Problème de lenteur internet
Skywalker78
Messages postés
22
Date d'inscription
Statut
Membre
Dernière intervention
-
Skywalker78 Messages postés 22 Date d'inscription Statut Membre Dernière intervention -
Skywalker78 Messages postés 22 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Je me permets de vous contacter car ma connexion internet a énormément ralenti ces derniers temps. J'ai effectué un analyse Anti-virus Avast et une analyse Anti-Malware mais aucun des deux logiciels n'a détecté d'anomalies. J'ai déjà eu ce problème il y a environ 8 mois à cause d'un virus (svchost) que je n'ai pas réussi à supprimer. J'avais "réglé" ce problème en formatant mon pc cependant j'ai l'impression que ce problème est en train de revenir et je souhaiterai, cette fois-ci, guérir mon ordinateur au lieu de le formater.
Pouvez-vous m'aider s'il vous plait?
Par avance merci.
Je me permets de vous contacter car ma connexion internet a énormément ralenti ces derniers temps. J'ai effectué un analyse Anti-virus Avast et une analyse Anti-Malware mais aucun des deux logiciels n'a détecté d'anomalies. J'ai déjà eu ce problème il y a environ 8 mois à cause d'un virus (svchost) que je n'ai pas réussi à supprimer. J'avais "réglé" ce problème en formatant mon pc cependant j'ai l'impression que ce problème est en train de revenir et je souhaiterai, cette fois-ci, guérir mon ordinateur au lieu de le formater.
Pouvez-vous m'aider s'il vous plait?
Par avance merci.
A voir également:
- Problème de lenteur internet
- Lenteur pc - Guide
- Gps sans internet - Guide
- D'où peut venir un problème de connexion internet sur un ordinateur ? - Guide
- Complete internet repair - Télécharger - Web & Internet
- Internet explorer 11 - Télécharger - Navigateurs
41 réponses
salut
pour en savoir plus sur ton problème, fait ceci et poste le rapport
télécharge zhpdiag sur ton bureau (outil de diagnostic)
le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
le tuto http://nicolascoolman.webs.com/tutorials.htm
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +
le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt
poste le rapport via ce lien https://www.cjoint.com/
aide en image >> clique ici
merci
@+
pour en savoir plus sur ton problème, fait ceci et poste le rapport
télécharge zhpdiag sur ton bureau (outil de diagnostic)
le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
le tuto http://nicolascoolman.webs.com/tutorials.htm
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +
le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt
poste le rapport via ce lien https://www.cjoint.com/
aide en image >> clique ici
merci
@+
Mat
Bonsoir, j'ai un petit problème avec mon ordi pop linux, quand j'allume l'écran reste noir et en haut à gauche il y'a un carré blanc avec écrit "mathias@pop" je ne sais pa comment faire pour me reconnecter a ma session.. Comment faire svp?
Mat
Bonsoir, j'ai un petit problème avec mon ordi pop linux, quand j'allume l'écran reste noir et en haut à gauche il y'a un carré blanc avec écrit "mathias@pop" je ne sais pa comment faire pour me reconnecter a ma session.. Comment faire svp?
re
ATTENTION: tu es limite au niveau % libre sur ton disque C:\
System drive C: has 59 GB (13%) free of 451 GB
==================================================
désinstalle spybot, il est obsolète et gène les outils de désinfection
https://www.safer-networking.org/fr/faq/comment-desinstaller-2/
==================================================
je te conseille de désinstaller les cr@cks que tu as dans le pc et de lire ceci
https://forum.malekal.com/viewtopic.php?t=893&start=
==================================================
télécharge et installe les dernières versions Adobe Flash Player et Adobe Reader
adobe reader
ps:décoche MCAFEE avant de le télécharger
adobe flash player 13
====================================================
fait ceci et poste le rapport
télécharge adwcleaner sur ton bureau
le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur Scanner puis patiente le temps du scan
une fois le scan terminé clique sur le bouton Nettoyer
clique sur rapport pour qu'il s'affiche sur ton bureau
le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt
poste le rapport via 1 copier/coller
merci
@+
ATTENTION: tu es limite au niveau % libre sur ton disque C:\
System drive C: has 59 GB (13%) free of 451 GB
==================================================
désinstalle spybot, il est obsolète et gène les outils de désinfection
https://www.safer-networking.org/fr/faq/comment-desinstaller-2/
==================================================
je te conseille de désinstaller les cr@cks que tu as dans le pc et de lire ceci
https://forum.malekal.com/viewtopic.php?t=893&start=
==================================================
télécharge et installe les dernières versions Adobe Flash Player et Adobe Reader
adobe reader
ps:décoche MCAFEE avant de le télécharger
adobe flash player 13
====================================================
fait ceci et poste le rapport
télécharge adwcleaner sur ton bureau
le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur Scanner puis patiente le temps du scan
une fois le scan terminé clique sur le bouton Nettoyer
clique sur rapport pour qu'il s'affiche sur ton bureau
le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt
poste le rapport via 1 copier/coller
merci
@+
Bonsoir,
voici le rapport adwcleaner :
# AdwCleaner v3.023 - Rapport créé le 15/04/2014 à 23:44:15
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Administrateur - REMY-PC
# Exécuté depuis : C:\Users\Administrateur\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (fr)
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\u747aiis.default\prefs.js ]
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7u8b29p.default-1387219965501\prefs.js ]
*************************
AdwCleaner[R2].txt - [5817 octets] - [07/04/2014 22:21:50]
AdwCleaner[R3].txt - [1081 octets] - [08/04/2014 19:12:45]
AdwCleaner[R4].txt - [1199 octets] - [10/04/2014 22:56:13]
AdwCleaner[R5].txt - [1320 octets] - [15/04/2014 23:42:53]
AdwCleaner[S2].txt - [5659 octets] - [07/04/2014 22:23:13]
AdwCleaner[S3].txt - [1143 octets] - [08/04/2014 19:14:06]
AdwCleaner[S4].txt - [1261 octets] - [10/04/2014 22:57:48]
AdwCleaner[S5].txt - [1241 octets] - [15/04/2014 23:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1301 octets] ##########
voici le rapport adwcleaner :
# AdwCleaner v3.023 - Rapport créé le 15/04/2014 à 23:44:15
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Administrateur - REMY-PC
# Exécuté depuis : C:\Users\Administrateur\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (fr)
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\u747aiis.default\prefs.js ]
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7u8b29p.default-1387219965501\prefs.js ]
*************************
AdwCleaner[R2].txt - [5817 octets] - [07/04/2014 22:21:50]
AdwCleaner[R3].txt - [1081 octets] - [08/04/2014 19:12:45]
AdwCleaner[R4].txt - [1199 octets] - [10/04/2014 22:56:13]
AdwCleaner[R5].txt - [1320 octets] - [15/04/2014 23:42:53]
AdwCleaner[S2].txt - [5659 octets] - [07/04/2014 22:23:13]
AdwCleaner[S3].txt - [1143 octets] - [08/04/2014 19:14:06]
AdwCleaner[S4].txt - [1261 octets] - [10/04/2014 22:57:48]
AdwCleaner[S5].txt - [1241 octets] - [15/04/2014 23:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1301 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
J'ai effectué toutes les manipulations, relancé adwcleaner et fait "désinstaller". Mais le problème est toujours présent. Ma connexion est toujours aussi aussi lente et mon ventilateur souffle très fort. De plus, j'ai constaté récemment que à chaque fois que j'éteins mon ordinateur, celui-ci effectue des mises à jour pendant la fermeture. Que dois-je faire?
J'ai effectué toutes les manipulations, relancé adwcleaner et fait "désinstaller". Mais le problème est toujours présent. Ma connexion est toujours aussi aussi lente et mon ventilateur souffle très fort. De plus, j'ai constaté récemment que à chaque fois que j'éteins mon ordinateur, celui-ci effectue des mises à jour pendant la fermeture. Que dois-je faire?
re
ok, fait ceci et poste le rapport
Télécharge roguekiller sur ton bureau
prends le x64,regarde l'image >> clique ici
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
merci
@+
ok, fait ceci et poste le rapport
Télécharge roguekiller sur ton bureau
prends le x64,regarde l'image >> clique ici
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
merci
@+
Bonsoir,
Voici le rapport RogueKiller :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 20:51:07
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Rappel Rapport : "C:\Users\Administrateur\Desktop\Stage fin d'étude\Ouverture Rapport.vbs" [x] -> TROUVÉ
[V2][SUSP PATH] Rémy's task : C:\Users\Administrateur\Desktop\mess.vbs [x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_205107.txt >>
Voici le rapport RogueKiller :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 20:51:07
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Rappel Rapport : "C:\Users\Administrateur\Desktop\Stage fin d'étude\Ouverture Rapport.vbs" [x] -> TROUVÉ
[V2][SUSP PATH] Rémy's task : C:\Users\Administrateur\Desktop\mess.vbs [x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_205107.txt >>
re
relance roguekiller ( laisse faire le pre_scan etc...) et clique sur "suppression"
poste le rapport via 1 copier/coller
merci
@+
relance roguekiller ( laisse faire le pre_scan etc...) et clique sur "suppression"
poste le rapport via 1 copier/coller
merci
@+
Bonsoir,
j'ai fait suppression et voici le rapport :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 22:42:14
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
[Address] EAT @firefox.exe (DllMain) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C916E4)
[Address] EAT @firefox.exe (NSPStartup) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C91D20)
[Address] EAT @firefox.exe (DllCanUnloadNow) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B3B)
[Address] EAT @firefox.exe (DllGetClassObject) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BE188E)
[Address] EAT @firefox.exe (DllGetVersion) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2982)
[Address] EAT @firefox.exe (DllRegisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C67DC5)
[Address] EAT @firefox.exe (DllUnregisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6818F)
[Address] EAT @firefox.exe (Migrate10CachedPackagesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C744)
[Address] EAT @firefox.exe (Migrate10CachedPackagesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6E1AC)
[Address] EAT @firefox.exe (MsiAdvertiseProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7257F)
[Address] EAT @firefox.exe (MsiAdvertiseProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C727D7)
[Address] EAT @firefox.exe (MsiAdvertiseProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D6C1)
[Address] EAT @firefox.exe (MsiAdvertiseProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D46F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78A3F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B641)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85903)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81057)
[Address] EAT @firefox.exe (MsiApplyPatchA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72D5D)
[Address] EAT @firefox.exe (MsiApplyPatchW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D943)
[Address] EAT @firefox.exe (MsiBeginTransactionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89441)
[Address] EAT @firefox.exe (MsiBeginTransactionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C839D4)
[Address] EAT @firefox.exe (MsiCloseAllHandles) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C900C3)
[Address] EAT @firefox.exe (MsiCloseHandle) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90015)
[Address] EAT @firefox.exe (MsiCollectUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71C3A)
[Address] EAT @firefox.exe (MsiCollectUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D16F)
[Address] EAT @firefox.exe (MsiConfigureFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71D5A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D70A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E41B)
[Address] EAT @firefox.exe (MsiConfigureFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D2B7)
[Address] EAT @firefox.exe (MsiConfigureProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F256)
[Address] EAT @firefox.exe (MsiConfigureProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DACA)
[Address] EAT @firefox.exe (MsiConfigureProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E891)
[Address] EAT @firefox.exe (MsiConfigureProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F581)
[Address] EAT @firefox.exe (MsiCreateAndVerifyInstallerDirectory) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEB2E1)
[Address] EAT @firefox.exe (MsiCreateRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91514)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C955D1)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948EF)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948A9)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91397)
[Address] EAT @firefox.exe (MsiDatabaseCommit) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90DEB)
[Address] EAT @firefox.exe (MsiDatabaseExportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94792)
[Address] EAT @firefox.exe (MsiDatabaseExportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91008)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9485D)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91270)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945FD)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93C54)
[Address] EAT @firefox.exe (MsiDatabaseImportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9472E)
[Address] EAT @firefox.exe (MsiDatabaseImportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90F1E)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94643)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90C8F)
[Address] EAT @firefox.exe (MsiDatabaseMergeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94817)
[Address] EAT @firefox.exe (MsiDatabaseMergeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91111)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945B7)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C902B7)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DA7B)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC6286)
[Address] EAT @firefox.exe (MsiDeleteUserDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A367)
[Address] EAT @firefox.exe (MsiDeleteUserDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C769EB)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D4C5)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C559)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D9D9)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C9E1)
[Address] EAT @firefox.exe (MsiDoActionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9613D)
[Address] EAT @firefox.exe (MsiDoActionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92D61)
[Address] EAT @firefox.exe (MsiEnableLogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7189B)
[Address] EAT @firefox.exe (MsiEnableLogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6FBE9)
[Address] EAT @firefox.exe (MsiEnableUIPreview) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C939CD)
[Address] EAT @firefox.exe (MsiEndTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83E11)
[Address] EAT @firefox.exe (MsiEnumClientsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEC96)
[Address] EAT @firefox.exe (MsiEnumClientsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85D6E)
[Address] EAT @firefox.exe (MsiEnumClientsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C813A7)
[Address] EAT @firefox.exe (MsiEnumClientsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD3647)
[Address] EAT @firefox.exe (MsiEnumComponentCostsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97847)
[Address] EAT @firefox.exe (MsiEnumComponentCostsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97A95)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CD6D)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD384D)
[Address] EAT @firefox.exe (MsiEnumComponentsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791B9)
[Address] EAT @firefox.exe (MsiEnumComponentsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85B08)
[Address] EAT @firefox.exe (MsiEnumComponentsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8121D)
[Address] EAT @firefox.exe (MsiEnumComponentsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7BA57)
[Address] EAT @firefox.exe (MsiEnumFeaturesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79C04)
[Address] EAT @firefox.exe (MsiEnumFeaturesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C259)
[Address] EAT @firefox.exe (MsiEnumPatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C897EB)
[Address] EAT @firefox.exe (MsiEnumPatchesExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84897)
[Address] EAT @firefox.exe (MsiEnumPatchesExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80E79)
[Address] EAT @firefox.exe (MsiEnumPatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8468E)
[Address] EAT @firefox.exe (MsiEnumProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79175)
[Address] EAT @firefox.exe (MsiEnumProductsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86313)
[Address] EAT @firefox.exe (MsiEnumProductsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81729)
[Address] EAT @firefox.exe (MsiEnumProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD559D)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79109)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B9EB)
[Address] EAT @firefox.exe (MsiEvaluateConditionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C961C6)
[Address] EAT @firefox.exe (MsiEvaluateConditionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C930C1)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84FAE)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84C22)
[Address] EAT @firefox.exe (MsiFormatRecordA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92A73)
[Address] EAT @firefox.exe (MsiFormatRecordW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92BF9)
[Address] EAT @firefox.exe (MsiGetActiveDatabase) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92639)
[Address] EAT @firefox.exe (MsiGetComponentPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7EEBD)
[Address] EAT @firefox.exe (MsiGetComponentPathExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86053)
[Address] EAT @firefox.exe (MsiGetComponentPathExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81559)
[Address] EAT @firefox.exe (MsiGetComponentPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC62DD)
[Address] EAT @firefox.exe (MsiGetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C971E3)
[Address] EAT @firefox.exe (MsiGetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C972DC)
[Address] EAT @firefox.exe (MsiGetDatabaseState) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90ED9)
[Address] EAT @firefox.exe (MsiGetFeatureCostA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C975FD)
[Address] EAT @firefox.exe (MsiGetFeatureCostW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97702)
[Address] EAT @firefox.exe (MsiGetFeatureInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70D1A)
[Address] EAT @firefox.exe (MsiGetFeatureInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F5EE)
[Address] EAT @firefox.exe (MsiGetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96CD5)
[Address] EAT @firefox.exe (MsiGetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96DC3)
[Address] EAT @firefox.exe (MsiGetFeatureUsageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A111)
[Address] EAT @firefox.exe (MsiGetFeatureUsageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C9BD)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97CC5)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C936EC)
[Address] EAT @firefox.exe (MsiGetFileHashA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71214)
[Address] EAT @firefox.exe (MsiGetFileHashW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA49)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7128C)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA9F)
[Address] EAT @firefox.exe (MsiGetFileVersionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70EF8)
[Address] EAT @firefox.exe (MsiGetFileVersionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73D2F)
[Address] EAT @firefox.exe (MsiGetLanguage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92727)
[Address] EAT @firefox.exe (MsiGetLastErrorRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D69)
[Address] EAT @firefox.exe (MsiGetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9279F)
[Address] EAT @firefox.exe (MsiGetPatchFileListA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D25D)
[Address] EAT @firefox.exe (MsiGetPatchFileListW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C88B6E)
[Address] EAT @firefox.exe (MsiGetPatchInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A24F)
[Address] EAT @firefox.exe (MsiGetPatchInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C855E9)
[Address] EAT @firefox.exe (MsiGetPatchInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85177)
[Address] EAT @firefox.exe (MsiGetPatchInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CAFB)
[Address] EAT @firefox.exe (MsiGetProductCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEADC)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7ED5F)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F353)
[Address] EAT @firefox.exe (MsiGetProductCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEE6C)
[Address] EAT @firefox.exe (MsiGetProductInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D362)
[Address] EAT @firefox.exe (MsiGetProductInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C865DE)
[Address] EAT @firefox.exe (MsiGetProductInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C818FF)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70880)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F132)
[Address] EAT @firefox.exe (MsiGetProductInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4273)
[Address] EAT @firefox.exe (MsiGetProductPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70B90)
[Address] EAT @firefox.exe (MsiGetProductPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F48B)
[Address] EAT @firefox.exe (MsiGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9596D)
[Address] EAT @firefox.exe (MsiGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95BA3)
[Address] EAT @firefox.exe (MsiGetShortcutTargetA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72A58)
[Address] EAT @firefox.exe (MsiGetShortcutTargetW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74689)
[Address] EAT @firefox.exe (MsiGetSourcePathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96209)
[Address] EAT @firefox.exe (MsiGetSourcePathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9640D)
[Address] EAT @firefox.exe (MsiGetSummaryInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C958BD)
[Address] EAT @firefox.exe (MsiGetSummaryInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94293)
[Address] EAT @firefox.exe (MsiGetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C965F5)
[Address] EAT @firefox.exe (MsiGetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C967F9)
[Address] EAT @firefox.exe (MsiGetUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791FE)
[Address] EAT @firefox.exe (MsiGetUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEE466)
[Address] EAT @firefox.exe (MsiInstallMissingComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C722C7)
[Address] EAT @firefox.exe (MsiInstallMissingComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C743D9)
[Address] EAT @firefox.exe (MsiInstallMissingFileA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72067)
[Address] EAT @firefox.exe (MsiInstallMissingFileW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74179)
[Address] EAT @firefox.exe (MsiInstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7197E)
[Address] EAT @firefox.exe (MsiInstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE4B)
[Address] EAT @firefox.exe (MsiInvalidateFeatureCache) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C2D1D3)
[Address] EAT @firefox.exe (MsiIsProductElevatedA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73306)
[Address] EAT @firefox.exe (MsiIsProductElevatedW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74A5D)
[Address] EAT @firefox.exe (MsiJoinTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83FEB)
[Address] EAT @firefox.exe (MsiLoadStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7141F)
[Address] EAT @firefox.exe (MsiLoadStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BDAE09)
[Address] EAT @firefox.exe (MsiLocateComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F19F)
[Address] EAT @firefox.exe (MsiLocateComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F4CA)
[Address] EAT @firefox.exe (MsiMessageBoxA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C716DA)
[Address] EAT @firefox.exe (MsiMessageBoxExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71528)
[Address] EAT @firefox.exe (MsiMessageBoxExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CCB1)
[Address] EAT @firefox.exe (MsiMessageBoxW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE24)
[Address] EAT @firefox.exe (MsiNotifySidChangeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A306)
[Address] EAT @firefox.exe (MsiNotifySidChangeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7501B)
[Address] EAT @firefox.exe (MsiOpenDatabaseA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94691)
[Address] EAT @firefox.exe (MsiOpenDatabaseW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93D8D)
[Address] EAT @firefox.exe (MsiOpenPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6EDC0)
[Address] EAT @firefox.exe (MsiOpenPackageExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C63E)
[Address] EAT @firefox.exe (MsiOpenPackageExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C8E9)
[Address] EAT @firefox.exe (MsiOpenPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F7AB)
[Address] EAT @firefox.exe (MsiOpenProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78BF2)
[Address] EAT @firefox.exe (MsiOpenProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B857)
[Address] EAT @firefox.exe (MsiPreviewBillboardA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D4E)
[Address] EAT @firefox.exe (MsiPreviewBillboardW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93AEA)
[Address] EAT @firefox.exe (MsiPreviewDialogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D0B)
[Address] EAT @firefox.exe (MsiPreviewDialogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93A96)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CBB2)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DF39)
[Address] EAT @firefox.exe (MsiProcessMessage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92F51)
[Address] EAT @firefox.exe (MsiProvideAssemblyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FD5D)
[Address] EAT @firefox.exe (MsiProvideAssemblyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80765)
[Address] EAT @firefox.exe (MsiProvideComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F7B9)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FAB3)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4F84)
[Address] EAT @firefox.exe (MsiProvideComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8030C)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEC385)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BED411)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8A47)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8C86)
[Address] EAT @firefox.exe (MsiQueryComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8687C)
[Address] EAT @firefox.exe (MsiQueryComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81AE1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F6F1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86A94)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81CD9)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FC02)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8057D)
[Address] EAT @firefox.exe (MsiQueryFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC617D)
[Address] EAT @firefox.exe (MsiQueryProductStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D45D)
[Address] EAT @firefox.exe (MsiQueryProductStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD49FE)
[Address] EAT @firefox.exe (MsiRecordClearData) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D27)
[Address] EAT @firefox.exe (MsiRecordDataSize) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C916E5)
[Address] EAT @firefox.exe (MsiRecordGetFieldCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91916)
[Address] EAT @firefox.exe (MsiRecordGetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C918B5)
[Address] EAT @firefox.exe (MsiRecordGetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93F1D)
[Address] EAT @firefox.exe (MsiRecordGetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C940CC)
[Address] EAT @firefox.exe (MsiRecordIsNull) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C915F5)
[Address] EAT @firefox.exe (MsiRecordReadStream) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91B6D)
[Address] EAT @firefox.exe (MsiRecordSetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C917C2)
[Address] EAT @firefox.exe (MsiRecordSetStreamA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95877)
[Address] EAT @firefox.exe (MsiRecordSetStreamW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91A03)
[Address] EAT @firefox.exe (MsiRecordSetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9561D)
[Address] EAT @firefox.exe (MsiRecordSetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9572E)
[Address] EAT @firefox.exe (MsiReinstallFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71EDE)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D8C2)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E657)
[Address] EAT @firefox.exe (MsiReinstallFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD8C24)
[Address] EAT @firefox.exe (MsiReinstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71AFE)
[Address] EAT @firefox.exe (MsiReinstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CFF1)
[Address] EAT @firefox.exe (MsiRemovePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89606)
[Address] EAT @firefox.exe (MsiRemovePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83702)
[Address] EAT @firefox.exe (MsiSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96180)
[Address] EAT @firefox.exe (MsiSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92E4B)
[Address] EAT @firefox.exe (MsiSetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C973EB)
[Address] EAT @firefox.exe (MsiSetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C974E5)
[Address] EAT @firefox.exe (MsiSetExternalUIA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C72F)
[Address] EAT @firefox.exe (MsiSetExternalUIRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8336B)
[Address] EAT @firefox.exe (MsiSetExternalUIW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4E86)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97001)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C970B4)
[Address] EAT @firefox.exe (MsiSetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96E2D)
[Address] EAT @firefox.exe (MsiSetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96EDF)
[Address] EAT @firefox.exe (MsiSetInstallLevel) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93424)
[Address] EAT @firefox.exe (MsiSetInternalUI) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4FE6)
[Address] EAT @firefox.exe (MsiSetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C928BB)
[Address] EAT @firefox.exe (MsiSetOfflineContextW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C98485)
[Address] EAT @firefox.exe (MsiSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95DC1)
[Address] EAT @firefox.exe (MsiSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95F85)
[Address] EAT @firefox.exe (MsiSetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C969DD)
[Address] EAT @firefox.exe (MsiSetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96B61)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87136)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82165)
[Address] EAT @firefox.exe (MsiSourceListAddSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73037)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86F13)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81F43)
[Address] EAT @firefox.exe (MsiSourceListAddSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DC51)
[Address] EAT @firefox.exe (MsiSourceListClearAllA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72EF0)
[Address] EAT @firefox.exe (MsiSourceListClearAllExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87875)
[Address] EAT @firefox.exe (MsiSourceListClearAllExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8281B)
[Address] EAT @firefox.exe (MsiSourceListClearAllW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DAEB)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8764A)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8260D)
[Address] EAT @firefox.exe (MsiSourceListClearSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87436)
[Address] EAT @firefox.exe (MsiSourceListClearSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82405)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8834E)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C831B5)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87C4B)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82C07)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C731B8)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87A6C)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82A09)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DDDB)
[Address] EAT @firefox.exe (MsiSourceListGetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87E30)
[Address] EAT @firefox.exe (MsiSourceListGetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82DB5)
[Address] EAT @firefox.exe (MsiSourceListSetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C880F8)
[Address] EAT @firefox.exe (MsiSourceListSetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82FAB)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C921B9)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91E3D)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9238B)
[Address] EAT @firefox.exe (MsiSummaryInfoPersist) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92551)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95906)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91F2B)
[Address] EAT @firefox.exe (MsiUseFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80D83)
[Address] EAT @firefox.exe (MsiUseFeatureExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F9E8)
[Address] EAT @firefox.exe (MsiUseFeatureExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4D3A)
[Address] EAT @firefox.exe (MsiUseFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80DA0)
[Address] EAT @firefox.exe (MsiVerifyDiskSpace) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93863)
[Address] EAT @firefox.exe (MsiVerifyPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C707AA)
[Address] EAT @firefox.exe (MsiVerifyPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F097)
[Address] EAT @firefox.exe (MsiViewClose) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90BAF)
[Address] EAT @firefox.exe (MsiViewExecute) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9070F)
[Address] EAT @firefox.exe (MsiViewFetch) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90833)
[Address] EAT @firefox.exe (MsiViewGetColumnInfo) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90A91)
[Address] EAT @firefox.exe (MsiViewGetErrorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C903F1)
[Address] EAT @firefox.exe (MsiViewGetErrorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C905CE)
[Address] EAT @firefox.exe (MsiViewModify) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9093F)
[Address] EAT @firefox.exe (QueryInstanceCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B2A)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_224214.txt >>
RKreport[0]_D_04162014_205909.txt;RKreport[0]_S_04162014_205107.txt
j'ai fait suppression et voici le rapport :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 22:42:14
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
[Address] EAT @firefox.exe (DllMain) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C916E4)
[Address] EAT @firefox.exe (NSPStartup) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C91D20)
[Address] EAT @firefox.exe (DllCanUnloadNow) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B3B)
[Address] EAT @firefox.exe (DllGetClassObject) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BE188E)
[Address] EAT @firefox.exe (DllGetVersion) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2982)
[Address] EAT @firefox.exe (DllRegisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C67DC5)
[Address] EAT @firefox.exe (DllUnregisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6818F)
[Address] EAT @firefox.exe (Migrate10CachedPackagesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C744)
[Address] EAT @firefox.exe (Migrate10CachedPackagesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6E1AC)
[Address] EAT @firefox.exe (MsiAdvertiseProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7257F)
[Address] EAT @firefox.exe (MsiAdvertiseProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C727D7)
[Address] EAT @firefox.exe (MsiAdvertiseProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D6C1)
[Address] EAT @firefox.exe (MsiAdvertiseProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D46F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78A3F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B641)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85903)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81057)
[Address] EAT @firefox.exe (MsiApplyPatchA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72D5D)
[Address] EAT @firefox.exe (MsiApplyPatchW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D943)
[Address] EAT @firefox.exe (MsiBeginTransactionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89441)
[Address] EAT @firefox.exe (MsiBeginTransactionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C839D4)
[Address] EAT @firefox.exe (MsiCloseAllHandles) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C900C3)
[Address] EAT @firefox.exe (MsiCloseHandle) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90015)
[Address] EAT @firefox.exe (MsiCollectUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71C3A)
[Address] EAT @firefox.exe (MsiCollectUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D16F)
[Address] EAT @firefox.exe (MsiConfigureFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71D5A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D70A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E41B)
[Address] EAT @firefox.exe (MsiConfigureFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D2B7)
[Address] EAT @firefox.exe (MsiConfigureProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F256)
[Address] EAT @firefox.exe (MsiConfigureProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DACA)
[Address] EAT @firefox.exe (MsiConfigureProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E891)
[Address] EAT @firefox.exe (MsiConfigureProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F581)
[Address] EAT @firefox.exe (MsiCreateAndVerifyInstallerDirectory) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEB2E1)
[Address] EAT @firefox.exe (MsiCreateRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91514)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C955D1)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948EF)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948A9)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91397)
[Address] EAT @firefox.exe (MsiDatabaseCommit) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90DEB)
[Address] EAT @firefox.exe (MsiDatabaseExportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94792)
[Address] EAT @firefox.exe (MsiDatabaseExportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91008)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9485D)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91270)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945FD)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93C54)
[Address] EAT @firefox.exe (MsiDatabaseImportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9472E)
[Address] EAT @firefox.exe (MsiDatabaseImportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90F1E)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94643)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90C8F)
[Address] EAT @firefox.exe (MsiDatabaseMergeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94817)
[Address] EAT @firefox.exe (MsiDatabaseMergeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91111)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945B7)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C902B7)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DA7B)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC6286)
[Address] EAT @firefox.exe (MsiDeleteUserDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A367)
[Address] EAT @firefox.exe (MsiDeleteUserDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C769EB)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D4C5)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C559)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D9D9)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C9E1)
[Address] EAT @firefox.exe (MsiDoActionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9613D)
[Address] EAT @firefox.exe (MsiDoActionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92D61)
[Address] EAT @firefox.exe (MsiEnableLogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7189B)
[Address] EAT @firefox.exe (MsiEnableLogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6FBE9)
[Address] EAT @firefox.exe (MsiEnableUIPreview) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C939CD)
[Address] EAT @firefox.exe (MsiEndTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83E11)
[Address] EAT @firefox.exe (MsiEnumClientsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEC96)
[Address] EAT @firefox.exe (MsiEnumClientsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85D6E)
[Address] EAT @firefox.exe (MsiEnumClientsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C813A7)
[Address] EAT @firefox.exe (MsiEnumClientsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD3647)
[Address] EAT @firefox.exe (MsiEnumComponentCostsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97847)
[Address] EAT @firefox.exe (MsiEnumComponentCostsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97A95)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CD6D)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD384D)
[Address] EAT @firefox.exe (MsiEnumComponentsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791B9)
[Address] EAT @firefox.exe (MsiEnumComponentsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85B08)
[Address] EAT @firefox.exe (MsiEnumComponentsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8121D)
[Address] EAT @firefox.exe (MsiEnumComponentsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7BA57)
[Address] EAT @firefox.exe (MsiEnumFeaturesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79C04)
[Address] EAT @firefox.exe (MsiEnumFeaturesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C259)
[Address] EAT @firefox.exe (MsiEnumPatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C897EB)
[Address] EAT @firefox.exe (MsiEnumPatchesExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84897)
[Address] EAT @firefox.exe (MsiEnumPatchesExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80E79)
[Address] EAT @firefox.exe (MsiEnumPatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8468E)
[Address] EAT @firefox.exe (MsiEnumProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79175)
[Address] EAT @firefox.exe (MsiEnumProductsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86313)
[Address] EAT @firefox.exe (MsiEnumProductsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81729)
[Address] EAT @firefox.exe (MsiEnumProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD559D)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79109)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B9EB)
[Address] EAT @firefox.exe (MsiEvaluateConditionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C961C6)
[Address] EAT @firefox.exe (MsiEvaluateConditionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C930C1)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84FAE)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84C22)
[Address] EAT @firefox.exe (MsiFormatRecordA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92A73)
[Address] EAT @firefox.exe (MsiFormatRecordW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92BF9)
[Address] EAT @firefox.exe (MsiGetActiveDatabase) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92639)
[Address] EAT @firefox.exe (MsiGetComponentPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7EEBD)
[Address] EAT @firefox.exe (MsiGetComponentPathExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86053)
[Address] EAT @firefox.exe (MsiGetComponentPathExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81559)
[Address] EAT @firefox.exe (MsiGetComponentPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC62DD)
[Address] EAT @firefox.exe (MsiGetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C971E3)
[Address] EAT @firefox.exe (MsiGetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C972DC)
[Address] EAT @firefox.exe (MsiGetDatabaseState) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90ED9)
[Address] EAT @firefox.exe (MsiGetFeatureCostA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C975FD)
[Address] EAT @firefox.exe (MsiGetFeatureCostW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97702)
[Address] EAT @firefox.exe (MsiGetFeatureInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70D1A)
[Address] EAT @firefox.exe (MsiGetFeatureInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F5EE)
[Address] EAT @firefox.exe (MsiGetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96CD5)
[Address] EAT @firefox.exe (MsiGetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96DC3)
[Address] EAT @firefox.exe (MsiGetFeatureUsageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A111)
[Address] EAT @firefox.exe (MsiGetFeatureUsageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C9BD)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97CC5)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C936EC)
[Address] EAT @firefox.exe (MsiGetFileHashA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71214)
[Address] EAT @firefox.exe (MsiGetFileHashW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA49)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7128C)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA9F)
[Address] EAT @firefox.exe (MsiGetFileVersionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70EF8)
[Address] EAT @firefox.exe (MsiGetFileVersionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73D2F)
[Address] EAT @firefox.exe (MsiGetLanguage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92727)
[Address] EAT @firefox.exe (MsiGetLastErrorRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D69)
[Address] EAT @firefox.exe (MsiGetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9279F)
[Address] EAT @firefox.exe (MsiGetPatchFileListA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D25D)
[Address] EAT @firefox.exe (MsiGetPatchFileListW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C88B6E)
[Address] EAT @firefox.exe (MsiGetPatchInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A24F)
[Address] EAT @firefox.exe (MsiGetPatchInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C855E9)
[Address] EAT @firefox.exe (MsiGetPatchInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85177)
[Address] EAT @firefox.exe (MsiGetPatchInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CAFB)
[Address] EAT @firefox.exe (MsiGetProductCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEADC)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7ED5F)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F353)
[Address] EAT @firefox.exe (MsiGetProductCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEE6C)
[Address] EAT @firefox.exe (MsiGetProductInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D362)
[Address] EAT @firefox.exe (MsiGetProductInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C865DE)
[Address] EAT @firefox.exe (MsiGetProductInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C818FF)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70880)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F132)
[Address] EAT @firefox.exe (MsiGetProductInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4273)
[Address] EAT @firefox.exe (MsiGetProductPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70B90)
[Address] EAT @firefox.exe (MsiGetProductPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F48B)
[Address] EAT @firefox.exe (MsiGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9596D)
[Address] EAT @firefox.exe (MsiGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95BA3)
[Address] EAT @firefox.exe (MsiGetShortcutTargetA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72A58)
[Address] EAT @firefox.exe (MsiGetShortcutTargetW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74689)
[Address] EAT @firefox.exe (MsiGetSourcePathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96209)
[Address] EAT @firefox.exe (MsiGetSourcePathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9640D)
[Address] EAT @firefox.exe (MsiGetSummaryInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C958BD)
[Address] EAT @firefox.exe (MsiGetSummaryInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94293)
[Address] EAT @firefox.exe (MsiGetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C965F5)
[Address] EAT @firefox.exe (MsiGetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C967F9)
[Address] EAT @firefox.exe (MsiGetUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791FE)
[Address] EAT @firefox.exe (MsiGetUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEE466)
[Address] EAT @firefox.exe (MsiInstallMissingComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C722C7)
[Address] EAT @firefox.exe (MsiInstallMissingComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C743D9)
[Address] EAT @firefox.exe (MsiInstallMissingFileA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72067)
[Address] EAT @firefox.exe (MsiInstallMissingFileW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74179)
[Address] EAT @firefox.exe (MsiInstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7197E)
[Address] EAT @firefox.exe (MsiInstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE4B)
[Address] EAT @firefox.exe (MsiInvalidateFeatureCache) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C2D1D3)
[Address] EAT @firefox.exe (MsiIsProductElevatedA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73306)
[Address] EAT @firefox.exe (MsiIsProductElevatedW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74A5D)
[Address] EAT @firefox.exe (MsiJoinTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83FEB)
[Address] EAT @firefox.exe (MsiLoadStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7141F)
[Address] EAT @firefox.exe (MsiLoadStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BDAE09)
[Address] EAT @firefox.exe (MsiLocateComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F19F)
[Address] EAT @firefox.exe (MsiLocateComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F4CA)
[Address] EAT @firefox.exe (MsiMessageBoxA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C716DA)
[Address] EAT @firefox.exe (MsiMessageBoxExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71528)
[Address] EAT @firefox.exe (MsiMessageBoxExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CCB1)
[Address] EAT @firefox.exe (MsiMessageBoxW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE24)
[Address] EAT @firefox.exe (MsiNotifySidChangeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A306)
[Address] EAT @firefox.exe (MsiNotifySidChangeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7501B)
[Address] EAT @firefox.exe (MsiOpenDatabaseA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94691)
[Address] EAT @firefox.exe (MsiOpenDatabaseW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93D8D)
[Address] EAT @firefox.exe (MsiOpenPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6EDC0)
[Address] EAT @firefox.exe (MsiOpenPackageExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C63E)
[Address] EAT @firefox.exe (MsiOpenPackageExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C8E9)
[Address] EAT @firefox.exe (MsiOpenPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F7AB)
[Address] EAT @firefox.exe (MsiOpenProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78BF2)
[Address] EAT @firefox.exe (MsiOpenProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B857)
[Address] EAT @firefox.exe (MsiPreviewBillboardA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D4E)
[Address] EAT @firefox.exe (MsiPreviewBillboardW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93AEA)
[Address] EAT @firefox.exe (MsiPreviewDialogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D0B)
[Address] EAT @firefox.exe (MsiPreviewDialogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93A96)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CBB2)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DF39)
[Address] EAT @firefox.exe (MsiProcessMessage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92F51)
[Address] EAT @firefox.exe (MsiProvideAssemblyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FD5D)
[Address] EAT @firefox.exe (MsiProvideAssemblyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80765)
[Address] EAT @firefox.exe (MsiProvideComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F7B9)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FAB3)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4F84)
[Address] EAT @firefox.exe (MsiProvideComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8030C)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEC385)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BED411)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8A47)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8C86)
[Address] EAT @firefox.exe (MsiQueryComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8687C)
[Address] EAT @firefox.exe (MsiQueryComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81AE1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F6F1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86A94)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81CD9)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FC02)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8057D)
[Address] EAT @firefox.exe (MsiQueryFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC617D)
[Address] EAT @firefox.exe (MsiQueryProductStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D45D)
[Address] EAT @firefox.exe (MsiQueryProductStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD49FE)
[Address] EAT @firefox.exe (MsiRecordClearData) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D27)
[Address] EAT @firefox.exe (MsiRecordDataSize) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C916E5)
[Address] EAT @firefox.exe (MsiRecordGetFieldCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91916)
[Address] EAT @firefox.exe (MsiRecordGetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C918B5)
[Address] EAT @firefox.exe (MsiRecordGetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93F1D)
[Address] EAT @firefox.exe (MsiRecordGetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C940CC)
[Address] EAT @firefox.exe (MsiRecordIsNull) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C915F5)
[Address] EAT @firefox.exe (MsiRecordReadStream) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91B6D)
[Address] EAT @firefox.exe (MsiRecordSetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C917C2)
[Address] EAT @firefox.exe (MsiRecordSetStreamA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95877)
[Address] EAT @firefox.exe (MsiRecordSetStreamW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91A03)
[Address] EAT @firefox.exe (MsiRecordSetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9561D)
[Address] EAT @firefox.exe (MsiRecordSetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9572E)
[Address] EAT @firefox.exe (MsiReinstallFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71EDE)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D8C2)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E657)
[Address] EAT @firefox.exe (MsiReinstallFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD8C24)
[Address] EAT @firefox.exe (MsiReinstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71AFE)
[Address] EAT @firefox.exe (MsiReinstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CFF1)
[Address] EAT @firefox.exe (MsiRemovePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89606)
[Address] EAT @firefox.exe (MsiRemovePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83702)
[Address] EAT @firefox.exe (MsiSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96180)
[Address] EAT @firefox.exe (MsiSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92E4B)
[Address] EAT @firefox.exe (MsiSetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C973EB)
[Address] EAT @firefox.exe (MsiSetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C974E5)
[Address] EAT @firefox.exe (MsiSetExternalUIA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C72F)
[Address] EAT @firefox.exe (MsiSetExternalUIRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8336B)
[Address] EAT @firefox.exe (MsiSetExternalUIW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4E86)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97001)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C970B4)
[Address] EAT @firefox.exe (MsiSetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96E2D)
[Address] EAT @firefox.exe (MsiSetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96EDF)
[Address] EAT @firefox.exe (MsiSetInstallLevel) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93424)
[Address] EAT @firefox.exe (MsiSetInternalUI) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4FE6)
[Address] EAT @firefox.exe (MsiSetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C928BB)
[Address] EAT @firefox.exe (MsiSetOfflineContextW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C98485)
[Address] EAT @firefox.exe (MsiSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95DC1)
[Address] EAT @firefox.exe (MsiSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95F85)
[Address] EAT @firefox.exe (MsiSetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C969DD)
[Address] EAT @firefox.exe (MsiSetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96B61)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87136)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82165)
[Address] EAT @firefox.exe (MsiSourceListAddSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73037)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86F13)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81F43)
[Address] EAT @firefox.exe (MsiSourceListAddSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DC51)
[Address] EAT @firefox.exe (MsiSourceListClearAllA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72EF0)
[Address] EAT @firefox.exe (MsiSourceListClearAllExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87875)
[Address] EAT @firefox.exe (MsiSourceListClearAllExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8281B)
[Address] EAT @firefox.exe (MsiSourceListClearAllW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DAEB)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8764A)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8260D)
[Address] EAT @firefox.exe (MsiSourceListClearSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87436)
[Address] EAT @firefox.exe (MsiSourceListClearSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82405)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8834E)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C831B5)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87C4B)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82C07)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C731B8)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87A6C)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82A09)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DDDB)
[Address] EAT @firefox.exe (MsiSourceListGetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87E30)
[Address] EAT @firefox.exe (MsiSourceListGetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82DB5)
[Address] EAT @firefox.exe (MsiSourceListSetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C880F8)
[Address] EAT @firefox.exe (MsiSourceListSetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82FAB)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C921B9)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91E3D)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9238B)
[Address] EAT @firefox.exe (MsiSummaryInfoPersist) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92551)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95906)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91F2B)
[Address] EAT @firefox.exe (MsiUseFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80D83)
[Address] EAT @firefox.exe (MsiUseFeatureExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F9E8)
[Address] EAT @firefox.exe (MsiUseFeatureExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4D3A)
[Address] EAT @firefox.exe (MsiUseFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80DA0)
[Address] EAT @firefox.exe (MsiVerifyDiskSpace) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93863)
[Address] EAT @firefox.exe (MsiVerifyPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C707AA)
[Address] EAT @firefox.exe (MsiVerifyPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F097)
[Address] EAT @firefox.exe (MsiViewClose) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90BAF)
[Address] EAT @firefox.exe (MsiViewExecute) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9070F)
[Address] EAT @firefox.exe (MsiViewFetch) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90833)
[Address] EAT @firefox.exe (MsiViewGetColumnInfo) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90A91)
[Address] EAT @firefox.exe (MsiViewGetErrorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C903F1)
[Address] EAT @firefox.exe (MsiViewGetErrorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C905CE)
[Address] EAT @firefox.exe (MsiViewModify) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9093F)
[Address] EAT @firefox.exe (QueryInstanceCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B2A)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_224214.txt >>
RKreport[0]_D_04162014_205909.txt;RKreport[0]_S_04162014_205107.txt
salut
ok, fait ceci et poste le rapport via 1 copier/coller
http://www.sosvirus.net/viewtopic.php?f=281&t=937
merci
@+
ok, fait ceci et poste le rapport via 1 copier/coller
http://www.sosvirus.net/viewtopic.php?f=281&t=937
merci
@+
Bonjour,
voici le rapport :
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:02:33 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2456 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 15 Go (12 Go libre(s) - 76%) [REMYS] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 468)
C:\Windows\system32\wininit.exe (ID: 548 |ParentID: 468)
C:\Windows\system32\csrss.exe (ID: 568 |ParentID: 556)
C:\Windows\system32\services.exe (ID: 612 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 644 |ParentID: 548)
C:\Windows\system32\winlogon.exe (ID: 652 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 660 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 888 |ParentID: 612)
C:\Windows\system32\atiesrxx.exe (ID: 936 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 444 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 472 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 436 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1096 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 612)
C:\Windows\system32\atieclxx.exe (ID: 1204 |ParentID: 936)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1364 |ParentID: 612)
C:\Windows\system32\WLANExt.exe (ID: 1372 |ParentID: 444)
C:\Windows\system32\conhost.exe (ID: 1380 |ParentID: 476)
C:\Windows\System32\spoolsv.exe (ID: 1612 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 612)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1832 |ParentID: 612)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1860 |ParentID: 612)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1884 |ParentID: 612)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1920 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1980 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2004 |ParentID: 612)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2036 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1188 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1528 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1512 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1040 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2124 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2472 |ParentID: 2124)
C:\Windows\system32\SearchIndexer.exe (ID: 2784 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 2804 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 2532 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (ID: 2088 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (ID: 1132 |ParentID: 2088)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2388 |ParentID: 612)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1848 |ParentID: 612)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2948 |ParentID: 788)
C:\Windows\system32\taskhost.exe (ID: 1668 |ParentID: 612)
C:\Windows\system32\Dwm.exe (ID: 3724 |ParentID: 444)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3896 |ParentID: 1512)
C:\Windows\Explorer.EXE (ID: 3900 |ParentID: 3260)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 904 |ParentID: 3900)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3560 |ParentID: 3900)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1768 |ParentID: 3900)
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (ID: 4084 |ParentID: 3900)
C:\Windows\System32\hkcmd.exe (ID: 3164 |ParentID: 3900)
C:\Windows\System32\igfxpers.exe (ID: 3292 |ParentID: 3900)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 3748 |ParentID: 3900)
C:\Windows\system32\igfxsrvc.exe (ID: 3180 |ParentID: 788)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 728 |ParentID: 3900)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3920 |ParentID: 3900)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3552 |ParentID: 3940)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ID: 3848 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 984 |ParentID: 3140)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3644 |ParentID: 3140)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 740 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4184 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 4892 |ParentID: 612)
C:\Windows\system32\wuauclt.exe (ID: 4368 |ParentID: 436)
C:\Windows\system32\DllHost.exe (ID: 784 |ParentID: 788)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2780 |ParentID: 3224)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4692 |ParentID: 2780)
C:\Windows\System32\WUDFHost.exe (ID: 5084 |ParentID: 444)
C:\Windows\system32\taskeng.exe (ID: 4772 |ParentID: 436)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5456 |ParentID: 788)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
voici le rapport :
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:02:33 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2456 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 15 Go (12 Go libre(s) - 76%) [REMYS] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 468)
C:\Windows\system32\wininit.exe (ID: 548 |ParentID: 468)
C:\Windows\system32\csrss.exe (ID: 568 |ParentID: 556)
C:\Windows\system32\services.exe (ID: 612 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 644 |ParentID: 548)
C:\Windows\system32\winlogon.exe (ID: 652 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 660 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 888 |ParentID: 612)
C:\Windows\system32\atiesrxx.exe (ID: 936 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 444 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 472 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 436 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1096 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 612)
C:\Windows\system32\atieclxx.exe (ID: 1204 |ParentID: 936)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1364 |ParentID: 612)
C:\Windows\system32\WLANExt.exe (ID: 1372 |ParentID: 444)
C:\Windows\system32\conhost.exe (ID: 1380 |ParentID: 476)
C:\Windows\System32\spoolsv.exe (ID: 1612 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 612)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1832 |ParentID: 612)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1860 |ParentID: 612)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1884 |ParentID: 612)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1920 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1980 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2004 |ParentID: 612)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2036 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1188 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1528 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1512 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1040 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2124 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2472 |ParentID: 2124)
C:\Windows\system32\SearchIndexer.exe (ID: 2784 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 2804 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 2532 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (ID: 2088 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (ID: 1132 |ParentID: 2088)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2388 |ParentID: 612)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1848 |ParentID: 612)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2948 |ParentID: 788)
C:\Windows\system32\taskhost.exe (ID: 1668 |ParentID: 612)
C:\Windows\system32\Dwm.exe (ID: 3724 |ParentID: 444)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3896 |ParentID: 1512)
C:\Windows\Explorer.EXE (ID: 3900 |ParentID: 3260)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 904 |ParentID: 3900)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3560 |ParentID: 3900)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1768 |ParentID: 3900)
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (ID: 4084 |ParentID: 3900)
C:\Windows\System32\hkcmd.exe (ID: 3164 |ParentID: 3900)
C:\Windows\System32\igfxpers.exe (ID: 3292 |ParentID: 3900)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 3748 |ParentID: 3900)
C:\Windows\system32\igfxsrvc.exe (ID: 3180 |ParentID: 788)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 728 |ParentID: 3900)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3920 |ParentID: 3900)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3552 |ParentID: 3940)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ID: 3848 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 984 |ParentID: 3140)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3644 |ParentID: 3140)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 740 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4184 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 4892 |ParentID: 612)
C:\Windows\system32\wuauclt.exe (ID: 4368 |ParentID: 436)
C:\Windows\system32\DllHost.exe (ID: 784 |ParentID: 788)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2780 |ParentID: 3224)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4692 |ParentID: 2780)
C:\Windows\System32\WUDFHost.exe (ID: 5084 |ParentID: 444)
C:\Windows\system32\taskeng.exe (ID: 4772 |ParentID: 436)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5456 |ParentID: 788)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
Bonsoir,
voici le rapport :
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 21:33:04 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2549 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 19%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 556 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 548)
C:\Windows\system32\services.exe (ID: 604 |ParentID: 556)
C:\Windows\system32\lsass.exe (ID: 628 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 636 |ParentID: 556)
C:\Windows\system32\winlogon.exe (ID: 692 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 604)
C:\Windows\system32\atiesrxx.exe (ID: 940 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 112 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 484 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1116 |ParentID: 604)
C:\Windows\system32\atieclxx.exe (ID: 1232 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 604)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1380 |ParentID: 604)
C:\Windows\system32\WLANExt.exe (ID: 1388 |ParentID: 484)
C:\Windows\system32\conhost.exe (ID: 1396 |ParentID: 480)
C:\Windows\System32\spoolsv.exe (ID: 1608 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1644 |ParentID: 604)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1736 |ParentID: 604)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1756 |ParentID: 604)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1780 |ParentID: 604)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1828 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1876 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 1904 |ParentID: 604)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 1924 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2036 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1080 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1184 |ParentID: 604)
C:\Windows\system32\taskhost.exe (ID: 1136 |ParentID: 604)
C:\Windows\system32\Dwm.exe (ID: 2064 |ParentID: 484)
C:\Windows\Explorer.EXE (ID: 2096 |ParentID: 2056)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2248 |ParentID: 1184)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 2256 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 2304 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2340 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2384 |ParentID: 604)
C:\Windows\system32\runonce.exe (ID: 2612 |ParentID: 2096)
C:\Windows\system32\SearchIndexer.exe (ID: 2764 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2896 |ParentID: 2340)
C:\Windows\System32\rundll32.exe (ID: 2916 |ParentID: 792)
C:\Windows\system32\svchost.exe (ID: 2952 |ParentID: 604)
C:\Windows\SysWOW64\runonce.exe (ID: 3128 |ParentID: 2612)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3412 |ParentID: 2764)
C:\Windows\system32\SearchFilterHost.exe (ID: 3524 |ParentID: 2764)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 3220 |ParentID: 1380)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2624 |ParentID: 792)
################## | Recherche générique |
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKU\S-1-5-21-1629809806-1617948266-3175222210-500\Software\.\.\.\.\Mountpoints2\{80c4a24e-2d15-11e3-b716-08002700ac24}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[04/02/2014 - 12:44:26 | SHD] - C:\$RECYCLE.BIN
[16/05/2010 - 23:43:34 | SHD] - C:\boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[15/04/2014 - 23:45:21 | D] - C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[17/04/2014 - 21:32:10 | ASH | 2990484 Ko] - C:\hiberfil.sys
[12/06/2010 - 11:26:21 | D] - C:\HP
[12/06/2010 - 11:37:11 | D] - C:\Intel
[07/04/2014 - 21:07:49 | RHD] - C:\MSOCache
[17/04/2014 - 21:32:10 | ASH | 3987312 Ko] - C:\pagefile.sys
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[15/04/2014 - 21:31:10 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[13/04/2014 - 23:52:47 | D] - C:\Program Files
[15/04/2014 - 23:42:24 | D] - C:\Program Files (x86)
[15/04/2014 - 23:42:24 | HD] - C:\ProgramData
[04/02/2014 - 11:36:18 | D] - C:\Qoobox
[02/10/2013 - 20:44:03 | SHD] - C:\Recovery
[13/02/2014 - 09:02:18 | N | 2 Ko] - C:\RHDSetup.log
[07/04/2014 - 22:48:40 | D] - C:\rsit
[07/04/2014 - 22:58:27 | D] - C:\SwSetup
[15/04/2014 - 00:34:10 | SHD] - C:\System Volume Information
[02/10/2013 - 20:44:07 | D] - C:\SYSTEM.SAV
[17/04/2014 - 19:01:16 | D] - C:\UsbFix
[17/04/2014 - 21:34:26 | A | 9 Ko | 56A0DCA7A2543EEBCB7A622F34103755] - C:\UsbFix [Clean 2] REMY-PC.txt
[17/04/2014 - 19:03:31 | N | 10 Ko | ED75992E603D0031E2CE0B49D3D6EBB7] - C:\UsbFix [Scan 1] REMY-PC.txt
[17/04/2014 - 21:30:21 | N | 10 Ko | F19E426C38A503BA05F7940653CA0518] - C:\UsbFix [Scan 2] REMY-PC.txt
[02/10/2013 - 21:52:38 | D] - C:\Users
[15/04/2014 - 22:19:15 | D] - C:\Windows
[30/09/2013 - 19:11:58 | SHD] - D:\$RECYCLE.BIN
[25/09/2010 - 18:38:39 | SHD] - D:\boot
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\BT_HP.FLG
[12/06/2010 - 22:00:19 | N | 0 Ko] - D:\CSP.DAT
[12/06/2010 - 22:07:40 | N | 14 Ko] - D:\DeployRp.log
[22/10/2011 - 13:46:48 | N | 0 Ko] - D:\Disque local (C) - Raccourci (2).lnk
[15/10/2010 - 22:49:54 | N | 0 Ko] - D:\Disque local (C) - Raccourci.lnk
[25/09/2010 - 19:32:47 | D] - D:\hp
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\language.ini
[25/09/2010 - 18:38:39 | SHD] - D:\preload
[02/10/2013 - 20:44:06 | SD] - D:\Recovery
[01/07/2012 - 20:20:55 | N | 291452 Ko] - D:\registre-exporté-01072012.reg
[12/06/2010 - 22:07:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[18/06/2011 - 13:25:00 | SHD] - D:\System Volume Information
[25/09/2010 - 18:38:39 | D] - D:\system.sav
[01/07/2012 - 17:25:30 | SHD] - E:\$RECYCLE.BIN
[02/10/2013 - 20:14:02 | D] - E:\Hewlett-Packard
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
voici le rapport :
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 21:33:04 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2549 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 19%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 556 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 548)
C:\Windows\system32\services.exe (ID: 604 |ParentID: 556)
C:\Windows\system32\lsass.exe (ID: 628 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 636 |ParentID: 556)
C:\Windows\system32\winlogon.exe (ID: 692 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 604)
C:\Windows\system32\atiesrxx.exe (ID: 940 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 112 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 484 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1116 |ParentID: 604)
C:\Windows\system32\atieclxx.exe (ID: 1232 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 604)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1380 |ParentID: 604)
C:\Windows\system32\WLANExt.exe (ID: 1388 |ParentID: 484)
C:\Windows\system32\conhost.exe (ID: 1396 |ParentID: 480)
C:\Windows\System32\spoolsv.exe (ID: 1608 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1644 |ParentID: 604)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1736 |ParentID: 604)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1756 |ParentID: 604)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1780 |ParentID: 604)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1828 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1876 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 1904 |ParentID: 604)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 1924 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2036 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1080 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1184 |ParentID: 604)
C:\Windows\system32\taskhost.exe (ID: 1136 |ParentID: 604)
C:\Windows\system32\Dwm.exe (ID: 2064 |ParentID: 484)
C:\Windows\Explorer.EXE (ID: 2096 |ParentID: 2056)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2248 |ParentID: 1184)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 2256 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 2304 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2340 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2384 |ParentID: 604)
C:\Windows\system32\runonce.exe (ID: 2612 |ParentID: 2096)
C:\Windows\system32\SearchIndexer.exe (ID: 2764 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2896 |ParentID: 2340)
C:\Windows\System32\rundll32.exe (ID: 2916 |ParentID: 792)
C:\Windows\system32\svchost.exe (ID: 2952 |ParentID: 604)
C:\Windows\SysWOW64\runonce.exe (ID: 3128 |ParentID: 2612)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3412 |ParentID: 2764)
C:\Windows\system32\SearchFilterHost.exe (ID: 3524 |ParentID: 2764)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 3220 |ParentID: 1380)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2624 |ParentID: 792)
################## | Recherche générique |
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKU\S-1-5-21-1629809806-1617948266-3175222210-500\Software\.\.\.\.\Mountpoints2\{80c4a24e-2d15-11e3-b716-08002700ac24}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[04/02/2014 - 12:44:26 | SHD] - C:\$RECYCLE.BIN
[16/05/2010 - 23:43:34 | SHD] - C:\boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[15/04/2014 - 23:45:21 | D] - C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[17/04/2014 - 21:32:10 | ASH | 2990484 Ko] - C:\hiberfil.sys
[12/06/2010 - 11:26:21 | D] - C:\HP
[12/06/2010 - 11:37:11 | D] - C:\Intel
[07/04/2014 - 21:07:49 | RHD] - C:\MSOCache
[17/04/2014 - 21:32:10 | ASH | 3987312 Ko] - C:\pagefile.sys
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[15/04/2014 - 21:31:10 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[13/04/2014 - 23:52:47 | D] - C:\Program Files
[15/04/2014 - 23:42:24 | D] - C:\Program Files (x86)
[15/04/2014 - 23:42:24 | HD] - C:\ProgramData
[04/02/2014 - 11:36:18 | D] - C:\Qoobox
[02/10/2013 - 20:44:03 | SHD] - C:\Recovery
[13/02/2014 - 09:02:18 | N | 2 Ko] - C:\RHDSetup.log
[07/04/2014 - 22:48:40 | D] - C:\rsit
[07/04/2014 - 22:58:27 | D] - C:\SwSetup
[15/04/2014 - 00:34:10 | SHD] - C:\System Volume Information
[02/10/2013 - 20:44:07 | D] - C:\SYSTEM.SAV
[17/04/2014 - 19:01:16 | D] - C:\UsbFix
[17/04/2014 - 21:34:26 | A | 9 Ko | 56A0DCA7A2543EEBCB7A622F34103755] - C:\UsbFix [Clean 2] REMY-PC.txt
[17/04/2014 - 19:03:31 | N | 10 Ko | ED75992E603D0031E2CE0B49D3D6EBB7] - C:\UsbFix [Scan 1] REMY-PC.txt
[17/04/2014 - 21:30:21 | N | 10 Ko | F19E426C38A503BA05F7940653CA0518] - C:\UsbFix [Scan 2] REMY-PC.txt
[02/10/2013 - 21:52:38 | D] - C:\Users
[15/04/2014 - 22:19:15 | D] - C:\Windows
[30/09/2013 - 19:11:58 | SHD] - D:\$RECYCLE.BIN
[25/09/2010 - 18:38:39 | SHD] - D:\boot
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\BT_HP.FLG
[12/06/2010 - 22:00:19 | N | 0 Ko] - D:\CSP.DAT
[12/06/2010 - 22:07:40 | N | 14 Ko] - D:\DeployRp.log
[22/10/2011 - 13:46:48 | N | 0 Ko] - D:\Disque local (C) - Raccourci (2).lnk
[15/10/2010 - 22:49:54 | N | 0 Ko] - D:\Disque local (C) - Raccourci.lnk
[25/09/2010 - 19:32:47 | D] - D:\hp
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\language.ini
[25/09/2010 - 18:38:39 | SHD] - D:\preload
[02/10/2013 - 20:44:06 | SD] - D:\Recovery
[01/07/2012 - 20:20:55 | N | 291452 Ko] - D:\registre-exporté-01072012.reg
[12/06/2010 - 22:07:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[18/06/2011 - 13:25:00 | SHD] - D:\System Volume Information
[25/09/2010 - 18:38:39 | D] - D:\system.sav
[01/07/2012 - 17:25:30 | SHD] - E:\$RECYCLE.BIN
[02/10/2013 - 20:14:02 | D] - E:\Hewlett-Packard
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
re
ok, fait ceci et poste le rapport
http://sosvirus.net/viewtopic.php?f=281&t=594
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
a la fin de l'installation, décoche la case "activer l'essai gratuit de MBAM premium"
regarde l'image >> clique ici
regarde ceci pour le mettre a jour et en français >> clique ici
dans l'onglet "examens" sélectionne "examen menaces" puis clique sur "examiner maintenant"
a la fin du scan, clique sur "tout mettre en quarantaine " puis sur "appliquer les actions"
si MBAM demande de redémarrer le pc, fait le
le rapport s'affichera sur ton bureau, mais sera aussi disponible dans "historique"
et "journaux de l'application"
sélectionne le rapport et demande l'affichage (choisit bien le dernier en date)
en bas a gauche, clique sur "exporter" et choisit "format texte"
enregistre le sur ton bureau (pour le retrouver facilement)
poste le rapport via 1 copier/coller dans ta prochaine réponse
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
ok, fait ceci et poste le rapport
http://sosvirus.net/viewtopic.php?f=281&t=594
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
a la fin de l'installation, décoche la case "activer l'essai gratuit de MBAM premium"
regarde l'image >> clique ici
regarde ceci pour le mettre a jour et en français >> clique ici
dans l'onglet "examens" sélectionne "examen menaces" puis clique sur "examiner maintenant"
a la fin du scan, clique sur "tout mettre en quarantaine " puis sur "appliquer les actions"
si MBAM demande de redémarrer le pc, fait le
le rapport s'affichera sur ton bureau, mais sera aussi disponible dans "historique"
et "journaux de l'application"
sélectionne le rapport et demande l'affichage (choisit bien le dernier en date)
en bas a gauche, clique sur "exporter" et choisit "format texte"
enregistre le sur ton bureau (pour le retrouver facilement)
poste le rapport via 1 copier/coller dans ta prochaine réponse
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
Bonjour,
le rapport a trouvé une menace :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 19/04/2014
Heure de l'examen: 21:43:15
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.19.09
Base de données Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301265
Temps écoulé: 13 min, 59 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 0
(No malicious items detected)
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 1
PUP.Optional.MySearchDial.A, C:\Users\REMY\AppData\Local\Google\Chrome\User Data\Default\preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele0103&cd=2XzuyEtN2Y1L1QzutDtDtByCzztBzz0ByD0EtDtByC0C0AzytN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1909010176&ir=" ],), Remplacé,[ca6b5dcfc6b5dc5a619763f1699bb050]
Secteurs physiques: 0
(No malicious items detected)
(end)
le rapport a trouvé une menace :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 19/04/2014
Heure de l'examen: 21:43:15
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.19.09
Base de données Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301265
Temps écoulé: 13 min, 59 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 0
(No malicious items detected)
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 1
PUP.Optional.MySearchDial.A, C:\Users\REMY\AppData\Local\Google\Chrome\User Data\Default\preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele0103&cd=2XzuyEtN2Y1L1QzutDtDtByCzztBzz0ByD0EtDtByC0C0AzytN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1909010176&ir=" ],), Remplacé,[ca6b5dcfc6b5dc5a619763f1699bb050]
Secteurs physiques: 0
(No malicious items detected)
(end)
Bonjour,
le problème est toujours la. Les pages internet se chargent un peu plus vite mais la rapidité n'est plus la même qu'avant. Est -il possible que ce soit du à un pb de mise à jour de la carte wifi? J'ai déja eu un problème de lenteur auparavant et j'avais mis à jour la carte et tt était revenu à la normale. Mais maintenant, la mise à jour ne suffit plus. Je constate aussi dans le gestionnaire des taches que mon processeur utilise peu d'UC environ 5% avec quelques pics allant jusqu'à 50% lorsque j'ouvre une page internet. D'où peut provenir cette lenteur? Je ne comprends plus rien...
le problème est toujours la. Les pages internet se chargent un peu plus vite mais la rapidité n'est plus la même qu'avant. Est -il possible que ce soit du à un pb de mise à jour de la carte wifi? J'ai déja eu un problème de lenteur auparavant et j'avais mis à jour la carte et tt était revenu à la normale. Mais maintenant, la mise à jour ne suffit plus. Je constate aussi dans le gestionnaire des taches que mon processeur utilise peu d'UC environ 5% avec quelques pics allant jusqu'à 50% lorsque j'ouvre une page internet. D'où peut provenir cette lenteur? Je ne comprends plus rien...
re
désactive ton antivirus pour télécharger le logiciel et pour faire le scan
fait ceci et poste le rapport via ce lien https://www.cjoint.com/index.php
http://sosvirus.net/viewtopic.php?f=281&t=613
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
désactive ton antivirus pour télécharger le logiciel et pour faire le scan
fait ceci et poste le rapport via ce lien https://www.cjoint.com/index.php
http://sosvirus.net/viewtopic.php?f=281&t=613
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
Bonjour,
J'ai lancé Shortcut_Module. Pendant le scan, il trouve une cinquantaine d'éléments infectés mais lorsque le scan se termine il m'affiche un message d'erreur : "Error : Variable type "Object" must be used ". Et ensuite je suis obligé de redémarer mon pc car celui -ci est bloqué.
J'ai bien desactivé mon AV...
J'ai lancé Shortcut_Module. Pendant le scan, il trouve une cinquantaine d'éléments infectés mais lorsque le scan se termine il m'affiche un message d'erreur : "Error : Variable type "Object" must be used ". Et ensuite je suis obligé de redémarer mon pc car celui -ci est bloqué.
J'ai bien desactivé mon AV...