> Tous les forums > Forum Sécurité
 virus win32/ramnit cSujet résolu
Ajouter un message à la discussion
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]
lemezidonais
  Posté le 13/04/2014 @ 21:58 
Aller en bas de la page 
Petit astucien

bonjour a tous

mon pc me trouve des virus toutes les 10 secondes et impossible de les suprimer

comment doi-je proceder

merci de vos conseils
Publicité
pcastuces
 Posté le 13/04/2014 à 22:06 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Equipe PC Astuces

Bonsoir,


S.V.P., appliquez cette procédure à la lettre : Aide au diagnostic d'un pc infecté (PC Astuces) en cliquant sur le lien ci dessous

https://forum.pcastuces.com/aide_au_diagnostic_un_pc_infecte_pcastuces-f25s17490.htm


Utilisez la commande Insérer un rapport (en bas de page, suite au dernier message), pour poster le rapport ZHPDiag (qui est trop lourd)
Le lien du rapport est automatiquement inséré à votre discussion (donc, pas de lien à copier/coller)
Pour les autres rapports (ex. MBAM, AD-R, USBFix, etc.) copiez/collez sur votre sujet.

A bientôt.

Pierre95
 Posté le 13/04/2014 à 22:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour, fais ce que te dis l'équipe PC Astuce.

Par contre, temporairement n'utilise pas la commande Insérer un Rapport suite à une panne sur le serveur.

Héberges plutôt le rapport ZHPDiag sur CJOINT en mettant diffusion privé et période 21 jours. et en nous faisant un copier coller de ton lien internet.

Pierre95

lemezidonais
 Posté le 13/04/2014 à 22:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Fichier joint : AdwCleaner[S1].txt

Pierre95
 Posté le 13/04/2014 à 22:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Regarde ce que je t'ai dit plus haut. heberges tes rapports sur CJOINT.

Ton rapport est inaccessible et illisible

lemezidonais
 Posté le 13/04/2014 à 23:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

lemezidonais
 Posté le 13/04/2014 à 23:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Anonyme
 Posté le 14/04/2014 à 00:07 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonjour

  1. sauf votre respect cette machine est une véritable poubelle
  2. j'ose espérer pour vous que c'est un faux positif d'avira.
  3. Sauvez/gravez vos données personnelles sur un support CD/DVD (sauf les.EXE, .DLL et .HTML)

Il n'est pas simple de désinfecter un PC touché par RAMNIT et dans certains cas, le formatage est obligatoire si l'infection a pris trop d'ampleur.

1) il manque le rapport Malwarebytes, supprimez/mettez tout en quarantaine à l'issue. Postez le rapport.

.

2)


Logiciels à désinstaller: Superflu, Adwares et failles de sécurité.


  • Kaspersky Security Scan v12.0.1.340
  • Boxore Client
  • SaveSense
  • Delta
  • ValueApps
  • AdobeFlash Player 11 Plugin
  • AdobeReader. X





3)



image ZHPFix


  • Il est trés important de copier toutes les lignes.
  • Le script doit comporter obligatoirement comme première ligne : Script ZHPFix.
  • A l'aide de votre souris (avec le pointeur de la souris et clic gauche maintenu)
  • Parcourez et sélectionnez toutes les lignes ci dessous
  • Ensuite, copiez les. (avec le clic droit de la souris, sélectionnez "Copier" dans le menu contextuel).

    EXEMPLE
    image


    Lignes à copier

    Code
    Script ZHPFix
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847
    O4 - GS\QuickLaunch [patricia]: SpeedUpMyPC.lnk . (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\Launcher.exe
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Lyric Star Update.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers1st.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers_period.job
    O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E365FDA-909F-4939-838A-261DD468D862}
    O42 - Logiciel: SaveSense - (.SaveSense.) [HKCU][64Bits] -- SaveSense
    O42 - Logiciel: Delta - (.DeltaInstaller.) [HKLM][64Bits] -- {48C46AB8-3499-4976-9017-9BE52365443E}
    O42 - Logiciel: ValueApps - (.Conduit.) [HKCU][64Bits] -- ValueApps
    O43 - CFD: 09/03/2013 - 11:52:45 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
    O43 - CFD: 23/01/2013 - 20:47:26 - [0,017] ----D C:\Users\patricia\AppData\Roaming\CRDeltaTB
    MD5.410FDF467D6039152172C7214F57877E] [WIS][21/01/2013] (.DeltaInstaller - Delta.) -- C:\Windows\Installer\aa15c9b.msi
    O90 - PUC: "8BA64C84994367940971B95E325644E3" . (.Delta.) -- C:\windows\Installer\{48C46AB8-3499-4976-9017-9BE52365443E}\Delta.ico
    O90 - PUC: "FA26994B9BACED4478924A63F944ABD0" . (.MixiDJ Chrome Toolbar.) -- C:\windows\Installer\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}\Delta.ico
    O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\WINDOWS\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico
    [HKLM\Software\Wow6432Node\mamverifier]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps]
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}]
    [HKLM\Software\Classes\Installer\Features\8BA64C84994367940971B95E325644E3]
    [HKLM\Software\Classes\Installer\Products\8BA64C84994367940971B95E325644E3]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8BA64C84994367940971B95E325644E3]
    [HKLM\Software\Wow6432Node\Classes\Installer\Features\8BA64C84994367940971B95E325644E3]
    [HKLM\Software\Wow6432Node\Classes\Installer\Products\8BA64C84994367940971B95E325644E3]
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{48C46AB8-3499-4976-9017-9BE52365443E}]
    HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
    HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
    HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
    HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E365FDA-909F-4939-838A-261DD468D862}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED]
    [HKLM\Software\Classes\Installer\Features\FA26994B9BACED4478924A63F944ABD0]
    [HKLM\Software\Classes\Installer\Products\FA26994B9BACED4478924A63F944ABD0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA26994B9BACED4478924A63F944ABD0]
    [HKLM\Software\Wow6432Node\Classes\Installer\Features\FA26994B9BACED4478924A63F944ABD0]
    [HKLM\Software\Wow6432Node\Classes\Installer\Products\FA26994B9BACED4478924A63F944ABD0]
    [HKCU\Software\AppDataLow\Software\LyricStar]
    [HKCU\Software\Optimizer Elite Max]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A]
    [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C776EBEBCBCFBE408892EE7B12517FC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C776EBEBCBCFBE408892EE7B12517FC]
    [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111271167}]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD]
    C:\Program Files (x86)\PC Registry Shield
    C:\Program Files (x86)\vGrabber-software
    C:\Users\patricia\AppData\Local\Software
    C:\Windows\Tasks\Lyric Star Update.job
    C:\Windows\Tasks\PCHelpers1st.job
    C:\Windows\Tasks\PCHelpers_period.job
    C:\Windows\Installer\2d8f4fd6.msi
    C:\Windows\Installer\573e391.msi
    Proxyfix
    ShortcutFix
    SysRestore
    EmptyTemp
    EmptyFlash
    EmptyCLSID
    EmptyPrefetch
    FirewallRaz




  • Double-cliquez sur le raccourci du programme "ZHPFix" qui est sur votre bureau.
  • Dans l'interface du logiciel qui s'est ouvert, cliquez sur "Importer" pour transférer les lignes copiées.



    image


  • Si le script n'est pas conforme : Un avertissement s'affiche.
  • Si le script est conforme : Le texte copié est affiché dans ZHPFix.



    image


  • Vérifiez bien que le script que vous voyez dans ZHPFix correspond aux lignes copiées.
  • Fermez vos applications en cours (navigateur internet compris) sauf ZHPFix
  • Cliquez sur le bouton « GO » pour lancer le nettoyage.
  • Confirmez ce nettoyage en cliquant sur "OUI" dans les deux fenêtres suivantes.



    image
    image


  • Ce traitement peut durer jusqu'à plusieurs minutes avant le nettoyage proprement dit des lignes du script.
  • Le nettoyage s'effectue, ne touchez à rien pendant cette étape, si le programme demande un redémarrage du pc > faites le !
  • A l'issue un rapport ZHPFix.txt s'affiche dans la zone de rapport de l'interface et dans le bloc note Windows.
  • Le rapport ZHPFix.txt est aussi sauvegardé sur le Bureau Windows.
  • Postez le contenu de ce rapport par copier/coller.
  • Vous pouvez fermer ZHPFix et le bloc note par la croix rouge en haut à droite des deux fenêtres.






4)



image Junkware Removal Tool (de Thisisu)


  • Téléchargez Junkware Removal Tool et enregistrez le sur votre ordinateur : Lien direct
  • Quittez tous les programmes en cours.
  • Avec Windows Vista / 7 / 8 et 8.1 , faites un clic droit -> lancez le programme en tant qu'administrateur
  • Avec Windows XP lancez simplement Junkware Removal Tool en cliquant dessus.
  • L'outil de suppression va maintenant commencer son travail, et à l'invite de commande, vous aurez besoin d'appuyer sur une touche de votre clavier pour confirmer votre choix.



    image



  • Veuillez être patient(e) car les processus (sauvegarde Erunt et suppression des malveillants) peuvent prendre un certain temps (jusqu'à 10 minutes) en fonction des spécifications de votre système.
  • Votre bureau va disparaitre provisoirement lors du travail de l'outil, ne paniquez pas car c'est normal et attendu.
  • Lorsque l'analyse est terminée, le rapport JRT.txt s'ouvre automatiquement dans le bloc note, un copie se trouve aussi dans le même dossier que Junkware Removal Tool.



    image



  • Postez ce rapport par copier/coller.





5)



image RogueKiller (de Tigzy)


  • Téléchargez et enregistrez RogueKiller sur votre bureau.


    Vous avez une version 64 bit de Windows alors téléchargez cette version : RogueKillerX64.exe


  • Quittez tous les programmes en cours
  • Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
  • Sinon lancez simplement RogueKiller.exe en cliquant dessus.
  • 1) Attendez la fin du Prescan ...
  • 2) Cliquez sur "Scan" et patientez...



    image


    Cliquez sur Accept pour l'acceptation du Eula.


    image

  • Fermez votre navigateur qui s'est ouvert sur la page de l'éditeur du programme.
  • A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
  • Postez ce rapport par copier/coller.
  • Ne redémarrez pas l'ordinateur




Australien



Modifié par Anonyme le 14/04/2014 08:51
Anonyme
 Posté le 14/04/2014 à 09:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonjour

procédure complétée et éditée.

Australien

Publicité
lemezidonais
 Posté le 14/04/2014 à 10:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Fichier joint : ZHPFixReport.txt

lemezidonais
 Posté le 14/04/2014 à 10:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

lemezidonais
 Posté le 14/04/2014 à 10:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonjour voici le raport jrt et merci de votre aide

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by patricia on 14/04/2014 at 10:13:25,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2411507158-585462251-1782538567-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2411507158-585462251-1782538567-1001\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\ba086f2d38a8e1a47912955a68b3ad24



~~~ Files

Successfully deleted: [File] "C:\Users\patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Successfully deleted the following from C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\rfnloi9f.default\prefs.js

user_pref("extensions.AVIRA-V7C.domain", "\"avira.search.ask.com\"");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/04/2014 at 10:38:08,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Anonyme
 Posté le 14/04/2014 à 10:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

il me manque RogueKiller.

Australien

lemezidonais
 Posté le 14/04/2014 à 10:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

dsl voici le raport

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : patricia [Droits d'admin]
Mode : Recherche -- Date : 04/14/2014 10:54:14
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : RtsCM (RTSCM64.EXE [7]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Ongoing package check : "C:\Users\patricia\AppData\Roaming\VOPackage\VOPackage.exe" - /theartbeat [x] -> TROUVÉ
[V2][SUSP PATH] Updater12767.exe : C:\Users\patricia\AppData\Local\Updater12767\Updater12767.exe - /extensionid=12767 /extensionname="Tiger Savings" /chromeid=akdojefgphalhhkagafpcoakgboeokdl [x][x] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010)
[Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60)
[Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++
--- User ---
[MBR] 45aa31f7597bd6833f71e8489b9fca75
[BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_04142014_105414.txt >>




Anonyme
 Posté le 14/04/2014 à 11:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

re...

1)



image RogueKiller (de Tigzy)

  • Quittez tous les programmes en cours
  • Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
  • Sinon lancez simplement RogueKiller.exe en cliquant dessus.
  • 1) Attendez la fin du Prescan ...
  • 2) Cliquez sur "Suppression" et patientez...
  • A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
  • Postez ce rapport par copier/coller.
  • Ne redémarrez pas l'ordinateur




Recommencez avec....


  • Pour cette manipulation désactivez totalement Avira.
  • Quittez tous les programmes en cours
  • Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
  • Sinon lancez simplement RogueKiller.exe en cliquant dessus.
  • 1) Attendez la fin du Prescan ...
  • 2) Cliquez sur "Host RAZ" et patientez...
  • A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
  • Ré-activez Avira
  • Postez ce rapport par copier/coller.
  • Ne redémarrez pas l'ordinateur




2)



image ZHPFix


  • Il est trés important de copier toutes les lignes.
  • Le script doit comporter obligatoirement comme première ligne : Script ZHPFix.
  • A l'aide de votre souris (avec le pointeur de la souris et clic gauche maintenu)
  • Parcourez et sélectionnez toutes les lignes ci dessous
  • Ensuite, copiez les. (avec le clic droit de la souris, sélectionnez "Copier" dans le menu contextuel).

    EXEMPLE
    image


    Lignes à copier

    Code
    Script ZHPFix
    C:\Windows\Installer\aa15c9b.msi
    SysRestore




  • Double-cliquez sur le raccourci du programme "ZHPFix" qui est sur votre bureau.
  • Dans l'interface du logiciel qui s'est ouvert, cliquez sur "Importer" pour transférer les lignes copiées.



    image


  • Si le script n'est pas conforme : Un avertissement s'affiche.
  • Si le script est conforme : Le texte copié est affiché dans ZHPFix.



    image


  • Vérifiez bien que le script que vous voyez dans ZHPFix correspond aux lignes copiées.
  • Fermez vos applications en cours (navigateur internet compris) sauf ZHPFix
  • Cliquez sur le bouton « GO » pour lancer le nettoyage.
  • Confirmez ce nettoyage en cliquant sur "OUI" dans les deux fenêtres suivantes.



    image
    image


  • Ce traitement peut durer jusqu'à plusieurs minutes avant le nettoyage proprement dit des lignes du script.
  • Le nettoyage s'effectue, ne touchez à rien pendant cette étape, si le programme demande un redémarrage du pc > faites le !
  • A l'issue un rapport ZHPFix.txt s'affiche dans la zone de rapport de l'interface et dans le bloc note Windows.
  • Le rapport ZHPFix.txt est aussi sauvegardé sur le Bureau Windows.
  • Postez le contenu de ce rapport par copier/coller.
  • Vous pouvez fermer ZHPFix et le bloc note par la croix rouge en haut à droite des deux fenêtres.




Australien

lemezidonais
 Posté le 14/04/2014 à 11:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : patricia [Droits d'admin]
Mode : Recherche -- Date : 04/14/2014 10:54:14
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : RtsCM (RTSCM64.EXE [7]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Ongoing package check : "C:\Users\patricia\AppData\Roaming\VOPackage\VOPackage.exe" - /theartbeat [x] -> TROUVÉ
[V2][SUSP PATH] Updater12767.exe : C:\Users\patricia\AppData\Local\Updater12767\Updater12767.exe - /extensionid=12767 /extensionname="Tiger Savings" /chromeid=akdojefgphalhhkagafpcoakgboeokdl [x][x] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010)
[Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60)
[Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++
--- User ---
[MBR] 45aa31f7597bd6833f71e8489b9fca75
[BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_04142014_105414.txt >>




lemezidonais
 Posté le 14/04/2014 à 11:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : patricia [Droits d'admin]
Mode : HOSTS RAZ -- Date : 04/14/2014 11:23:02
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


54.225.95.126 pijgnnckopdlbejpjnmhebjpmdckdgik


¤¤¤ Nouveau fichier HOSTS: ¤¤¤
127.0.0.1 localhost


Termine : << RKreport[0]_H_04142014_112302.txt >>
RKreport[0]_D_04142014_110855.txt;RKreport[0]_S_04142014_105414.txt;RKreport[0]_S_04142014_112251.txt




Publicité
lemezidonais
 Posté le 14/04/2014 à 11:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

et voila le dernier raport

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by patricia at 14/04/2014 11:33:10
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (00mn 10s)

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
1 : Restauration Système


End of clean in 00mn 12s

========== Chemin de fichier rapport ==========
C:\Users\patricia\AppData\Roaming\ZHP\ZHPFix[R1].txt - 14/04/2014 09:06:17 [26444]
C:\Users\patricia\AppData\Roaming\ZHP\ZHPFix[R2].txt - 14/04/2014 11:33:21 [595]

Anonyme
 Posté le 14/04/2014 à 11:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

OK

un controle maintenant.

1)


image Defogger (de jpshortstuff)


  • Téléchargez et enregistrez Defogger sur votre Bureau
  • Cliquez sur Defogger pour le lancer
  • Une fenêtre apparait : cliquez sur "Disable" pour désactiver les logiciels d'émulation.
  • Faites redémarrer l'ordinateur si l'outil vous le demande.
  • Quand nous aurons terminé la désinfection, vous pourrez réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable".





2)



image RogueKiller (de Tigzy)

  • Quittez tous les programmes en cours
  • Sous Windows Vista et ultérieur, clic droit -> lancez le programme en tant qu'administrateur
  • Sinon lancez simplement RogueKiller.exe en cliquant dessus.
  • 1) Attendez la fin du Prescan ...
  • 2) Cliquez sur "Recherche" et patientez...
  • A l'issue RKreport[0].txt sera généré sur le bureau. On peut également l'ouvrir avec le bouton "Rapport".
  • Postez ce rapport par copier/coller.
  • Ne redémarrez pas l'ordinateur






Australien



Modifié par Anonyme le 14/04/2014 11:37
lemezidonais
 Posté le 14/04/2014 à 11:57 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : patricia [Droits d'admin]
Mode : Recherche [Annulé] -- Date : 04/14/2014 11:55:00
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010)
[Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60)
[Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

Termine : << RKreport[0]_S_04142014_115500.txt >>
RKreport[0]_D_04142014_110855.txt;RKreport[0]_H_04142014_112302.txt;RKreport[0]_S_04142014_105414.txt
RKreport[0]_S_04142014_112251.txt



Anonyme
 Posté le 14/04/2014 à 12:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

je vous demande de pas annuler la recherche, je tourne en rond.

Mode : Recherche [Annulé]

pour poster le bon rapport ouvrez le via RogueKiller

On peut également l'ouvrir avec le bouton "Rapport".

merci



Modifié par Anonyme le 14/04/2014 12:02
lemezidonais
 Posté le 14/04/2014 à 12:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : patricia [Droits d'admin]
Mode : Recherche -- Date : 04/14/2014 12:14:13
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931010)
[Address] EAT @explorer.exe (DllGetClassObject) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A931E60)
[Address] EAT @explorer.exe (DllRegisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A9730B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : wpncore.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x3A973114)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A21F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368FBB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369156B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36923808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369236B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36967200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369671DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A27394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369194D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A22F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E0694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B7470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36922DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368B8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369278B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CD968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D1F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D20EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D21C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369CE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369273F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36909C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A23F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D36A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D2A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369056C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368CF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368DF3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36962A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E5814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369054A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369F707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369B955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BCDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E67F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A033E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368D1460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EC300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36921DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C4880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A0349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D0DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369D3160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36933098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369661B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E12A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36901224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E69A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36932DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368BA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E46D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E4540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C74F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E01F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36916D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A027F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368EBDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E7FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3696763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368C6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369E6AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E64B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BD8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369BE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36917860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3697D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36963590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369634C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3690B644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36905760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E9E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A243A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369673E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369DA424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368ED40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3695CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369046E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A244F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369C13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A247DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A249B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36965FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368A21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368E89B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368F8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A24FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A02C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A2577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3692FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A258BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A259DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x368AEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36928948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36968A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36930A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x3691C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36A25CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x36912E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x369FD998)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547550A9E384 SATA Disk Device +++++
--- User ---
[MBR] 45aa31f7597bd6833f71e8489b9fca75
[BSP] 968dd1e1cac4cfd39338d0dda5b72d13 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_04142014_121413.txt >>
RKreport[0]_S_04142014_115500.txt



Anonyme
 Posté le 14/04/2014 à 12:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

OK.

>> comment se comporte la machine ?

>> un dernier contrôle

image eset Online scanner

  • Faites une analyse en ligne comme indiqué ci dessous et postez le rapport par copier/coller.
  • Dans le tutoriel, vous configurez le scanner pour une analyse seule. (pas de suppressions)
  • Aide en images


Modifié par Anonyme le 14/04/2014 12:21
Anonyme
 Posté le 14/04/2014 à 18:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonsoir

où en êtes vous ?

Australien

lemezidonais
 Posté le 15/04/2014 à 01:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir navrer pour le retard voila le resultat:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5e6390bfed53374caad77080c276d805
# engine=17886
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-14 06:31:55
# local_time=2014-04-14 08:31:55 )
# country="France"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 1184 99384 0 0
# compatibility_mode=5893 16776574 100 94 100250 3336489 0 0
# scanned=3519
# found=5
# cleaned=0
# scan_time=317
sh=1E09E14B1858EE3D5356C7FFB2A1EC4F34628F40 ft=1 fh=c71c00114be96104 vn="Win32/AdWare.SmartApps.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir"
sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir"
sh=40312EF2E83695DC45736038F3498053CCFF5CB0 ft=1 fh=abb767be298cd193 vn="a variant of Win32/AdWare.AddLyrics.Z application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\lyricstar.dll.vir"
sh=D5B2D14D3EDD25D56726CDBAAD6C7C2847BDD037 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\FF\chrome\content\main.js.vir"
sh=3F929E8FBF617661A0950D6C9AE5C30EBB0A4F8B ft=1 fh=ad4ae0bd6df1f6ad vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5e6390bfed53374caad77080c276d805
# engine=17886
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-14 11:15:19
# local_time=2014-04-15 01:15:19 )
# country="France"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 18188 116388 10835 0
# compatibility_mode=5893 16776574 100 94 117254 3353493 0 0
# scanned=205863
# found=21
# cleaned=0
# scan_time=16794
sh=1E09E14B1858EE3D5356C7FFB2A1EC4F34628F40 ft=1 fh=c71c00114be96104 vn="Win32/AdWare.SmartApps.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir"
sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir"
sh=FFC53B7A46588247E849AE45967C4D2BDB4808E2 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\chrome.crx.vir"
sh=40312EF2E83695DC45736038F3498053CCFF5CB0 ft=1 fh=abb767be298cd193 vn="a variant of Win32/AdWare.AddLyrics.Z application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\lyricstar.dll.vir"
sh=D5B2D14D3EDD25D56726CDBAAD6C7C2847BDD037 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LyricStar\FF\chrome\content\main.js.vir"
sh=3F929E8FBF617661A0950D6C9AE5C30EBB0A4F8B ft=1 fh=ad4ae0bd6df1f6ad vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=AA158E9C858FF8CE00ED09F1D0008675B2F5F2F9 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooLayers.crx.vir"
sh=AE45F7B8097021F6002E7C07B8C360CBC92054AB ft=1 fh=4cf31247e347244c vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{68F250EA-9638-4DCF-96C4-D68CC340EC48}\_Setupx.dll.vir"
sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=A21485A2FB163ECF1DD010622C454B6ABFD7D39D ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.111_0\contentscript.js.vir"
sh=A21485A2FB163ECF1DD010622C454B6ABFD7D39D ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb\1.111_1\contentscript.js.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir"
sh=9058662DA7921C2D4A33343B496BCAD7BDBD2B23 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\back.js.vir"
sh=9058662DA7921C2D4A33343B496BCAD7BDBD2B23 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\yl.js.vir"
sh=AB4C3E1E2499E4B197C79702DE645A86FA64AE2F ft=1 fh=5f0e9b2015900d6c vn="a variant of Win32/Adware.NaviPromo.AH application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\lollipop\Lollipop.exe.vir"
sh=B425D2CFF2D42C75E210F36519786F33B6A06B83 ft=1 fh=423723583d8fefff vn="Win32/AdWare.SmartApps.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Tiger Savings\gpedit.exe.vir"
sh=1E8A0D99E735ACEB6BFA6FC3A83B20B210DA08E3 ft=1 fh=3e1fc77e91d0bfdc vn="Win32/AdWare.SmartApps.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\Tiger Savings\SoftwareDetector.exe.vir"
sh=91120D33DA55A7303CC57F3618ACB57BDF7BDE21 ft=1 fh=72c677d6fd748954 vn="a variant of Win32/Adware.EoRezo.AJ application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\upt4pc_fr_30.exe.vir"
sh=E94A64C6C827C6C7418084F36D3FF5E4AA65F2BE ft=1 fh=5b9e7a24ca62f027 vn="Win32/Adware.EoRezo.AS application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\Download\majt4pc.exe.vir"
sh=BA6E20FFA0B62322BEEE198C928C4671CA55DE3D ft=1 fh=41bf9c5a7615e11a vn="Win32/AdWare.EoRezo.AU application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\patricia\AppData\Local\tuto4pc_fr_30\Download\setup_recover_tuto4pc_fr_86.exe.vir"

Anonyme
 Posté le 15/04/2014 à 08:14 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Bonjour

Très bien, toutes les détections sont déjà en quarantaine (celle de AdwCleaner).

Il vous faudra installer la bonne version de AdobeReader. si vous avez désinstallé la version X comme demandé : Télécharger AdobeReader.

  • comment se comporte la machine ?

j'attends votre réponse pour vous donner les dernières directives.

Australien



Modifié par Anonyme le 15/04/2014 08:31
Publicité
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
444,00 €Unité centrale Shinobee (Ryzen 3, 16 Go de RAM, SSD 500 Go, Radeon R7 4 Go, Windows 10) à 444 €
Valable jusqu'au 24 Septembre

Amazon fait une promotion sur l'unité centrale Shinobee qui passe à 444 € livrée gratuitement. Cette tour d'ordinateur possède un processeur AMD Ryzen 3 4300GE (4 coeurs / 8 threads), 16 Go de mémoire DDR4, un SSD de 500 Go, une carte graphique AMD Radeon R7 4 Go, un graveur DVD, un adapteur WiFi et tourne sous Windows 10 Pro 64 bits en français.

La tour dispose de 6 ports USB 2.0, 1 port USB 3.0, d'un port Ethernet et d'une prise Jack pour y raccorder des haut-parleurs. Rajoutez simplement un écran (comme cet écran Huawei 24 pouces IPS à 119,99 €), un clavier et une souris (comme ce pack Logitech MK270 à 29,99 €) pour avoir un ordinateur complet largement suffisant pour de la bureautique, Internet, le multimédia et les jeux en HD (Fortnite, Apex, ... tournent sans problème). Une belle affaire qui est garantie 2 ans. 

> Voir l'offre
52,99 €SSD WD Black SN750 500 Go (NMVe M.2, 3470 Mo/s) à 52,99 € avec le code SEPT
Valable jusqu'au 22 Septembre

Cdiscount fait une promotion sur le SSD WD Black SN750 500 Go (NMVe M.2) qui passe à 52,99 € avec le code promo SEPT alors qu'on le trouve ailleurs à partir de 74 €. Ce SSD utilise une interface M.2 NVMe PCIe Gen3 x 4 pour une connexion simple et des performances exceptionnelles : jusqu’à 3 470 Mo/s en lecture séquentielle et jusqu’à 3 000 Mo/s en écriture séquentielle. Le SSD est doté de la technologie 3D TLC NAND haute densité offrant une endurance d’écriture durable et assorti d’une garantie de cinq ans.

> Voir l'offre
35,69 €Clavier Microsoft Ergonomic à 35,69 €
Valable jusqu'au 22 Septembre

Amazon fait une promotion sur le clavier Microsoft Ergonomic qui passe à 35,69 € au lieu de 65,99 €. Sa forme naturelle arquée protège votre poignet et votre main des tensions, et améliore votre rythme de saisie pour accroître votre nombre de mots par minute. De plus, le repose-poignet rembourré et ergonomique, recouvert d'un tissu haut de gamme, apporte un confort non négligeable tout au long de la journée et une position neutre des poignets.

> Voir l'offre

Sujets relatifs
Virus win32/Small.CA !
sujet de mick80 sur virus win32 : dropper-gen
virus win32: somoto-j
Win32:Evo-gen Virus ?
PC infecté par le virus Win32/Small.CA
Virus variante de WIN32/spy.zbot.zr
Windows 7 : virus win32/Small.CA
Virus win32/sirefef-GG
Virus win32:Kavos[trj]
virus win32.genericBT impossible a retirer
Plus de sujets relatifs à virus win32/ramnit c
 > Tous les forums > Forum Sécurité