RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : Utilisateur [Droits d'admin] Mode : Recherche -- Date : 04/30/2014 16:18:32 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 11 ¤¤¤ [IFEO] HKLM\[...]\Del_CD_ROM.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\InstallWTGService.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\InternetEverywhere.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\InternetEverywhere_SMSMMS.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\OSU.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\WTGService.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [IFEO] HKLM\[...]\WTGVistaUtil.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 1 ¤¤¤ [FF][PUP] mc0758te.default-1393239399875 : Ads Removal ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (AppCacheCheckManifest) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA0D2BC) [Address] EAT @explorer.exe (AppCacheCloseHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA0A1D8) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31BE0) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31C38) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA0A2BC) [Address] EAT @explorer.exe (AppCacheFinalize) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31C90) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31CE8) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA75488) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA38570) [Address] EAT @explorer.exe (AppCacheFreeSpace) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31DCC) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31E24) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31E7C) [Address] EAT @explorer.exe (AppCacheGetGroupList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA75464) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31ED4) [Address] EAT @explorer.exe (AppCacheGetInfo) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB31F2C) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA0BB30) [Address] EAT @explorer.exe (AppCacheLookup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA256B8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA15F8C) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9CBF24) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D1F50) [Address] EAT @explorer.exe (CreateMD5SSOHash) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB09180) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA33808) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA336B8) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA15CC0) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA77200) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA771DC) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB32E4C) [Address] EAT @explorer.exe (DeleteIE3Cache) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB37394) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA38BE0) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA294D0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA3BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA3BD40) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA3A1B0) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB32F4C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF0270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF0694) [Address] EAT @explorer.exe (DispatchAPICall) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B14E8) [Address] EAT @explorer.exe (DllCanUnloadNow) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA2DC70) [Address] EAT @explorer.exe (DllGetClassObject) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9C7470) [Address] EAT @explorer.exe (DllInstall) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA6CD10) [Address] EAT @explorer.exe (DllRegisterServer) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2E30) [Address] EAT @explorer.exe (DllUnregisterServer) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2E64) [Address] EAT @explorer.exe (FindCloseUrlCache) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B553C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D183C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9BE8C8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA2C580) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B64A0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9C89FC) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA32DE0) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D1CA0) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9BEB5C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA2C704) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB3318C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB3335C) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9C8680) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB3352C) [Address] EAT @explorer.exe (ForceNexusLookup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB09390) [Address] EAT @explorer.exe (ForceNexusLookupExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB093E0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33648) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA378B8) [Address] EAT @explorer.exe (FtpCommandA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADD968) [Address] EAT @explorer.exe (FtpCommandW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1494) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADDA4C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1630) [Address] EAT @explorer.exe (FtpDeleteFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADDAEC) [Address] EAT @explorer.exe (FtpDeleteFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1798) [Address] EAT @explorer.exe (FtpFindFirstFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADDB8C) [Address] EAT @explorer.exe (FtpFindFirstFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1900) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADDDF8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1AD8) [Address] EAT @explorer.exe (FtpGetFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADDEB8) [Address] EAT @explorer.exe (FtpGetFileEx) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1C60) [Address] EAT @explorer.exe (FtpGetFileSize) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE0DC) [Address] EAT @explorer.exe (FtpGetFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1DF4) [Address] EAT @explorer.exe (FtpOpenFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE36C) [Address] EAT @explorer.exe (FtpOpenFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1EF8) [Address] EAT @explorer.exe (FtpPutFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE44C) [Address] EAT @explorer.exe (FtpPutFileEx) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE1F88) [Address] EAT @explorer.exe (FtpPutFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE20EC) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE7CC) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE21C0) [Address] EAT @explorer.exe (FtpRenameFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE86C) [Address] EAT @explorer.exe (FtpRenameFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE231C) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDADE920) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE253C) [Address] EAT @explorer.exe (GetProxyDllInfo) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAC8D3C) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33868) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA373F4) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA2B510) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33B04) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33CBC) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1AB20) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA19C80) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB33F04) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB3416C) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9E36A0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherCreateLocatorW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherFindFirstFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherFindFirstFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherGetAttributeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherGetAttributeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherOpenFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (GopherOpenFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9DC8C0) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9E2A20) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF5078) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1BD00) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1BE60) [Address] EAT @explorer.exe (HttpEndRequestA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA156C0) [Address] EAT @explorer.exe (HttpEndRequestW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF5714) [Address] EAT @explorer.exe (HttpGetServerCredentials) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB0D5FC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD7BD4) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA26090) [Address] EAT @explorer.exe (HttpOpenRequestA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF5D6C) [Address] EAT @explorer.exe (HttpOpenRequestW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9DABE0) [Address] EAT @explorer.exe (HttpPushClose) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD88B4) [Address] EAT @explorer.exe (HttpPushEnable) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD8964) [Address] EAT @explorer.exe (HttpPushWait) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD89BC) [Address] EAT @explorer.exe (HttpQueryInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9DF8B0) [Address] EAT @explorer.exe (HttpQueryInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9EF3A0) [Address] EAT @explorer.exe (HttpSendRequestA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA72A14) [Address] EAT @explorer.exe (HttpSendRequestExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF5814) [Address] EAT @explorer.exe (HttpSendRequestExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA154A4) [Address] EAT @explorer.exe (HttpSendRequestW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9E287C) [Address] EAT @explorer.exe (HttpWebSocketClose) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB05E40) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB063CC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB05F88) [Address] EAT @explorer.exe (HttpWebSocketReceive) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB06878) [Address] EAT @explorer.exe (HttpWebSocketSend) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB06DBC) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB0707C) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA004A4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12440) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12618) [Address] EAT @explorer.exe (InternetAttemptConnect) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACCC48) [Address] EAT @explorer.exe (InternetAutodial) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD1EF0) [Address] EAT @explorer.exe (InternetAutodialCallback) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAC955C) [Address] EAT @explorer.exe (InternetAutodialHangup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD1F88) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACCCB0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE0CC) [Address] EAT @explorer.exe (InternetCheckConnectionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACCDBC) [Address] EAT @explorer.exe (InternetCheckConnectionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE1DC) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF67F8) [Address] EAT @explorer.exe (InternetCloseHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D8400) [Address] EAT @explorer.exe (InternetCombineUrlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD288) [Address] EAT @explorer.exe (InternetCombineUrlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D4DA8) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB133E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB133E4) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA6FA00) [Address] EAT @explorer.exe (InternetConnectA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD3A0) [Address] EAT @explorer.exe (InternetConnectW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9E1460) [Address] EAT @explorer.exe (InternetCrackUrlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9FC300) [Address] EAT @explorer.exe (InternetCrackUrlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA31DD0) [Address] EAT @explorer.exe (InternetCreateUrlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD4CC) [Address] EAT @explorer.exe (InternetCreateUrlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D4880) [Address] EAT @explorer.exe (InternetDial) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2018) [Address] EAT @explorer.exe (InternetDialA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2018) [Address] EAT @explorer.exe (InternetDialW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD20D0) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF6804) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF686C) [Address] EAT @explorer.exe (InternetErrorDlg) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB1349C) [Address] EAT @explorer.exe (InternetFindNextFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE0DF0) [Address] EAT @explorer.exe (InternetFindNextFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAE3160) [Address] EAT @explorer.exe (InternetFortezzaCommand) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD8A14) [Address] EAT @explorer.exe (InternetFreeCookies) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA11254) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA43098) [Address] EAT @explorer.exe (InternetGetCertByURL) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B21A8) [Address] EAT @explorer.exe (InternetGetCertByURLA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B21A8) [Address] EAT @explorer.exe (InternetGetConnectedState) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D3FF0) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA761B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA761B4) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F12A4) [Address] EAT @explorer.exe (InternetGetCookieA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7B40) [Address] EAT @explorer.exe (InternetGetCookieEx2) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA11224) [Address] EAT @explorer.exe (InternetGetCookieExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7B64) [Address] EAT @explorer.exe (InternetGetCookieExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1126C) [Address] EAT @explorer.exe (InternetGetCookieW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7E70) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD564) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE2D0) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF6950) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF69A0) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA42DE0) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD704) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE48C) [Address] EAT @explorer.exe (InternetGoOnline) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD217C) [Address] EAT @explorer.exe (InternetGoOnlineA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD217C) [Address] EAT @explorer.exe (InternetGoOnlineW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2220) [Address] EAT @explorer.exe (InternetHangUp) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD22B8) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9CA100) [Address] EAT @explorer.exe (InternetLockRequestFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1B8D0) [Address] EAT @explorer.exe (InternetOpenA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F46D0) [Address] EAT @explorer.exe (InternetOpenUrlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD81C) [Address] EAT @explorer.exe (InternetOpenUrlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE590) [Address] EAT @explorer.exe (InternetOpenW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F4540) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D0660) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD8A74) [Address] EAT @explorer.exe (InternetQueryOptionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D6F40) [Address] EAT @explorer.exe (InternetQueryOptionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D74F0) [Address] EAT @explorer.exe (InternetReadFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F01F0) [Address] EAT @explorer.exe (InternetReadFileExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA26D90) [Address] EAT @explorer.exe (InternetReadFileExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA26D00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB127F0) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12960) [Address] EAT @explorer.exe (InternetSetCookieA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7E90) [Address] EAT @explorer.exe (InternetSetCookieEx2) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7EB8) [Address] EAT @explorer.exe (InternetSetCookieExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7F18) [Address] EAT @explorer.exe (InternetSetCookieExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9FBDA0) [Address] EAT @explorer.exe (InternetSetCookieW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF7FBC) [Address] EAT @explorer.exe (InternetSetDialState) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2338) [Address] EAT @explorer.exe (InternetSetDialStateA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2338) [Address] EAT @explorer.exe (InternetSetDialStateW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD2390) [Address] EAT @explorer.exe (InternetSetFilePointer) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA7763C) [Address] EAT @explorer.exe (InternetSetOptionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D5EB0) [Address] EAT @explorer.exe (InternetSetOptionExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACEBA4) [Address] EAT @explorer.exe (InternetSetOptionExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACECA0) [Address] EAT @explorer.exe (InternetSetOptionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9D6370) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF6A38) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAF6AD0) [Address] EAT @explorer.exe (InternetSetStatusCallback) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F64B0) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA3B9BC) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACD8B0) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDACE73C) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA27860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA27860) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA8D9A8) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA73590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA73590) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA734C0) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA1B644) [Address] EAT @explorer.exe (InternetWriteFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA15760) [Address] EAT @explorer.exe (InternetWriteFileExA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (InternetWriteFileExW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F9E94) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB343A0) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA773E4) [Address] EAT @explorer.exe (LoadUrlCacheContent) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAEA424) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12AD0) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9FD40C) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA6CF94) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA146E4) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB344F0) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B2A20) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDAD13F8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34600) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB347DC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB349B4) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA75FD0) [Address] EAT @explorer.exe (RunOnceUrlCache) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9B21A8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34BB8) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34CEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34DEC) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9F89B0) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA08EE8) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB34FB8) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35174) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35364) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35524) [Address] EAT @explorer.exe (ShowCertificate) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12AD0) [Address] EAT @explorer.exe (ShowClientAuthCerts) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12AD0) [Address] EAT @explorer.exe (ShowSecurityInfo) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12AF0) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB12C80) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35644) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB3577C) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA3FA10) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB358BC) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB359DC) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35A34) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35A80) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD9BEC5C) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA38948) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA78A90) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA40A60) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35AD8) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA2C358) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35B30) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35B88) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35BE8) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35C40) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35C98) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB35CF8) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDA22E78) [Address] EAT @explorer.exe (UrlZonesDetach) : WS2_32.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDB0D998) [Address] EAT @explorer.exe (DllCanUnloadNow) : Wlanapi.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF8003D60) [Address] EAT @explorer.exe (DllGetClassObject) : Wlanapi.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF8001A74) [Address] EAT @explorer.exe (DllRegisterServer) : Wlanapi.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF8006070) [Address] EAT @explorer.exe (DllUnregisterServer) : Wlanapi.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF8006278) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : PUP ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 www.allo-reparateurs.fr 127.0.0.1 www.annuaire-plombiers.com 127.0.0.1 www.taxis-tel.com 127.0.0.1 www.plombiers-tel.com 127.0.0.1 www.serruriers-tel.com 127.0.0.1 www.professionnels-depannage.fr 127.0.0.1 www.allo-commercants.fr 127.0.0.1 www.allo-fleuriste.fr 127.0.0.1 www.allo-garagistes.fr 127.0.0.1 www.allo-soins-beaute.fr 127.0.0.1 www.allo-restaurateur.fr 127.0.0.1 www.leshoraires.fr 127.0.0.1 www.annuaire-fleuriste.com 127.0.0.1 www.annuaire-opticien.fr 127.0.0.1 www.i-restaurant.fr 127.0.0.1 www.fleuriste-tel.com 127.0.0.1 www.garagistes-tel.com 127.0.0.1 www.traiteurs-tel.com 127.0.0.1 www.aurestaurant.com 127.0.0.1 www.professionnels-bien-etre.fr [...] ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD10EADS-22M2B0 +++++ --- User --- [MBR] 4d149869f54f4f0628d78985fbdc46b5 [BSP] 40834f226b93e22e649bbcc50e719e9b : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31680180 | Size: 200404 MB 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 442108800 | Size: 737993 MB User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] e4799bb7febb8bf2673b10b384c4858a [BSP] 5e795db819a92db0873ecac1a9b26398 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32518144 | Size: 100001 MB 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 237320192 | Size: 837990 MB +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) WDC WD20EARS-00J2GB0 +++++ --- User --- [MBR] 8cd6c3c8254b663a56a0576731a54302 [BSP] 9c540087b734bb4ca9cd6c9473e47b4c : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ SCSI) WDC WD10EADS-22M2B0 +++++ --- User --- [MBR] 1706f7e5ef45d46d86fe899cb79e3dfb [BSP] a2b69bc8021a0cc56bad00a9e9787573 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[0]_S_04302014_161832.txt >>