Problème de lenteur internet
Skywalker78 Messages postés 22 Statut Membre -
Je me permets de vous contacter car ma connexion internet a énormément ralenti ces derniers temps. J'ai effectué un analyse Anti-virus Avast et une analyse Anti-Malware mais aucun des deux logiciels n'a détecté d'anomalies. J'ai déjà eu ce problème il y a environ 8 mois à cause d'un virus (svchost) que je n'ai pas réussi à supprimer. J'avais "réglé" ce problème en formatant mon pc cependant j'ai l'impression que ce problème est en train de revenir et je souhaiterai, cette fois-ci, guérir mon ordinateur au lieu de le formater.
Pouvez-vous m'aider s'il vous plait?
Par avance merci.
41 réponses
- 1
- 2
- 3
Le problème principal est une lenteur persistante de la connexion Internet sur un PC Windows 7, malgré des analyses antivirus et anti-malware qui n'ont rien détecté et un souvenir d'un virus passé. Plusieurs solutions ont été explorées, notamment AdwCleaner pour nettoyer les composants publicitaires, RogueKiller pour les éléments malveillants et ZHPDiag pour un diagnostic plus large, avec des rapports postés. Des conseils complémentaires portaient sur la réinitialisation ou la désactivation des extensions navigateur et sur la réorganisation des paramètres (pages d’accueil, moteurs de recherche) afin d'améliorer temporairement la vitesse. En parallèle, des rapports détaillés ont été fournis sur chaque outil utilisé, sans conclusion sur l’état final du problème ou sur une résolution définitive pour l'instant.
-
salut
pour en savoir plus sur ton problème, fait ceci et poste le rapport
télécharge zhpdiag sur ton bureau (outil de diagnostic)
le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
le tuto http://nicolascoolman.webs.com/tutorials.htm
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +
le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt
poste le rapport via ce lien https://www.cjoint.com/
aide en image >> clique ici
merci
@+
-
-
re
ATTENTION: tu es limite au niveau % libre sur ton disque C:\
System drive C: has 59 GB (13%) free of 451 GB
==================================================
désinstalle spybot, il est obsolète et gène les outils de désinfection
https://www.safer-networking.org/fr/faq/comment-desinstaller-2/
==================================================
je te conseille de désinstaller les cr@cks que tu as dans le pc et de lire ceci
https://forum.malekal.com/viewtopic.php?t=893&start=
==================================================
télécharge et installe les dernières versions Adobe Flash Player et Adobe Reader
adobe reader
ps:décoche MCAFEE avant de le télécharger
adobe flash player 13
====================================================
fait ceci et poste le rapport
télécharge adwcleaner sur ton bureau
le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur Scanner puis patiente le temps du scan
une fois le scan terminé clique sur le bouton Nettoyer
clique sur rapport pour qu'il s'affiche sur ton bureau
le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt
poste le rapport via 1 copier/coller
merci
@+
-
Bonsoir,
voici le rapport adwcleaner :
# AdwCleaner v3.023 - Rapport créé le 15/04/2014 à 23:44:15
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Administrateur - REMY-PC
# Exécuté depuis : C:\Users\Administrateur\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (fr)
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\u747aiis.default\prefs.js ]
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7u8b29p.default-1387219965501\prefs.js ]
*************************
AdwCleaner[R2].txt - [5817 octets] - [07/04/2014 22:21:50]
AdwCleaner[R3].txt - [1081 octets] - [08/04/2014 19:12:45]
AdwCleaner[R4].txt - [1199 octets] - [10/04/2014 22:56:13]
AdwCleaner[R5].txt - [1320 octets] - [15/04/2014 23:42:53]
AdwCleaner[S2].txt - [5659 octets] - [07/04/2014 22:23:13]
AdwCleaner[S3].txt - [1143 octets] - [08/04/2014 19:14:06]
AdwCleaner[S4].txt - [1261 octets] - [10/04/2014 22:57:48]
AdwCleaner[S5].txt - [1241 octets] - [15/04/2014 23:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1301 octets] ########## -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
re
ok, relance adwcleaner et choisit "désinstaller"
tu as fait les autres manipulations?
merci
@+
-
Bonjour,
J'ai effectué toutes les manipulations, relancé adwcleaner et fait "désinstaller". Mais le problème est toujours présent. Ma connexion est toujours aussi aussi lente et mon ventilateur souffle très fort. De plus, j'ai constaté récemment que à chaque fois que j'éteins mon ordinateur, celui-ci effectue des mises à jour pendant la fermeture. Que dois-je faire? -
re
ok, fait ceci et poste le rapport
Télécharge roguekiller sur ton bureau
prends le x64,regarde l'image >> clique ici
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
merci
@+
-
Bonsoir,
Voici le rapport RogueKiller :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 20:51:07
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Rappel Rapport : "C:\Users\Administrateur\Desktop\Stage fin d'étude\Ouverture Rapport.vbs" [x] -> TROUVÉ
[V2][SUSP PATH] Rémy's task : C:\Users\Administrateur\Desktop\mess.vbs [x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_205107.txt >> -
re
relance roguekiller ( laisse faire le pre_scan etc...) et clique sur "suppression"
poste le rapport via 1 copier/coller
merci
@+
-
Bonsoir,
j'ai fait suppression et voici le rapport :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 22:42:14
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
[Address] EAT @firefox.exe (DllMain) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C916E4)
[Address] EAT @firefox.exe (NSPStartup) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C91D20)
[Address] EAT @firefox.exe (DllCanUnloadNow) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B3B)
[Address] EAT @firefox.exe (DllGetClassObject) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BE188E)
[Address] EAT @firefox.exe (DllGetVersion) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2982)
[Address] EAT @firefox.exe (DllRegisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C67DC5)
[Address] EAT @firefox.exe (DllUnregisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6818F)
[Address] EAT @firefox.exe (Migrate10CachedPackagesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C744)
[Address] EAT @firefox.exe (Migrate10CachedPackagesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6E1AC)
[Address] EAT @firefox.exe (MsiAdvertiseProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7257F)
[Address] EAT @firefox.exe (MsiAdvertiseProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C727D7)
[Address] EAT @firefox.exe (MsiAdvertiseProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D6C1)
[Address] EAT @firefox.exe (MsiAdvertiseProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D46F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78A3F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B641)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85903)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81057)
[Address] EAT @firefox.exe (MsiApplyPatchA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72D5D)
[Address] EAT @firefox.exe (MsiApplyPatchW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D943)
[Address] EAT @firefox.exe (MsiBeginTransactionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89441)
[Address] EAT @firefox.exe (MsiBeginTransactionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C839D4)
[Address] EAT @firefox.exe (MsiCloseAllHandles) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C900C3)
[Address] EAT @firefox.exe (MsiCloseHandle) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90015)
[Address] EAT @firefox.exe (MsiCollectUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71C3A)
[Address] EAT @firefox.exe (MsiCollectUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D16F)
[Address] EAT @firefox.exe (MsiConfigureFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71D5A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D70A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E41B)
[Address] EAT @firefox.exe (MsiConfigureFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D2B7)
[Address] EAT @firefox.exe (MsiConfigureProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F256)
[Address] EAT @firefox.exe (MsiConfigureProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DACA)
[Address] EAT @firefox.exe (MsiConfigureProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E891)
[Address] EAT @firefox.exe (MsiConfigureProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F581)
[Address] EAT @firefox.exe (MsiCreateAndVerifyInstallerDirectory) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEB2E1)
[Address] EAT @firefox.exe (MsiCreateRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91514)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C955D1)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948EF)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948A9)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91397)
[Address] EAT @firefox.exe (MsiDatabaseCommit) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90DEB)
[Address] EAT @firefox.exe (MsiDatabaseExportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94792)
[Address] EAT @firefox.exe (MsiDatabaseExportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91008)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9485D)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91270)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945FD)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93C54)
[Address] EAT @firefox.exe (MsiDatabaseImportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9472E)
[Address] EAT @firefox.exe (MsiDatabaseImportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90F1E)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94643)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90C8F)
[Address] EAT @firefox.exe (MsiDatabaseMergeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94817)
[Address] EAT @firefox.exe (MsiDatabaseMergeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91111)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945B7)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C902B7)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DA7B)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC6286)
[Address] EAT @firefox.exe (MsiDeleteUserDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A367)
[Address] EAT @firefox.exe (MsiDeleteUserDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C769EB)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D4C5)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C559)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D9D9)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C9E1)
[Address] EAT @firefox.exe (MsiDoActionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9613D)
[Address] EAT @firefox.exe (MsiDoActionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92D61)
[Address] EAT @firefox.exe (MsiEnableLogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7189B)
[Address] EAT @firefox.exe (MsiEnableLogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6FBE9)
[Address] EAT @firefox.exe (MsiEnableUIPreview) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C939CD)
[Address] EAT @firefox.exe (MsiEndTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83E11)
[Address] EAT @firefox.exe (MsiEnumClientsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEC96)
[Address] EAT @firefox.exe (MsiEnumClientsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85D6E)
[Address] EAT @firefox.exe (MsiEnumClientsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C813A7)
[Address] EAT @firefox.exe (MsiEnumClientsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD3647)
[Address] EAT @firefox.exe (MsiEnumComponentCostsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97847)
[Address] EAT @firefox.exe (MsiEnumComponentCostsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97A95)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CD6D)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD384D)
[Address] EAT @firefox.exe (MsiEnumComponentsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791B9)
[Address] EAT @firefox.exe (MsiEnumComponentsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85B08)
[Address] EAT @firefox.exe (MsiEnumComponentsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8121D)
[Address] EAT @firefox.exe (MsiEnumComponentsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7BA57)
[Address] EAT @firefox.exe (MsiEnumFeaturesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79C04)
[Address] EAT @firefox.exe (MsiEnumFeaturesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C259)
[Address] EAT @firefox.exe (MsiEnumPatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C897EB)
[Address] EAT @firefox.exe (MsiEnumPatchesExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84897)
[Address] EAT @firefox.exe (MsiEnumPatchesExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80E79)
[Address] EAT @firefox.exe (MsiEnumPatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8468E)
[Address] EAT @firefox.exe (MsiEnumProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79175)
[Address] EAT @firefox.exe (MsiEnumProductsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86313)
[Address] EAT @firefox.exe (MsiEnumProductsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81729)
[Address] EAT @firefox.exe (MsiEnumProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD559D)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79109)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B9EB)
[Address] EAT @firefox.exe (MsiEvaluateConditionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C961C6)
[Address] EAT @firefox.exe (MsiEvaluateConditionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C930C1)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84FAE)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84C22)
[Address] EAT @firefox.exe (MsiFormatRecordA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92A73)
[Address] EAT @firefox.exe (MsiFormatRecordW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92BF9)
[Address] EAT @firefox.exe (MsiGetActiveDatabase) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92639)
[Address] EAT @firefox.exe (MsiGetComponentPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7EEBD)
[Address] EAT @firefox.exe (MsiGetComponentPathExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86053)
[Address] EAT @firefox.exe (MsiGetComponentPathExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81559)
[Address] EAT @firefox.exe (MsiGetComponentPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC62DD)
[Address] EAT @firefox.exe (MsiGetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C971E3)
[Address] EAT @firefox.exe (MsiGetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C972DC)
[Address] EAT @firefox.exe (MsiGetDatabaseState) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90ED9)
[Address] EAT @firefox.exe (MsiGetFeatureCostA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C975FD)
[Address] EAT @firefox.exe (MsiGetFeatureCostW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97702)
[Address] EAT @firefox.exe (MsiGetFeatureInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70D1A)
[Address] EAT @firefox.exe (MsiGetFeatureInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F5EE)
[Address] EAT @firefox.exe (MsiGetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96CD5)
[Address] EAT @firefox.exe (MsiGetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96DC3)
[Address] EAT @firefox.exe (MsiGetFeatureUsageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A111)
[Address] EAT @firefox.exe (MsiGetFeatureUsageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C9BD)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97CC5)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C936EC)
[Address] EAT @firefox.exe (MsiGetFileHashA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71214)
[Address] EAT @firefox.exe (MsiGetFileHashW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA49)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7128C)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA9F)
[Address] EAT @firefox.exe (MsiGetFileVersionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70EF8)
[Address] EAT @firefox.exe (MsiGetFileVersionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73D2F)
[Address] EAT @firefox.exe (MsiGetLanguage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92727)
[Address] EAT @firefox.exe (MsiGetLastErrorRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D69)
[Address] EAT @firefox.exe (MsiGetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9279F)
[Address] EAT @firefox.exe (MsiGetPatchFileListA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D25D)
[Address] EAT @firefox.exe (MsiGetPatchFileListW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C88B6E)
[Address] EAT @firefox.exe (MsiGetPatchInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A24F)
[Address] EAT @firefox.exe (MsiGetPatchInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C855E9)
[Address] EAT @firefox.exe (MsiGetPatchInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85177)
[Address] EAT @firefox.exe (MsiGetPatchInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CAFB)
[Address] EAT @firefox.exe (MsiGetProductCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEADC)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7ED5F)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F353)
[Address] EAT @firefox.exe (MsiGetProductCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEE6C)
[Address] EAT @firefox.exe (MsiGetProductInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D362)
[Address] EAT @firefox.exe (MsiGetProductInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C865DE)
[Address] EAT @firefox.exe (MsiGetProductInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C818FF)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70880)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F132)
[Address] EAT @firefox.exe (MsiGetProductInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4273)
[Address] EAT @firefox.exe (MsiGetProductPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70B90)
[Address] EAT @firefox.exe (MsiGetProductPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F48B)
[Address] EAT @firefox.exe (MsiGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9596D)
[Address] EAT @firefox.exe (MsiGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95BA3)
[Address] EAT @firefox.exe (MsiGetShortcutTargetA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72A58)
[Address] EAT @firefox.exe (MsiGetShortcutTargetW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74689)
[Address] EAT @firefox.exe (MsiGetSourcePathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96209)
[Address] EAT @firefox.exe (MsiGetSourcePathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9640D)
[Address] EAT @firefox.exe (MsiGetSummaryInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C958BD)
[Address] EAT @firefox.exe (MsiGetSummaryInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94293)
[Address] EAT @firefox.exe (MsiGetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C965F5)
[Address] EAT @firefox.exe (MsiGetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C967F9)
[Address] EAT @firefox.exe (MsiGetUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791FE)
[Address] EAT @firefox.exe (MsiGetUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEE466)
[Address] EAT @firefox.exe (MsiInstallMissingComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C722C7)
[Address] EAT @firefox.exe (MsiInstallMissingComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C743D9)
[Address] EAT @firefox.exe (MsiInstallMissingFileA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72067)
[Address] EAT @firefox.exe (MsiInstallMissingFileW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74179)
[Address] EAT @firefox.exe (MsiInstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7197E)
[Address] EAT @firefox.exe (MsiInstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE4B)
[Address] EAT @firefox.exe (MsiInvalidateFeatureCache) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C2D1D3)
[Address] EAT @firefox.exe (MsiIsProductElevatedA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73306)
[Address] EAT @firefox.exe (MsiIsProductElevatedW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74A5D)
[Address] EAT @firefox.exe (MsiJoinTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83FEB)
[Address] EAT @firefox.exe (MsiLoadStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7141F)
[Address] EAT @firefox.exe (MsiLoadStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BDAE09)
[Address] EAT @firefox.exe (MsiLocateComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F19F)
[Address] EAT @firefox.exe (MsiLocateComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F4CA)
[Address] EAT @firefox.exe (MsiMessageBoxA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C716DA)
[Address] EAT @firefox.exe (MsiMessageBoxExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71528)
[Address] EAT @firefox.exe (MsiMessageBoxExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CCB1)
[Address] EAT @firefox.exe (MsiMessageBoxW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE24)
[Address] EAT @firefox.exe (MsiNotifySidChangeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A306)
[Address] EAT @firefox.exe (MsiNotifySidChangeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7501B)
[Address] EAT @firefox.exe (MsiOpenDatabaseA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94691)
[Address] EAT @firefox.exe (MsiOpenDatabaseW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93D8D)
[Address] EAT @firefox.exe (MsiOpenPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6EDC0)
[Address] EAT @firefox.exe (MsiOpenPackageExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C63E)
[Address] EAT @firefox.exe (MsiOpenPackageExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C8E9)
[Address] EAT @firefox.exe (MsiOpenPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F7AB)
[Address] EAT @firefox.exe (MsiOpenProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78BF2)
[Address] EAT @firefox.exe (MsiOpenProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B857)
[Address] EAT @firefox.exe (MsiPreviewBillboardA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D4E)
[Address] EAT @firefox.exe (MsiPreviewBillboardW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93AEA)
[Address] EAT @firefox.exe (MsiPreviewDialogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D0B)
[Address] EAT @firefox.exe (MsiPreviewDialogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93A96)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CBB2)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DF39)
[Address] EAT @firefox.exe (MsiProcessMessage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92F51)
[Address] EAT @firefox.exe (MsiProvideAssemblyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FD5D)
[Address] EAT @firefox.exe (MsiProvideAssemblyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80765)
[Address] EAT @firefox.exe (MsiProvideComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F7B9)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FAB3)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4F84)
[Address] EAT @firefox.exe (MsiProvideComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8030C)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEC385)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BED411)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8A47)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8C86)
[Address] EAT @firefox.exe (MsiQueryComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8687C)
[Address] EAT @firefox.exe (MsiQueryComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81AE1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F6F1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86A94)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81CD9)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FC02)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8057D)
[Address] EAT @firefox.exe (MsiQueryFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC617D)
[Address] EAT @firefox.exe (MsiQueryProductStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D45D)
[Address] EAT @firefox.exe (MsiQueryProductStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD49FE)
[Address] EAT @firefox.exe (MsiRecordClearData) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D27)
[Address] EAT @firefox.exe (MsiRecordDataSize) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C916E5)
[Address] EAT @firefox.exe (MsiRecordGetFieldCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91916)
[Address] EAT @firefox.exe (MsiRecordGetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C918B5)
[Address] EAT @firefox.exe (MsiRecordGetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93F1D)
[Address] EAT @firefox.exe (MsiRecordGetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C940CC)
[Address] EAT @firefox.exe (MsiRecordIsNull) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C915F5)
[Address] EAT @firefox.exe (MsiRecordReadStream) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91B6D)
[Address] EAT @firefox.exe (MsiRecordSetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C917C2)
[Address] EAT @firefox.exe (MsiRecordSetStreamA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95877)
[Address] EAT @firefox.exe (MsiRecordSetStreamW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91A03)
[Address] EAT @firefox.exe (MsiRecordSetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9561D)
[Address] EAT @firefox.exe (MsiRecordSetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9572E)
[Address] EAT @firefox.exe (MsiReinstallFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71EDE)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D8C2)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E657)
[Address] EAT @firefox.exe (MsiReinstallFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD8C24)
[Address] EAT @firefox.exe (MsiReinstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71AFE)
[Address] EAT @firefox.exe (MsiReinstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CFF1)
[Address] EAT @firefox.exe (MsiRemovePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89606)
[Address] EAT @firefox.exe (MsiRemovePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83702)
[Address] EAT @firefox.exe (MsiSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96180)
[Address] EAT @firefox.exe (MsiSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92E4B)
[Address] EAT @firefox.exe (MsiSetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C973EB)
[Address] EAT @firefox.exe (MsiSetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C974E5)
[Address] EAT @firefox.exe (MsiSetExternalUIA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C72F)
[Address] EAT @firefox.exe (MsiSetExternalUIRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8336B)
[Address] EAT @firefox.exe (MsiSetExternalUIW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4E86)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97001)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C970B4)
[Address] EAT @firefox.exe (MsiSetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96E2D)
[Address] EAT @firefox.exe (MsiSetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96EDF)
[Address] EAT @firefox.exe (MsiSetInstallLevel) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93424)
[Address] EAT @firefox.exe (MsiSetInternalUI) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4FE6)
[Address] EAT @firefox.exe (MsiSetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C928BB)
[Address] EAT @firefox.exe (MsiSetOfflineContextW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C98485)
[Address] EAT @firefox.exe (MsiSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95DC1)
[Address] EAT @firefox.exe (MsiSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95F85)
[Address] EAT @firefox.exe (MsiSetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C969DD)
[Address] EAT @firefox.exe (MsiSetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96B61)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87136)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82165)
[Address] EAT @firefox.exe (MsiSourceListAddSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73037)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86F13)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81F43)
[Address] EAT @firefox.exe (MsiSourceListAddSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DC51)
[Address] EAT @firefox.exe (MsiSourceListClearAllA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72EF0)
[Address] EAT @firefox.exe (MsiSourceListClearAllExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87875)
[Address] EAT @firefox.exe (MsiSourceListClearAllExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8281B)
[Address] EAT @firefox.exe (MsiSourceListClearAllW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DAEB)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8764A)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8260D)
[Address] EAT @firefox.exe (MsiSourceListClearSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87436)
[Address] EAT @firefox.exe (MsiSourceListClearSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82405)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8834E)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C831B5)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87C4B)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82C07)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C731B8)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87A6C)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82A09)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DDDB)
[Address] EAT @firefox.exe (MsiSourceListGetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87E30)
[Address] EAT @firefox.exe (MsiSourceListGetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82DB5)
[Address] EAT @firefox.exe (MsiSourceListSetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C880F8)
[Address] EAT @firefox.exe (MsiSourceListSetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82FAB)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C921B9)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91E3D)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9238B)
[Address] EAT @firefox.exe (MsiSummaryInfoPersist) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92551)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95906)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91F2B)
[Address] EAT @firefox.exe (MsiUseFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80D83)
[Address] EAT @firefox.exe (MsiUseFeatureExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F9E8)
[Address] EAT @firefox.exe (MsiUseFeatureExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4D3A)
[Address] EAT @firefox.exe (MsiUseFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80DA0)
[Address] EAT @firefox.exe (MsiVerifyDiskSpace) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93863)
[Address] EAT @firefox.exe (MsiVerifyPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C707AA)
[Address] EAT @firefox.exe (MsiVerifyPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F097)
[Address] EAT @firefox.exe (MsiViewClose) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90BAF)
[Address] EAT @firefox.exe (MsiViewExecute) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9070F)
[Address] EAT @firefox.exe (MsiViewFetch) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90833)
[Address] EAT @firefox.exe (MsiViewGetColumnInfo) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90A91)
[Address] EAT @firefox.exe (MsiViewGetErrorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C903F1)
[Address] EAT @firefox.exe (MsiViewGetErrorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C905CE)
[Address] EAT @firefox.exe (MsiViewModify) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9093F)
[Address] EAT @firefox.exe (QueryInstanceCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B2A)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_224214.txt >>
RKreport[0]_D_04162014_205909.txt;RKreport[0]_S_04162014_205107.txt -
salut
ok, fait ceci et poste le rapport via 1 copier/coller
http://www.sosvirus.net/viewtopic.php?f=281&t=937
merci
@+
-
Bonjour,
voici le rapport :
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:02:33 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2456 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 15 Go (12 Go libre(s) - 76%) [REMYS] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 468)
C:\Windows\system32\wininit.exe (ID: 548 |ParentID: 468)
C:\Windows\system32\csrss.exe (ID: 568 |ParentID: 556)
C:\Windows\system32\services.exe (ID: 612 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 644 |ParentID: 548)
C:\Windows\system32\winlogon.exe (ID: 652 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 660 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 888 |ParentID: 612)
C:\Windows\system32\atiesrxx.exe (ID: 936 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 444 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 472 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 436 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1096 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 612)
C:\Windows\system32\atieclxx.exe (ID: 1204 |ParentID: 936)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1364 |ParentID: 612)
C:\Windows\system32\WLANExt.exe (ID: 1372 |ParentID: 444)
C:\Windows\system32\conhost.exe (ID: 1380 |ParentID: 476)
C:\Windows\System32\spoolsv.exe (ID: 1612 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 612)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1832 |ParentID: 612)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1860 |ParentID: 612)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1884 |ParentID: 612)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1920 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1980 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2004 |ParentID: 612)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2036 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1188 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1528 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1512 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1040 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2124 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2472 |ParentID: 2124)
C:\Windows\system32\SearchIndexer.exe (ID: 2784 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 2804 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 2532 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (ID: 2088 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (ID: 1132 |ParentID: 2088)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2388 |ParentID: 612)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1848 |ParentID: 612)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2948 |ParentID: 788)
C:\Windows\system32\taskhost.exe (ID: 1668 |ParentID: 612)
C:\Windows\system32\Dwm.exe (ID: 3724 |ParentID: 444)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3896 |ParentID: 1512)
C:\Windows\Explorer.EXE (ID: 3900 |ParentID: 3260)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 904 |ParentID: 3900)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3560 |ParentID: 3900)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1768 |ParentID: 3900)
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (ID: 4084 |ParentID: 3900)
C:\Windows\System32\hkcmd.exe (ID: 3164 |ParentID: 3900)
C:\Windows\System32\igfxpers.exe (ID: 3292 |ParentID: 3900)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 3748 |ParentID: 3900)
C:\Windows\system32\igfxsrvc.exe (ID: 3180 |ParentID: 788)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 728 |ParentID: 3900)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3920 |ParentID: 3900)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3552 |ParentID: 3940)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ID: 3848 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 984 |ParentID: 3140)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3644 |ParentID: 3140)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 740 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4184 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 4892 |ParentID: 612)
C:\Windows\system32\wuauclt.exe (ID: 4368 |ParentID: 436)
C:\Windows\system32\DllHost.exe (ID: 784 |ParentID: 788)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2780 |ParentID: 3224)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4692 |ParentID: 2780)
C:\Windows\System32\WUDFHost.exe (ID: 5084 |ParentID: 444)
C:\Windows\system32\taskeng.exe (ID: 4772 |ParentID: 436)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5456 |ParentID: 788)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ | -
re
relance usbfix en mode suppression et poste le rapport via 1 copier/coller
merci
@+
-
Bonsoir,
voici le rapport :
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 21:33:04 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2549 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 19%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 556 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 548)
C:\Windows\system32\services.exe (ID: 604 |ParentID: 556)
C:\Windows\system32\lsass.exe (ID: 628 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 636 |ParentID: 556)
C:\Windows\system32\winlogon.exe (ID: 692 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 604)
C:\Windows\system32\atiesrxx.exe (ID: 940 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 112 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 484 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1116 |ParentID: 604)
C:\Windows\system32\atieclxx.exe (ID: 1232 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 604)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1380 |ParentID: 604)
C:\Windows\system32\WLANExt.exe (ID: 1388 |ParentID: 484)
C:\Windows\system32\conhost.exe (ID: 1396 |ParentID: 480)
C:\Windows\System32\spoolsv.exe (ID: 1608 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1644 |ParentID: 604)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1736 |ParentID: 604)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1756 |ParentID: 604)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1780 |ParentID: 604)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1828 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1876 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 1904 |ParentID: 604)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 1924 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2036 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1080 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1184 |ParentID: 604)
C:\Windows\system32\taskhost.exe (ID: 1136 |ParentID: 604)
C:\Windows\system32\Dwm.exe (ID: 2064 |ParentID: 484)
C:\Windows\Explorer.EXE (ID: 2096 |ParentID: 2056)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2248 |ParentID: 1184)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 2256 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 2304 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2340 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2384 |ParentID: 604)
C:\Windows\system32\runonce.exe (ID: 2612 |ParentID: 2096)
C:\Windows\system32\SearchIndexer.exe (ID: 2764 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2896 |ParentID: 2340)
C:\Windows\System32\rundll32.exe (ID: 2916 |ParentID: 792)
C:\Windows\system32\svchost.exe (ID: 2952 |ParentID: 604)
C:\Windows\SysWOW64\runonce.exe (ID: 3128 |ParentID: 2612)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3412 |ParentID: 2764)
C:\Windows\system32\SearchFilterHost.exe (ID: 3524 |ParentID: 2764)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 3220 |ParentID: 1380)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2624 |ParentID: 792)
################## | Recherche générique |
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKU\S-1-5-21-1629809806-1617948266-3175222210-500\Software\.\.\.\.\Mountpoints2\{80c4a24e-2d15-11e3-b716-08002700ac24}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[04/02/2014 - 12:44:26 | SHD] - C:\$RECYCLE.BIN
[16/05/2010 - 23:43:34 | SHD] - C:\boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[15/04/2014 - 23:45:21 | D] - C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[17/04/2014 - 21:32:10 | ASH | 2990484 Ko] - C:\hiberfil.sys
[12/06/2010 - 11:26:21 | D] - C:\HP
[12/06/2010 - 11:37:11 | D] - C:\Intel
[07/04/2014 - 21:07:49 | RHD] - C:\MSOCache
[17/04/2014 - 21:32:10 | ASH | 3987312 Ko] - C:\pagefile.sys
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[15/04/2014 - 21:31:10 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[13/04/2014 - 23:52:47 | D] - C:\Program Files
[15/04/2014 - 23:42:24 | D] - C:\Program Files (x86)
[15/04/2014 - 23:42:24 | HD] - C:\ProgramData
[04/02/2014 - 11:36:18 | D] - C:\Qoobox
[02/10/2013 - 20:44:03 | SHD] - C:\Recovery
[13/02/2014 - 09:02:18 | N | 2 Ko] - C:\RHDSetup.log
[07/04/2014 - 22:48:40 | D] - C:\rsit
[07/04/2014 - 22:58:27 | D] - C:\SwSetup
[15/04/2014 - 00:34:10 | SHD] - C:\System Volume Information
[02/10/2013 - 20:44:07 | D] - C:\SYSTEM.SAV
[17/04/2014 - 19:01:16 | D] - C:\UsbFix
[17/04/2014 - 21:34:26 | A | 9 Ko | 56A0DCA7A2543EEBCB7A622F34103755] - C:\UsbFix [Clean 2] REMY-PC.txt
[17/04/2014 - 19:03:31 | N | 10 Ko | ED75992E603D0031E2CE0B49D3D6EBB7] - C:\UsbFix [Scan 1] REMY-PC.txt
[17/04/2014 - 21:30:21 | N | 10 Ko | F19E426C38A503BA05F7940653CA0518] - C:\UsbFix [Scan 2] REMY-PC.txt
[02/10/2013 - 21:52:38 | D] - C:\Users
[15/04/2014 - 22:19:15 | D] - C:\Windows
[30/09/2013 - 19:11:58 | SHD] - D:\$RECYCLE.BIN
[25/09/2010 - 18:38:39 | SHD] - D:\boot
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\BT_HP.FLG
[12/06/2010 - 22:00:19 | N | 0 Ko] - D:\CSP.DAT
[12/06/2010 - 22:07:40 | N | 14 Ko] - D:\DeployRp.log
[22/10/2011 - 13:46:48 | N | 0 Ko] - D:\Disque local (C) - Raccourci (2).lnk
[15/10/2010 - 22:49:54 | N | 0 Ko] - D:\Disque local (C) - Raccourci.lnk
[25/09/2010 - 19:32:47 | D] - D:\hp
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\language.ini
[25/09/2010 - 18:38:39 | SHD] - D:\preload
[02/10/2013 - 20:44:06 | SD] - D:\Recovery
[01/07/2012 - 20:20:55 | N | 291452 Ko] - D:\registre-exporté-01072012.reg
[12/06/2010 - 22:07:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[18/06/2011 - 13:25:00 | SHD] - D:\System Volume Information
[25/09/2010 - 18:38:39 | D] - D:\system.sav
[01/07/2012 - 17:25:30 | SHD] - E:\$RECYCLE.BIN
[02/10/2013 - 20:14:02 | D] - E:\Hewlett-Packard
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ | -
re
ok, fait ceci et poste le rapport
http://sosvirus.net/viewtopic.php?f=281&t=594
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
a la fin de l'installation, décoche la case "activer l'essai gratuit de MBAM premium"
regarde l'image >> clique ici
regarde ceci pour le mettre a jour et en français >> clique ici
dans l'onglet "examens" sélectionne "examen menaces" puis clique sur "examiner maintenant"
a la fin du scan, clique sur "tout mettre en quarantaine " puis sur "appliquer les actions"
si MBAM demande de redémarrer le pc, fait le
le rapport s'affichera sur ton bureau, mais sera aussi disponible dans "historique"
et "journaux de l'application"
sélectionne le rapport et demande l'affichage (choisit bien le dernier en date)
en bas a gauche, clique sur "exporter" et choisit "format texte"
enregistre le sur ton bureau (pour le retrouver facilement)
poste le rapport via 1 copier/coller dans ta prochaine réponse
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl -
Bonjour,
le rapport a trouvé une menace :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 19/04/2014
Heure de l'examen: 21:43:15
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.19.09
Base de données Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301265
Temps écoulé: 13 min, 59 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 0
(No malicious items detected)
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 1
PUP.Optional.MySearchDial.A, C:\Users\REMY\AppData\Local\Google\Chrome\User Data\Default\preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele0103&cd=2XzuyEtN2Y1L1QzutDtDtByCzztBzz0ByD0EtDtByC0C0AzytN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1909010176&ir=" ],), Remplacé,[ca6b5dcfc6b5dc5a619763f1699bb050]
Secteurs physiques: 0
(No malicious items detected)
(end) -
salut
dit moi si tu as encore des soucis
merci
@+
-
Bonjour,
le problème est toujours la. Les pages internet se chargent un peu plus vite mais la rapidité n'est plus la même qu'avant. Est -il possible que ce soit du à un pb de mise à jour de la carte wifi? J'ai déja eu un problème de lenteur auparavant et j'avais mis à jour la carte et tt était revenu à la normale. Mais maintenant, la mise à jour ne suffit plus. Je constate aussi dans le gestionnaire des taches que mon processeur utilise peu d'UC environ 5% avec quelques pics allant jusqu'à 50% lorsque j'ouvre une page internet. D'où peut provenir cette lenteur? Je ne comprends plus rien... -
re
désactive ton antivirus pour télécharger le logiciel et pour faire le scan
fait ceci et poste le rapport via ce lien https://www.cjoint.com/index.php
http://sosvirus.net/viewtopic.php?f=281&t=613
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl -
Bonjour,
J'ai lancé Shortcut_Module. Pendant le scan, il trouve une cinquantaine d'éléments infectés mais lorsque le scan se termine il m'affiche un message d'erreur : "Error : Variable type "Object" must be used ". Et ensuite je suis obligé de redémarer mon pc car celui -ci est bloqué.
J'ai bien desactivé mon AV...
- 1
- 2
- 3