RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Chris [Admin rights]
Mode : Scan -- Date : 05/09/2014 08:29:00
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1274C)
[Address] EAT @explorer.exe (DllGetClassObject) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E14984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E18180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E12C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E18180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E12A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E13788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E12DC0)
[Address] EAT @explorer.exe (DwmFlush) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E126C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E11D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E18180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E18180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E11010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E16308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E111B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E16F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E169A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E17CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E110E8)
[Address] EAT @explorer.exe (DwmShowContact) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E13A90)
[Address] EAT @explorer.exe (DwmTetherContact) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E13A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E12320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E15FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E17710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E13760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E122E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : DUI70.dll -> HOOKED (C:\Windows\SYSTEM32\dwmapi.dll @ 0x66E1CE70)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FFA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FFB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FFD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FFE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FFF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662F0D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x663001A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x66300288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662F0EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x66300348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x66300648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x663009CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FCAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FCB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FCC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E8100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FCDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FCF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FC4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FD910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FDA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FDE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FDFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662FE0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E7BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662F1510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662F1680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E3070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E2270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E3BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x66300AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E58A0)
[Address] EAT @explorer.exe (EventGuidToName) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662EDE68)
[Address] EAT @explorer.exe (EventNameFree) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662EDEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E7BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E3600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E2680)
[Address] EAT @explorer.exe (GetSecurityInfo) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E1390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E3060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E3E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : VERSION.dll -> HOOKED (C:\Windows\SYSTEM32\ntmarta.dll @ 0x662E21B0)
[Address] EAT @explorer.exe (AsyncGetClassBits) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C73FC)
[Address] EAT @explorer.exe (CoInstall) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62975660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629780A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629646A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629643C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B5280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62931EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62940810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629F0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B53D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62979CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62932460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62978DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629751B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62971820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629656A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62941490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62977C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B5AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6294D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62974044)
[Address] EAT @explorer.exe (CopyBindInfo) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C3020)
[Address] EAT @explorer.exe (CopyStgMedium) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6293BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629886C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62973D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629568E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62933660)
[Address] EAT @explorer.exe (CreateURLMoniker) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629378D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629740F0)
[Address] EAT @explorer.exe (CreateUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629316F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62931600)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6297AB3C)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2458)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2470)
[Address] EAT @explorer.exe (Extract) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62966B60)
[Address] EAT @explorer.exe (FindMediaType) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62956080)
[Address] EAT @explorer.exe (FindMimeFromData) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629750BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629F02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298B8EC)
[Address] EAT @explorer.exe (GetClassURL) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6294C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629F8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1EA4)
[Address] EAT @explorer.exe (GetPropertyName) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62936D90)
[Address] EAT @explorer.exe (HlinkGoBack) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C12FC)
[Address] EAT @explorer.exe (IEDllLoader) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B26F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C3244)
[Address] EAT @explorer.exe (IEInstallScope) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629721FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629F0668)
[Address] EAT @explorer.exe (IsJITInProgress) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6294B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E8688)
[Address] EAT @explorer.exe (IsStringProperty) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B1ED4)
[Address] EAT @explorer.exe (IsValidURL) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62967610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629892F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629BDCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C7560)
[Address] EAT @explorer.exe (QueryAssociations) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6294E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6296F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62971C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B20C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62968C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62937D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6296FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B22CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629C3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629BDE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62973A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629F0820)
[Address] EAT @explorer.exe (URLDownloadA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B5CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6295A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6295EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B5D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6298C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629B2804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x62943E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6296D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x6295A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E85D0)
[Address] EAT @explorer.exe (ZonesReInit) : MrmCoreR.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0x629E9C30)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
127.0.0.1		rad.msn.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST33000651AS +++++
--- User ---
[MBR] d38b6916da66efd59c7e5271815979bf
[BSP] ee1ed7d36e26f171d2ef9f7d63f8d421 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) OCZ-AGILITY3 +++++
--- User ---
[MBR] 7bae2fefa50961069258150f1196760f
[BSP] 10b66749331def38f466e67f5da20369 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 57239 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) OCZ-VERTEX4 +++++
--- User ---
[MBR] 728941e2fbce2e85fdd3345154cf215e
[BSP] 05b0a50d5e5c386a25ebdac95b8f8bfb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 122102 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) WDC WD15EADS-00R6B0 +++++
--- User ---
[MBR] c6d5b34e59093b1c47c747a8882c53f6
[BSP] aee62bea84bfe181768a3b8c5fce6716 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05092014_082900.txt >>
RKreport[0]_D_05082014_094437.txt;RKreport[0]_S_05082014_094255.txt