|
 Posté le 13/04/2014 @ 21:58 |
| bonjour a tous
mon pc me trouve des virus toutes les 10 secondes et impossible de les suprimer
comment doi-je proceder
merci de vos conseils
|
|
|
|
|
|
Posté le 13/04/2014 à 22:06 |
Equipe PC Astuces
|
Bonsoir,
S.V.P., appliquez cette procédure à la lettre : Aide au diagnostic d'un pc infecté (PC Astuces) en cliquant sur le lien ci dessous
https://forum.pcastuces.com/aide_au_diagnostic_un_pc_infecte_pcastuces-f25s17490.htm
Utilisez la commande Insérer un rapport (en bas de page, suite au dernier message), pour poster le rapport ZHPDiag (qui est trop lourd) Le lien du rapport est automatiquement inséré à votre discussion (donc, pas de lien à copier/coller) Pour les autres rapports (ex. MBAM, AD-R, USBFix, etc.) copiez/collez sur votre sujet.
A bientôt. |
|
Posté le 13/04/2014 à 22:32 |
| Bonjour, fais ce que te dis l'équipe PC Astuce.
Par contre, temporairement n'utilise pas la commande Insérer un Rapport suite à une panne sur le serveur.
Héberges plutôt le rapport ZHPDiag sur CJOINT en mettant diffusion privé et période 21 jours. et en nous faisant un copier coller de ton lien internet.
Pierre95 |
|
Posté le 13/04/2014 à 22:37 |
| |
|
Posté le 13/04/2014 à 22:53 |
| Regarde ce que je t'ai dit plus haut. heberges tes rapports sur CJOINT.
Ton rapport est inaccessible et illisible |
|
Posté le 13/04/2014 à 23:01 |
| |
|
Posté le 13/04/2014 à 23:03 |
| |
|
Posté le 14/04/2014 à 00:07 |
Nouvel astucien
| Bonjour
- sauf votre respect cette machine est une véritable poubelle
- j'ose espérer pour vous que c'est un faux positif d'avira.
- Sauvez/gravez vos données personnelles sur un support CD/DVD (sauf les.EXE, .DLL et .HTML)
Il n'est pas simple de désinfecter un PC touché par RAMNIT et dans certains cas, le formatage est obligatoire si l'infection a pris trop d'ampleur.
1) il manque le rapport Malwarebytes, supprimez/mettez tout en quarantaine à l'issue. Postez le rapport.
.
2) Logiciels à désinstaller: Superflu, Adwares et failles de sécurité.
- Kaspersky Security Scan v12.0.1.340
- Boxore Client
- SaveSense
- Delta
- ValueApps
- AdobeFlash Player 11 Plugin
- AdobeReader. X
3) ZHPFix
4) Junkware Removal Tool (de Thisisu)
- Téléchargez Junkware Removal Tool et enregistrez le sur votre ordinateur : Lien direct
- Quittez tous les programmes en cours.
- Avec Windows Vista / 7 / 8 et 8.1 , faites un clic droit -> lancez le programme en tant qu'administrateur
- Avec Windows XP lancez simplement Junkware Removal Tool en cliquant dessus.
- L'outil de suppression va maintenant commencer son travail, et à l'invite de commande, vous aurez besoin d'appuyer sur une touche de votre clavier pour confirmer votre choix.

- Veuillez être patient(e) car les processus (sauvegarde Erunt et suppression des malveillants) peuvent prendre un certain temps (jusqu'à 10 minutes) en fonction des spécifications de votre système.
- Votre bureau va disparaitre provisoirement lors du travail de l'outil, ne paniquez pas car c'est normal et attendu.
- Lorsque l'analyse est terminée, le rapport JRT.txt s'ouvre automatiquement dans le bloc note, un copie se trouve aussi dans le même dossier que Junkware Removal Tool.

- Postez ce rapport par copier/coller.
5) RogueKiller (de Tigzy)
- Téléchargez et enregistrez RogueKiller sur votre bureau.
Vous avez une version 64 bit de Windows alors téléchargez cette version : RogueKillerX64.exe
- Quittez tous les programmes en cours
- Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
- Sinon lancez simplement RogueKiller.exe en cliquant dessus.
- 1) Attendez la fin du Prescan ...
- 2) Cliquez sur "Scan" et patientez...
 Cliquez sur Accept pour l'acceptation du Eula. 
- Fermez votre navigateur qui s'est ouvert sur la page de l'éditeur du programme.
- A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
- Postez ce rapport par copier/coller.
- Ne redémarrez pas l'ordinateur
Australien
Modifié par Anonyme le 14/04/2014 08:51 |
|
Posté le 14/04/2014 à 09:52 |
Nouvel astucien
| Bonjour
procédure complétée et éditée.
Australien |
|
|
|
|
|
Posté le 14/04/2014 à 10:10 |
| |
|
Posté le 14/04/2014 à 10:11 |
| |
|
Posté le 14/04/2014 à 10:40 |
| bonjour voici le raport jrt et merci de votre aide
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 8.1 x64 Ran by patricia on 14/04/2014 at 10:13:25,33 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\vafplayer Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2411507158-585462251-1782538567-1001\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2411507158-585462251-1782538567-1001\Software\wajam Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\ba086f2d38a8e1a47912955a68b3ad24
~~~ Files
Successfully deleted: [File] "C:\Users\patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ FireFox
Successfully deleted the following from C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\rfnloi9f.default\prefs.js
user_pref("extensions.AVIRA-V7C.domain", "\"avira.search.ask.com\"");
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 14/04/2014 at 10:38:08,22 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
Posté le 14/04/2014 à 10:43 |
Nouvel astucien
| il me manque RogueKiller.
Australien |
|
Posté le 14/04/2014 à 10:56 |
| dsl voici le raport
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com
Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : patricia [Droits d'admin] Mode : Recherche -- Date : 04/14/2014 10:54:14 | ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤ [RUN][SUSP PATH] HKLM\[...]\Run : RtsCM (RTSCM64.EXE [7]) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤ [V2][SUSP PATH] Ongoing package check : "C:\Users\patricia\AppData\Roaming\VOPackage\VOPackage.exe" - /theartbeat [x] -> TROUVÉ [V2][SUSP PATH] Updater12767.exe : C:\Users\patricia\AppData\Local\Updater12767\Updater12767.exe - /extensionid=12767 /extensionname="Tiger Savings" /chromeid=akdojefgphalhhkagafpcoakgboeokdl [x][x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010) [Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60) [Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0) [Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114) [Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC) [Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC) [Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570) [Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C) [Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4) [Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30) [Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50) [Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C) [Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694) [Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8) [Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70) [Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470) [Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10) [Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30) [Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64) [Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C) [Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390) [Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8) [Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968) [Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630) [Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC) [Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798) [Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C) [Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8) [Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8) [Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60) [Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC) [Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4) [Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C) [Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8) [Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C) [Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88) [Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0) [Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C) [Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C) [Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60) [Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0) [Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714) [Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090) [Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C) [Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0) [Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4) [Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964) [Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC) [Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0) [Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0) [Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14) [Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814) [Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4) [Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C) [Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88) [Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878) [Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618) [Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48) [Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0) [Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C) [Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC) [Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC) [Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8) [Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400) [Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288) [Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00) [Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0) [Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460) [Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300) [Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0) [Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC) [Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880) [Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C) [Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C) [Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0) [Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160) [Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14) [Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098) [Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4) [Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40) [Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224) [Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64) [Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C) [Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C) [Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220) [Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100) [Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0) [Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0) [Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C) [Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590) [Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74) [Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40) [Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0) [Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0) [Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90) [Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960) [Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90) [Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8) [Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18) [Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0) [Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC) [Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390) [Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C) [Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0) [Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4) [Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0) [Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0) [Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644) [Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760) [Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4) [Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0) [Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524) [Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78) [Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts
54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++ --- User --- [MBR] 45aa31f7597bd6833f71e8489b9fca75 [BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB User = LL1 ... OK! User = LL2 ... OK!
Termine : << RKreport[0]_S_04142014_105414.txt >>
|
|
Posté le 14/04/2014 à 11:02 |
Nouvel astucien
| re...
1) RogueKiller (de Tigzy)
- Quittez tous les programmes en cours
- Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
- Sinon lancez simplement RogueKiller.exe en cliquant dessus.
- 1) Attendez la fin du Prescan ...
- 2) Cliquez sur "Suppression" et patientez...
- A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
- Postez ce rapport par copier/coller.
- Ne redémarrez pas l'ordinateur
Recommencez avec....
- Pour cette manipulation désactivez totalement Avira.
- Quittez tous les programmes en cours
- Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
- Sinon lancez simplement RogueKiller.exe en cliquant dessus.
- 1) Attendez la fin du Prescan ...
- 2) Cliquez sur "Host RAZ" et patientez...
- A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
- Ré-activez Avira
- Postez ce rapport par copier/coller.
- Ne redémarrez pas l'ordinateur
2) ZHPFix
Australien
|
|
Posté le 14/04/2014 à 11:24 |
| RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com
Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : patricia [Droits d'admin] Mode : Recherche -- Date : 04/14/2014 10:54:14 | ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤ [RUN][SUSP PATH] HKLM\[...]\Run : RtsCM (RTSCM64.EXE [7]) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤ [V2][SUSP PATH] Ongoing package check : "C:\Users\patricia\AppData\Roaming\VOPackage\VOPackage.exe" - /theartbeat [x] -> TROUVÉ [V2][SUSP PATH] Updater12767.exe : C:\Users\patricia\AppData\Local\Updater12767\Updater12767.exe - /extensionid=12767 /extensionname="Tiger Savings" /chromeid=akdojefgphalhhkagafpcoakgboeokdl [x][x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010) [Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60) [Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0) [Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114) [Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC) [Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC) [Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570) [Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C) [Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4) [Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30) [Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50) [Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C) [Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694) [Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8) [Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70) [Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470) [Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10) [Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30) [Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64) [Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C) [Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390) [Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8) [Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968) [Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630) [Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC) [Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798) [Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C) [Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8) [Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8) [Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60) [Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC) [Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4) [Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C) [Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8) [Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C) [Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88) [Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0) [Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C) [Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C) [Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60) [Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0) [Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714) [Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090) [Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C) [Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0) [Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4) [Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964) [Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC) [Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0) [Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0) [Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14) [Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814) [Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4) [Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C) [Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88) [Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878) [Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618) [Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48) [Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0) [Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C) [Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC) [Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC) [Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8) [Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400) [Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288) [Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00) [Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0) [Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460) [Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300) [Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0) [Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC) [Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880) [Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C) [Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C) [Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0) [Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160) [Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14) [Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098) [Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4) [Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40) [Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224) [Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64) [Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C) [Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C) [Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220) [Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100) [Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0) [Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0) [Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C) [Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590) [Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74) [Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40) [Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0) [Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0) [Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90) [Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960) [Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90) [Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8) [Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18) [Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0) [Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC) [Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390) [Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C) [Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0) [Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4) [Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0) [Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0) [Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644) [Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760) [Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4) [Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0) [Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524) [Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78) [Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts
54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++ --- User --- [MBR] 45aa31f7597bd6833f71e8489b9fca75 [BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB User = LL1 ... OK! User = LL2 ... OK!
Termine : << RKreport[0]_S_04142014_105414.txt >>
|
|
Posté le 14/04/2014 à 11:26 |
| RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com
Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : patricia [Droits d'admin] Mode : HOSTS RAZ -- Date : 04/14/2014 11:23:02 | ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts
54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik
¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost
Termine : << RKreport[0]_H_04142014_112302.txt >> RKreport[0]_D_04142014_110855.txt;RKreport[0]_S_04142014_105414.txt;RKreport[0]_S_04142014_112251.txt
|
|
|
|
|
|
Posté le 14/04/2014 à 11:35 |
| et voila le dernier raport
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014 Fichier d'export Registre : Run by patricia at 14/04/2014 11:33:10 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Corbeille vidée (00mn 10s)
========== Restauration Système ========== Point de restauration du système créé avec succès
========== Récapitulatif ========== 1 : Restauration Système
End of clean in 00mn 12s
========== Chemin de fichier rapport ========== C:\Users\patricia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 14/04/2014 09:06:17 [26444] C:\Users\patricia\AppData\Roaming\ZHP\ZHPFix[R2].txt - 14/04/2014 11:33:21 [595] |
|
Posté le 14/04/2014 à 11:37 |
Nouvel astucien
| OK
un controle maintenant.
1) Defogger (de jpshortstuff)
- Téléchargez et enregistrez Defogger sur votre Bureau
- Cliquez sur Defogger pour le lancer
- Une fenêtre apparait : cliquez sur "Disable" pour désactiver les logiciels d'émulation.
- Faites redémarrer l'ordinateur si l'outil vous le demande.
- Quand nous aurons terminé la désinfection, vous pourrez réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable".
2) RogueKiller (de Tigzy)
- Quittez tous les programmes en cours
- Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
- Sinon lancez simplement RogueKiller.exe en cliquant dessus.
- 1) Attendez la fin du Prescan ...
- 2) Cliquez sur "Recherche" et patientez...
- A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
- Postez ce rapport par copier/coller.
- Ne redémarrez pas l'ordinateur
Australien Modifié par Anonyme le 14/04/2014 11:37 |
|
Posté le 14/04/2014 à 11:57 |
| RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com
Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : patricia [Droits d'admin] Mode : Recherche [Annulé] -- Date : 04/14/2014 11:55:00 | ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010) [Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60) [Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0) [Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114) [Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC) [Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC) [Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570) [Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C) [Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4) [Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30) [Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50) [Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C) [Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694) [Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8) [Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70) [Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470) [Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10) [Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30) [Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64) [Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C) [Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390) [Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8) [Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968) [Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630) [Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC) [Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798) [Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C) [Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8) [Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8) [Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60) [Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC) [Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4) [Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C) [Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8) [Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C) [Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88) [Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0) [Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C) [Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C) [Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60) [Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0) [Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714) [Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090) [Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C) [Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0) [Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4) [Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964) [Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC) [Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0) [Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0) [Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14) [Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814) [Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4) [Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C) [Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88) [Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878) [Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618) [Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48) [Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0) [Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C) [Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC) [Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC) [Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8) [Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400) [Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288) [Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00) [Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0) [Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460) [Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300) [Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0) [Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC) [Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880) [Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C) [Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C) [Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0) [Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160) [Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14) [Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098) [Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4) [Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40) [Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224) [Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64) [Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C) [Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C) [Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220) [Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100) [Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0) [Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0) [Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C) [Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590) [Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74) [Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40) [Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0) [Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0) [Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90) [Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960) [Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90) [Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8) [Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18) [Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0) [Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC) [Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390) [Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C) [Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0) [Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4) [Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0) [Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0) [Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644) [Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760) [Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4) [Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0) [Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524) [Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78) [Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
Termine : << RKreport[0]_S_04142014_115500.txt >> RKreport[0]_D_04142014_110855.txt;RKreport[0]_H_04142014_112302.txt;RKreport[0]_S_04142014_105414.txt RKreport[0]_S_04142014_112251.txt
|
|
Posté le 14/04/2014 à 12:00 |
Nouvel astucien
| je vous demande de pas annuler la recherche, je tourne en rond.
Mode : Recherche [Annulé]
pour poster le bon rapport ouvrez le via RogueKiller
On peut également l'ouvrir avec le bouton "Rapport".
merci Modifié par Anonyme le 14/04/2014 12:02 |
|
Posté le 14/04/2014 à 12:18 |
| RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com
Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : patricia [Droits d'admin] Mode : Recherche -- Date : 04/14/2014 12:14:13 | ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010) [Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60) [Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0) [Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114) [Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC) [Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC) [Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570) [Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C) [Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4) [Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30) [Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50) [Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C) [Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694) [Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8) [Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70) [Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470) [Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10) [Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30) [Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64) [Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C) [Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390) [Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8) [Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968) [Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630) [Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC) [Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798) [Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C) [Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8) [Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8) [Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60) [Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC) [Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4) [Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C) [Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8) [Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C) [Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88) [Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0) [Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C) [Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C) [Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60) [Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0) [Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714) [Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090) [Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C) [Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0) [Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4) [Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964) [Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC) [Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0) [Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0) [Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14) [Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814) [Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4) [Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C) [Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88) [Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878) [Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618) [Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48) [Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0) [Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C) [Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC) [Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC) [Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8) [Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400) [Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288) [Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00) [Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0) [Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460) [Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300) [Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0) [Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC) [Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880) [Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018) [Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C) [Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C) [Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0) [Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160) [Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14) [Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098) [Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4) [Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40) [Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224) [Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64) [Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C) [Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C) [Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C) [Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220) [Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100) [Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0) [Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0) [Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C) [Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590) [Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74) [Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40) [Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0) [Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0) [Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90) [Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960) [Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90) [Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8) [Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18) [Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0) [Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC) [Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338) [Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390) [Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C) [Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0) [Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4) [Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0) [Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0) [Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644) [Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760) [Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4) [Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0) [Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524) [Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0) [Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78) [Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++ --- User --- [MBR] 45aa31f7597bd6833f71e8489b9fca75 [BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB User = LL1 ... OK! User = LL2 ... OK!
Termine : << RKreport[0]_S_04142014_121413.txt >> RKreport[0]_S_04142014_115500.txt
|
|
Posté le 14/04/2014 à 12:20 |
Nouvel astucien
| OK.
>> comment se comporte la machine ?
>> un dernier contrôle
eset Online scanner
- Faites une analyse en ligne comme indiqué ci dessous et postez le rapport par copier/coller.
- Dans le tutoriel, vous configurez le scanner pour une analyse seule. (pas de suppressions)
- Aide en images
Modifié par Anonyme le 14/04/2014 12:21 |
|
Posté le 14/04/2014 à 18:19 |
Nouvel astucien
| Bonsoir
où en êtes vous ?
Australien |
|
Posté le 15/04/2014 à 01:21 |
| bonsoir navrer pour le retard voila le resultat:
ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=5e6390bfed53374caad77080c276d805 # engine=17886 # end=stopped # remove_checked=false # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-04-14 06:31:55 # local_time=2014-04-14 08:31:55 ) # country="France" # lang=1033 # osver=6.2.9200 NT # compatibility_mode=1799 16775165 100 94 1184 99384 0 0 # compatibility_mode=5893 16776574 100 94 100250 3336489 0 0 # scanned=3519 # found=5 # cleaned=0 # scan_time=317 sh=1E09E14B1858EE3D5356C7FFB2A1EC4F34628F40 ft=1 fh=c71c00114be96104 vn="Win32/AdWare.SmartApps.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir" sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir" sh=40312EF2E83695DC45736038F3498053CCFF5CB0 ft=1 fh=abb767be298cd193 vn="a variant of Win32/AdWare.AddLyrics.Z application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\lyricstar.dll.vir" sh=D5B2D14D3EDD25D56726CDBAAD6C7C2847BDD037 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\FF\chrome\content\main.js.vir" sh=3F929E8FBF617661A0950D6C9AE5C30EBB0A4F8B ft=1 fh=ad4ae0bd6df1f6ad vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir" ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=5e6390bfed53374caad77080c276d805 # engine=17886 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-04-14 11:15:19 # local_time=2014-04-15 01:15:19 ) # country="France" # lang=1033 # osver=6.2.9200 NT # compatibility_mode=1799 16775165 100 94 18188 116388 10835 0 # compatibility_mode=5893 16776574 100 94 117254 3353493 0 0 # scanned=205863 # found=21 # cleaned=0 # scan_time=16794 sh=1E09E14B1858EE3D5356C7FFB2A1EC4F34628F40 ft=1 fh=c71c00114be96104 vn="Win32/AdWare.SmartApps.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir" sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir" sh=FFC53B7A46588247E849AE45967C4D2BDB4808E2 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\chrome.crx.vir" sh=40312EF2E83695DC45736038F3498053CCFF5CB0 ft=1 fh=abb767be298cd193 vn="a variant of Win32/AdWare.AddLyrics.Z application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\lyricstar.dll.vir" sh=D5B2D14D3EDD25D56726CDBAAD6C7C2847BDD037 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\FF\chrome\content\main.js.vir" sh=3F929E8FBF617661A0950D6C9AE5C30EBB0A4F8B ft=1 fh=ad4ae0bd6df1f6ad vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir" sh=AA158E9C858FF8CE00ED09F1D0008675B2F5F2F9 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooLayers.crx.vir" sh=AE45F7B8097021F6002E7C07B8C360CBC92054AB ft=1 fh=4cf31247e347244c vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{68F250EA-9638-4DCF-96C4-D68CC340EC48}\_Setupx.dll.vir" sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir" sh=A21485A2FB163ECF1DD010622C454B6ABFD7D39D ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.111_0\contentscript.js.vir" sh=A21485A2FB163ECF1DD010622C454B6ABFD7D39D ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.111_1\contentscript.js.vir" sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir" sh=9058662DA7921C2D4A33343B496BCAD7BDBD2B23 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir" sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\back.js.vir" sh=9058662DA7921C2D4A33343B496BCAD7BDBD2B23 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\yl.js.vir" sh=AB4C3E1E2499E4B197C79702DE645A86FA64AE2F ft=1 fh=5f0e9b2015900d6c vn="a variant of Win32/Adware.NaviPromo.AH application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\lollipop\Lollipop.exe.vir" sh=B425D2CFF2D42C75E210F36519786F33B6A06B83 ft=1 fh=423723583d8fefff vn="Win32/AdWare.SmartApps.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Tiger Savings\gpedit.exe.vir" sh=1E8A0D99E735ACEB6BFA6FC3A83B20B210DA08E3 ft=1 fh=3e1fc77e91d0bfdc vn="Win32/AdWare.SmartApps.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Tiger Savings\SoftwareDetector.exe.vir" sh=91120D33DA55A7303CC57F3618ACB57BDF7BDE21 ft=1 fh=72c677d6fd748954 vn="a variant of Win32/Adware.EoRezo.AJ application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\upt4pc_fr_30.exe.vir" sh=E94A64C6C827C6C7418084F36D3FF5E4AA65F2BE ft=1 fh=5b9e7a24ca62f027 vn="Win32/Adware.EoRezo.AS application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\Download\majt4pc.exe.vir" sh=BA6E20FFA0B62322BEEE198C928C4671CA55DE3D ft=1 fh=41bf9c5a7615e11a vn="Win32/AdWare.EoRezo.AU application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\Download\setup_recover_tuto4pc_fr_86.exe.vir" |
|
Posté le 15/04/2014 à 08:14 |
Nouvel astucien
| Bonjour
Très bien, toutes les détections sont déjà en quarantaine (celle de AdwCleaner).
Il vous faudra installer la bonne version de AdobeReader. si vous avez désinstallé la version X comme demandé : Télécharger AdobeReader.
- comment se comporte la machine ?
j'attends votre réponse pour vous donner les dernières directives.
Australien
Modifié par Anonyme le 15/04/2014 08:31 |
|
|
|
|
|