -- C:\Intel

========== Files - Modified Within 30 Days ==========

[2014/04/06 10:08:44 | 000,747,154 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/04/06 10:08:44 | 000,653,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/04/06 10:08:44 | 000,149,646 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/04/06 10:08:44 | 000,121,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/04/06 08:47:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/06 08:10:56 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:10:56 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:03:50 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/06 08:03:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/06 08:03:25 | 2414,485,504 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 07:52:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2014/04/06 07:52:26 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Admin\Desktop\JRT.exe
[2014/04/06 07:51:42 | 001,426,178 | ---- | M] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2014/04/06 07:13:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/04/06 07:05:35 | 005,195,663 | R--- | M] (Swearware) -- C:\Users\Admin\Desktop\NotCF.exe
[2014/04/06 06:24:01 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Admin\Desktop\iExplore.exe
[2014/04/06 06:23:37 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Admin\Desktop\rkill.exe
[2014/04/05 13:14:18 | 000,001,915 | ---- | M] () -- C:\Users\Public\Desktop\Medal of Honor Allied Assault.lnk
[2014/04/05 11:24:38 | 000,000,432 | ---- | M] () -- C:\Users\Admin\Desktop\Connexion réseau sans fil - Raccourci.lnk
[2014/04/05 11:24:17 | 000,002,197 | ---- | M] () -- C:\Users\Admin\Desktop\Connexion réseau.lnk
[2014/04/05 10:19:38 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 09:46:54 | 000,001,138 | ---- | M] () -- C:\Users\Admin\Desktop\Auslogics DiskDefrag.lnk
[2014/04/05 09:36:29 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/04/04 23:27:25 | 000,000,058 | ---- | M] () -- C:\Users\Admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2014/04/04 22:47:23 | 000,001,072 | ---- | M] () -- C:\Users\Admin\Desktop\Screenshot Captor.lnk
[2014/04/04 19:17:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2014/04/04 19:15:55 | 001,060,424 | ---- | M] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2014/04/04 18:19:08 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2014/04/04 18:02:23 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/04 18:01:19 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/04/04 18:01:19 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/04/04 18:01:19 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/04/04 18:01:19 | 000,180,760 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/04/04 18:01:19 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/04/04 18:01:19 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/04/04 18:01:19 | 000,067,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/04/04 18:01:19 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/04/04 18:01:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/04 17:51:03 | 000,001,075 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/04/03 23:45:04 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/04/03 23:44:57 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
[2014/04/03 23:44:57 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2014/04/03 23:41:51 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/03 22:43:05 | 000,295,200 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/04/03 21:59:53 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/04/03 21:55:28 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/03 21:08:32 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/04/03 20:35:12 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/04/03 20:07:20 | 000,001,434 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/03 20:03:15 | 000,001,024 | ---- | M] () -- C:\Users\Admin\Desktop\mp3DirectCut.lnk
[2014/04/03 20:00:15 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/03 19:50:42 | 000,002,234 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/03 19:40:47 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/03 09:51:14 | 000,051,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/04/02 23:30:55 | 000,376,332 | RHS- | M] () -- C:\IGJDZ
[2014/04/02 17:53:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/04/02 17:04:48 | 000,206,497 | ---- | M] () -- C:\Windows\System32\license.rtf
[2014/04/02 17:04:48 | 000,000,197 | RHS- | M] () -- C:\BOOT.INI
[2014/03/25 20:22:50 | 000,092,656 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2014/03/25 20:22:50 | 000,043,728 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2014/03/25 20:22:48 | 000,607,168 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2014/03/25 20:22:48 | 000,020,072 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2014/03/25 20:22:38 | 000,363,504 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2014/03/25 20:22:38 | 000,036,000 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2014/03/25 20:22:26 | 000,284,888 | ---- | M] (COMODO) -- C:\Windows\System32\cmdvrt32.dll
[2014/03/25 20:22:24 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\System32\cmdkbd32.dll

========== Files Created - No Company Name ==========

[2014/04/06 07:51:28 | 001,426,178 | ---- | C] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2014/04/06 07:06:00 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/04/06 07:06:00 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/04/06 07:06:00 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/04/06 07:06:00 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/04/06 07:06:00 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/04/05 13:14:18 | 000,001,915 | ---- | C] () -- C:\Users\Public\Desktop\Medal of Honor Allied Assault.lnk
[2014/04/05 11:24:38 | 000,000,432 | ---- | C] () -- C:\Users\Admin\Desktop\Connexion réseau sans fil - Raccourci.lnk
[2014/04/05 11:20:58 | 000,002,197 | ---- | C] () -- C:\Users\Admin\Desktop\Connexion réseau.lnk
[2014/04/05 10:19:38 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 09:46:54 | 000,001,138 | ---- | C] () -- C:\Users\Admin\Desktop\Auslogics DiskDefrag.lnk
[2014/04/05 09:36:29 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014/04/05 09:36:29 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/04/04 23:27:25 | 000,000,058 | ---- | C] () -- C:\Users\Admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2014/04/04 22:47:23 | 000,001,072 | ---- | C] () -- C:\Users\Admin\Desktop\Screenshot Captor.lnk
[2014/04/04 19:17:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2014/04/04 19:14:16 | 000,430,080 | ---- | C] () -- C:\Windows\System32\TOSCDSPD.cpl
[2014/04/04 18:19:08 | 000,001,870 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2014/04/04 18:02:23 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/04 18:01:44 | 000,180,760 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/04/04 18:01:37 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/04/04 17:51:03 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/04/04 17:51:02 | 000,001,038 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2014/04/03 23:45:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/04/03 23:45:04 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/04/03 23:44:57 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
[2014/04/03 23:44:57 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2014/04/03 23:41:51 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/03 22:47:51 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/04/03 21:59:53 | 000,002,685 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/04/03 21:53:26 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/03 21:53:25 | 000,001,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/03 21:08:32 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/04/03 20:35:12 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/04/03 20:12:18 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/03 20:03:15 | 000,001,024 | ---- | C] () -- C:\Users\Admin\Desktop\mp3DirectCut.lnk
[2014/04/03 20:00:15 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/03 19:40:47 | 000,002,234 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/03 19:40:47 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/03 19:35:01 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/03 19:34:57 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/03 19:21:34 | 000,001,434 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/02 23:30:55 | 000,376,332 | RHS- | C] () -- C:\IGJDZ
[2014/04/02 23:25:34 | 000,001,440 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/02 23:24:52 | 000,000,290 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/02 23:24:52 | 000,000,272 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/04/02 22:35:39 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014/04/02 22:35:24 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2014/04/02 17:04:03 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/04/02 17:03:34 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/04/02 16:55:00 | 2414,485,504 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 17:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/04/05 09:37:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2014/04/04 18:02:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVAST Software
[2014/04/04 23:27:25 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DonationCoder
[2014/04/03 23:44:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2014/04/05 15:49:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice
[2014/04/06 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\toshiba
[2014/04/04 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WinBatch

========== Purity Check ==========



< End of report >

 

[Broni]

Did certificates issues get solved after correcting your computer date?

OTL logs are clean.

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Click on "Run ESET Online Scanner" button.
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[needhelp51]

Tempcleaner seemed to worked but sadly it crashed after the words 'completed' appeared, desktop was not restored, computer did not ask for reboot, I waited a long time, eventually tried 'exit', waited again, and nothing, had to reboot manually.

Certificates problem were indeed solved by changing computer time in BIOS. In retrospect, I guess I must have accidently reset my CMOS/BIOS or something cause I did open up my laptop for dust cleanup on that day. Never figured it was possible, lol. Sorry for the false alarm on this particular matter.

However two drivers loaded at boot still show as 'unknown signature' (sorry for potentially incorrect translation) and I get a pop-up at each boot. I got them from Toshiba, and when I look in device manager, those drivers seem properly 'signed'. Do you think it's an issue? The two files are chdaudpropshortcut.exe (seemingly related to audio driver) and syntpenh.exe (seemingly related to Synaptics pointer device).

Here is securitycheck log:

Results of screen317's Security Check version 0.99.81
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.9016)
CCleaner
Java 7 Update 51
Adobe Reader XI
Mozilla Firefox (28.0)
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Here is Farbar log:

Farbar Service Scanner Version: 25-02-2014
Ran by Admin (administrator) on 08-04-2014 at 08:12:53
Running from "C:\Users\Admin\Desktop"
Microsoft Windows 7 Professionnel Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2014-04-03 21:05] - [2014-04-03 21:05] - 0338944 ____A (Microsoft Corporation) F81BB7E487EDCEAB630A7EE66CF23913

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2014-04-03 21:05] - [2014-04-03 21:05] - 1294272 ____A (Microsoft Corporation) CA59F7C570AF70BC174F477CFE2D9EE3

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2014-04-03 21:03] - [2013-07-09 00:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9

C:\Program Files\Windows Defender\MpSvc.dll
[2014-04-03 21:29] - [2013-05-27 00:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Eset came out ok, thus, no log.

 

[Broni]

What is the exact message about those two drivers?
They look legit.

 

[needhelp51]

My pop-ups are in french, so I don't think they would ring a bell. So by googling, I found the english equivalent of those kind of pop-ups and put my info in there. Here's how they go:

Open File - Security Warning
The Publisher could not be verified. Are you sure you want to run this software?
Name: c:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Publisher: Unknown publisher
Type: Application
De C:\App.exe

RUN / CANCEL (choice buttons)

(checkbox) Always ask before opening this file

...

And same message for c:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

[Broni]

See if this will help: http://www.sevenforums.com/tutorials/124367-open-file-security-warning-unblock-file.html

 

[needhelp51]

I used technique #2 and I no longer get the alarm for any of them. If they are legit, everything is fine.

Is my computer clean now? Do I need to clean up some tools?