Problème de lenteur internet
Fermé
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
-
14 avril 2014 à 23:22
Skywalker78 Messages postés 22 Date d'inscription lundi 14 avril 2014 Statut Membre Dernière intervention 8 juin 2014 - 8 juin 2014 à 11:55
Skywalker78 Messages postés 22 Date d'inscription lundi 14 avril 2014 Statut Membre Dernière intervention 8 juin 2014 - 8 juin 2014 à 11:55
A voir également:
- Problème de lenteur internet
- Lenteur pc - Guide
- Gps sans internet - Guide
- D'où peut venir un problème de connexion internet sur un ordinateur ? - Guide
- Telecharger internet explorer - Télécharger - Navigateurs
- Vendre sur internet particulier - Guide
41 réponses
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
14 avril 2014 à 23:24
14 avril 2014 à 23:24
salut
pour en savoir plus sur ton problème, fait ceci et poste le rapport
télécharge zhpdiag sur ton bureau (outil de diagnostic)
le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
le tuto http://nicolascoolman.webs.com/tutorials.htm
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +
le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt
poste le rapport via ce lien https://www.cjoint.com/
aide en image >> clique ici
merci
@+
pour en savoir plus sur ton problème, fait ceci et poste le rapport
télécharge zhpdiag sur ton bureau (outil de diagnostic)
le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
le tuto http://nicolascoolman.webs.com/tutorials.htm
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +
le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt
poste le rapport via ce lien https://www.cjoint.com/
aide en image >> clique ici
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
15 avril 2014 à 21:43
15 avril 2014 à 21:43
Bonjour,
merci pour votre réactivité.
Voici le lien : https://www.cjoint.com/?0DpvOcha8YP
merci pour votre réactivité.
Voici le lien : https://www.cjoint.com/?0DpvOcha8YP
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
15 avril 2014 à 22:07
15 avril 2014 à 22:07
re
ATTENTION: tu es limite au niveau % libre sur ton disque C:\
System drive C: has 59 GB (13%) free of 451 GB
==================================================
désinstalle spybot, il est obsolète et gène les outils de désinfection
https://www.safer-networking.org/fr/faq/comment-desinstaller-2/
==================================================
je te conseille de désinstaller les cr@cks que tu as dans le pc et de lire ceci
https://forum.malekal.com/viewtopic.php?t=893&start=
==================================================
télécharge et installe les dernières versions Adobe Flash Player et Adobe Reader
adobe reader
ps:décoche MCAFEE avant de le télécharger
adobe flash player 13
====================================================
fait ceci et poste le rapport
télécharge adwcleaner sur ton bureau
le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur Scanner puis patiente le temps du scan
une fois le scan terminé clique sur le bouton Nettoyer
clique sur rapport pour qu'il s'affiche sur ton bureau
le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt
poste le rapport via 1 copier/coller
merci
@+
ATTENTION: tu es limite au niveau % libre sur ton disque C:\
System drive C: has 59 GB (13%) free of 451 GB
==================================================
désinstalle spybot, il est obsolète et gène les outils de désinfection
https://www.safer-networking.org/fr/faq/comment-desinstaller-2/
==================================================
je te conseille de désinstaller les cr@cks que tu as dans le pc et de lire ceci
https://forum.malekal.com/viewtopic.php?t=893&start=
==================================================
télécharge et installe les dernières versions Adobe Flash Player et Adobe Reader
adobe reader
ps:décoche MCAFEE avant de le télécharger
adobe flash player 13
====================================================
fait ceci et poste le rapport
télécharge adwcleaner sur ton bureau
le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
clique sur Scanner puis patiente le temps du scan
une fois le scan terminé clique sur le bouton Nettoyer
clique sur rapport pour qu'il s'affiche sur ton bureau
le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt
poste le rapport via 1 copier/coller
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
15 avril 2014 à 23:53
15 avril 2014 à 23:53
Bonsoir,
voici le rapport adwcleaner :
# AdwCleaner v3.023 - Rapport créé le 15/04/2014 à 23:44:15
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Administrateur - REMY-PC
# Exécuté depuis : C:\Users\Administrateur\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (fr)
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\u747aiis.default\prefs.js ]
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7u8b29p.default-1387219965501\prefs.js ]
*************************
AdwCleaner[R2].txt - [5817 octets] - [07/04/2014 22:21:50]
AdwCleaner[R3].txt - [1081 octets] - [08/04/2014 19:12:45]
AdwCleaner[R4].txt - [1199 octets] - [10/04/2014 22:56:13]
AdwCleaner[R5].txt - [1320 octets] - [15/04/2014 23:42:53]
AdwCleaner[S2].txt - [5659 octets] - [07/04/2014 22:23:13]
AdwCleaner[S3].txt - [1143 octets] - [08/04/2014 19:14:06]
AdwCleaner[S4].txt - [1261 octets] - [10/04/2014 22:57:48]
AdwCleaner[S5].txt - [1241 octets] - [15/04/2014 23:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1301 octets] ##########
voici le rapport adwcleaner :
# AdwCleaner v3.023 - Rapport créé le 15/04/2014 à 23:44:15
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Administrateur - REMY-PC
# Exécuté depuis : C:\Users\Administrateur\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (fr)
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\u747aiis.default\prefs.js ]
[ Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7u8b29p.default-1387219965501\prefs.js ]
*************************
AdwCleaner[R2].txt - [5817 octets] - [07/04/2014 22:21:50]
AdwCleaner[R3].txt - [1081 octets] - [08/04/2014 19:12:45]
AdwCleaner[R4].txt - [1199 octets] - [10/04/2014 22:56:13]
AdwCleaner[R5].txt - [1320 octets] - [15/04/2014 23:42:53]
AdwCleaner[S2].txt - [5659 octets] - [07/04/2014 22:23:13]
AdwCleaner[S3].txt - [1143 octets] - [08/04/2014 19:14:06]
AdwCleaner[S4].txt - [1261 octets] - [10/04/2014 22:57:48]
AdwCleaner[S5].txt - [1241 octets] - [15/04/2014 23:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1301 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
15 avril 2014 à 23:58
15 avril 2014 à 23:58
re
ok, relance adwcleaner et choisit "désinstaller"
tu as fait les autres manipulations?
merci
@+
ok, relance adwcleaner et choisit "désinstaller"
tu as fait les autres manipulations?
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
16 avril 2014 à 19:53
16 avril 2014 à 19:53
Bonjour,
J'ai effectué toutes les manipulations, relancé adwcleaner et fait "désinstaller". Mais le problème est toujours présent. Ma connexion est toujours aussi aussi lente et mon ventilateur souffle très fort. De plus, j'ai constaté récemment que à chaque fois que j'éteins mon ordinateur, celui-ci effectue des mises à jour pendant la fermeture. Que dois-je faire?
J'ai effectué toutes les manipulations, relancé adwcleaner et fait "désinstaller". Mais le problème est toujours présent. Ma connexion est toujours aussi aussi lente et mon ventilateur souffle très fort. De plus, j'ai constaté récemment que à chaque fois que j'éteins mon ordinateur, celui-ci effectue des mises à jour pendant la fermeture. Que dois-je faire?
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
16 avril 2014 à 20:21
16 avril 2014 à 20:21
re
ok, fait ceci et poste le rapport
Télécharge roguekiller sur ton bureau
prends le x64,regarde l'image >> clique ici
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
merci
@+
ok, fait ceci et poste le rapport
Télécharge roguekiller sur ton bureau
prends le x64,regarde l'image >> clique ici
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
16 avril 2014 à 20:58
16 avril 2014 à 20:58
Bonsoir,
Voici le rapport RogueKiller :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 20:51:07
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Rappel Rapport : "C:\Users\Administrateur\Desktop\Stage fin d'étude\Ouverture Rapport.vbs" [x] -> TROUVÉ
[V2][SUSP PATH] Rémy's task : C:\Users\Administrateur\Desktop\mess.vbs [x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_205107.txt >>
Voici le rapport RogueKiller :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 20:51:07
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Rappel Rapport : "C:\Users\Administrateur\Desktop\Stage fin d'étude\Ouverture Rapport.vbs" [x] -> TROUVÉ
[V2][SUSP PATH] Rémy's task : C:\Users\Administrateur\Desktop\mess.vbs [x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_205107.txt >>
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
16 avril 2014 à 21:05
16 avril 2014 à 21:05
re
relance roguekiller ( laisse faire le pre_scan etc...) et clique sur "suppression"
poste le rapport via 1 copier/coller
merci
@+
relance roguekiller ( laisse faire le pre_scan etc...) et clique sur "suppression"
poste le rapport via 1 copier/coller
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
16 avril 2014 à 22:45
16 avril 2014 à 22:45
Bonsoir,
j'ai fait suppression et voici le rapport :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 22:42:14
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
[Address] EAT @firefox.exe (DllMain) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C916E4)
[Address] EAT @firefox.exe (NSPStartup) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C91D20)
[Address] EAT @firefox.exe (DllCanUnloadNow) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B3B)
[Address] EAT @firefox.exe (DllGetClassObject) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BE188E)
[Address] EAT @firefox.exe (DllGetVersion) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2982)
[Address] EAT @firefox.exe (DllRegisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C67DC5)
[Address] EAT @firefox.exe (DllUnregisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6818F)
[Address] EAT @firefox.exe (Migrate10CachedPackagesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C744)
[Address] EAT @firefox.exe (Migrate10CachedPackagesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6E1AC)
[Address] EAT @firefox.exe (MsiAdvertiseProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7257F)
[Address] EAT @firefox.exe (MsiAdvertiseProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C727D7)
[Address] EAT @firefox.exe (MsiAdvertiseProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D6C1)
[Address] EAT @firefox.exe (MsiAdvertiseProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D46F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78A3F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B641)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85903)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81057)
[Address] EAT @firefox.exe (MsiApplyPatchA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72D5D)
[Address] EAT @firefox.exe (MsiApplyPatchW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D943)
[Address] EAT @firefox.exe (MsiBeginTransactionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89441)
[Address] EAT @firefox.exe (MsiBeginTransactionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C839D4)
[Address] EAT @firefox.exe (MsiCloseAllHandles) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C900C3)
[Address] EAT @firefox.exe (MsiCloseHandle) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90015)
[Address] EAT @firefox.exe (MsiCollectUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71C3A)
[Address] EAT @firefox.exe (MsiCollectUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D16F)
[Address] EAT @firefox.exe (MsiConfigureFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71D5A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D70A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E41B)
[Address] EAT @firefox.exe (MsiConfigureFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D2B7)
[Address] EAT @firefox.exe (MsiConfigureProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F256)
[Address] EAT @firefox.exe (MsiConfigureProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DACA)
[Address] EAT @firefox.exe (MsiConfigureProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E891)
[Address] EAT @firefox.exe (MsiConfigureProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F581)
[Address] EAT @firefox.exe (MsiCreateAndVerifyInstallerDirectory) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEB2E1)
[Address] EAT @firefox.exe (MsiCreateRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91514)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C955D1)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948EF)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948A9)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91397)
[Address] EAT @firefox.exe (MsiDatabaseCommit) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90DEB)
[Address] EAT @firefox.exe (MsiDatabaseExportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94792)
[Address] EAT @firefox.exe (MsiDatabaseExportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91008)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9485D)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91270)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945FD)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93C54)
[Address] EAT @firefox.exe (MsiDatabaseImportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9472E)
[Address] EAT @firefox.exe (MsiDatabaseImportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90F1E)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94643)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90C8F)
[Address] EAT @firefox.exe (MsiDatabaseMergeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94817)
[Address] EAT @firefox.exe (MsiDatabaseMergeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91111)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945B7)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C902B7)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DA7B)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC6286)
[Address] EAT @firefox.exe (MsiDeleteUserDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A367)
[Address] EAT @firefox.exe (MsiDeleteUserDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C769EB)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D4C5)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C559)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D9D9)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C9E1)
[Address] EAT @firefox.exe (MsiDoActionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9613D)
[Address] EAT @firefox.exe (MsiDoActionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92D61)
[Address] EAT @firefox.exe (MsiEnableLogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7189B)
[Address] EAT @firefox.exe (MsiEnableLogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6FBE9)
[Address] EAT @firefox.exe (MsiEnableUIPreview) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C939CD)
[Address] EAT @firefox.exe (MsiEndTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83E11)
[Address] EAT @firefox.exe (MsiEnumClientsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEC96)
[Address] EAT @firefox.exe (MsiEnumClientsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85D6E)
[Address] EAT @firefox.exe (MsiEnumClientsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C813A7)
[Address] EAT @firefox.exe (MsiEnumClientsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD3647)
[Address] EAT @firefox.exe (MsiEnumComponentCostsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97847)
[Address] EAT @firefox.exe (MsiEnumComponentCostsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97A95)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CD6D)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD384D)
[Address] EAT @firefox.exe (MsiEnumComponentsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791B9)
[Address] EAT @firefox.exe (MsiEnumComponentsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85B08)
[Address] EAT @firefox.exe (MsiEnumComponentsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8121D)
[Address] EAT @firefox.exe (MsiEnumComponentsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7BA57)
[Address] EAT @firefox.exe (MsiEnumFeaturesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79C04)
[Address] EAT @firefox.exe (MsiEnumFeaturesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C259)
[Address] EAT @firefox.exe (MsiEnumPatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C897EB)
[Address] EAT @firefox.exe (MsiEnumPatchesExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84897)
[Address] EAT @firefox.exe (MsiEnumPatchesExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80E79)
[Address] EAT @firefox.exe (MsiEnumPatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8468E)
[Address] EAT @firefox.exe (MsiEnumProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79175)
[Address] EAT @firefox.exe (MsiEnumProductsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86313)
[Address] EAT @firefox.exe (MsiEnumProductsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81729)
[Address] EAT @firefox.exe (MsiEnumProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD559D)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79109)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B9EB)
[Address] EAT @firefox.exe (MsiEvaluateConditionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C961C6)
[Address] EAT @firefox.exe (MsiEvaluateConditionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C930C1)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84FAE)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84C22)
[Address] EAT @firefox.exe (MsiFormatRecordA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92A73)
[Address] EAT @firefox.exe (MsiFormatRecordW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92BF9)
[Address] EAT @firefox.exe (MsiGetActiveDatabase) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92639)
[Address] EAT @firefox.exe (MsiGetComponentPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7EEBD)
[Address] EAT @firefox.exe (MsiGetComponentPathExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86053)
[Address] EAT @firefox.exe (MsiGetComponentPathExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81559)
[Address] EAT @firefox.exe (MsiGetComponentPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC62DD)
[Address] EAT @firefox.exe (MsiGetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C971E3)
[Address] EAT @firefox.exe (MsiGetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C972DC)
[Address] EAT @firefox.exe (MsiGetDatabaseState) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90ED9)
[Address] EAT @firefox.exe (MsiGetFeatureCostA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C975FD)
[Address] EAT @firefox.exe (MsiGetFeatureCostW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97702)
[Address] EAT @firefox.exe (MsiGetFeatureInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70D1A)
[Address] EAT @firefox.exe (MsiGetFeatureInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F5EE)
[Address] EAT @firefox.exe (MsiGetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96CD5)
[Address] EAT @firefox.exe (MsiGetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96DC3)
[Address] EAT @firefox.exe (MsiGetFeatureUsageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A111)
[Address] EAT @firefox.exe (MsiGetFeatureUsageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C9BD)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97CC5)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C936EC)
[Address] EAT @firefox.exe (MsiGetFileHashA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71214)
[Address] EAT @firefox.exe (MsiGetFileHashW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA49)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7128C)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA9F)
[Address] EAT @firefox.exe (MsiGetFileVersionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70EF8)
[Address] EAT @firefox.exe (MsiGetFileVersionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73D2F)
[Address] EAT @firefox.exe (MsiGetLanguage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92727)
[Address] EAT @firefox.exe (MsiGetLastErrorRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D69)
[Address] EAT @firefox.exe (MsiGetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9279F)
[Address] EAT @firefox.exe (MsiGetPatchFileListA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D25D)
[Address] EAT @firefox.exe (MsiGetPatchFileListW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C88B6E)
[Address] EAT @firefox.exe (MsiGetPatchInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A24F)
[Address] EAT @firefox.exe (MsiGetPatchInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C855E9)
[Address] EAT @firefox.exe (MsiGetPatchInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85177)
[Address] EAT @firefox.exe (MsiGetPatchInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CAFB)
[Address] EAT @firefox.exe (MsiGetProductCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEADC)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7ED5F)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F353)
[Address] EAT @firefox.exe (MsiGetProductCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEE6C)
[Address] EAT @firefox.exe (MsiGetProductInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D362)
[Address] EAT @firefox.exe (MsiGetProductInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C865DE)
[Address] EAT @firefox.exe (MsiGetProductInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C818FF)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70880)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F132)
[Address] EAT @firefox.exe (MsiGetProductInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4273)
[Address] EAT @firefox.exe (MsiGetProductPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70B90)
[Address] EAT @firefox.exe (MsiGetProductPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F48B)
[Address] EAT @firefox.exe (MsiGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9596D)
[Address] EAT @firefox.exe (MsiGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95BA3)
[Address] EAT @firefox.exe (MsiGetShortcutTargetA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72A58)
[Address] EAT @firefox.exe (MsiGetShortcutTargetW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74689)
[Address] EAT @firefox.exe (MsiGetSourcePathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96209)
[Address] EAT @firefox.exe (MsiGetSourcePathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9640D)
[Address] EAT @firefox.exe (MsiGetSummaryInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C958BD)
[Address] EAT @firefox.exe (MsiGetSummaryInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94293)
[Address] EAT @firefox.exe (MsiGetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C965F5)
[Address] EAT @firefox.exe (MsiGetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C967F9)
[Address] EAT @firefox.exe (MsiGetUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791FE)
[Address] EAT @firefox.exe (MsiGetUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEE466)
[Address] EAT @firefox.exe (MsiInstallMissingComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C722C7)
[Address] EAT @firefox.exe (MsiInstallMissingComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C743D9)
[Address] EAT @firefox.exe (MsiInstallMissingFileA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72067)
[Address] EAT @firefox.exe (MsiInstallMissingFileW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74179)
[Address] EAT @firefox.exe (MsiInstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7197E)
[Address] EAT @firefox.exe (MsiInstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE4B)
[Address] EAT @firefox.exe (MsiInvalidateFeatureCache) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C2D1D3)
[Address] EAT @firefox.exe (MsiIsProductElevatedA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73306)
[Address] EAT @firefox.exe (MsiIsProductElevatedW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74A5D)
[Address] EAT @firefox.exe (MsiJoinTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83FEB)
[Address] EAT @firefox.exe (MsiLoadStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7141F)
[Address] EAT @firefox.exe (MsiLoadStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BDAE09)
[Address] EAT @firefox.exe (MsiLocateComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F19F)
[Address] EAT @firefox.exe (MsiLocateComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F4CA)
[Address] EAT @firefox.exe (MsiMessageBoxA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C716DA)
[Address] EAT @firefox.exe (MsiMessageBoxExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71528)
[Address] EAT @firefox.exe (MsiMessageBoxExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CCB1)
[Address] EAT @firefox.exe (MsiMessageBoxW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE24)
[Address] EAT @firefox.exe (MsiNotifySidChangeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A306)
[Address] EAT @firefox.exe (MsiNotifySidChangeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7501B)
[Address] EAT @firefox.exe (MsiOpenDatabaseA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94691)
[Address] EAT @firefox.exe (MsiOpenDatabaseW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93D8D)
[Address] EAT @firefox.exe (MsiOpenPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6EDC0)
[Address] EAT @firefox.exe (MsiOpenPackageExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C63E)
[Address] EAT @firefox.exe (MsiOpenPackageExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C8E9)
[Address] EAT @firefox.exe (MsiOpenPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F7AB)
[Address] EAT @firefox.exe (MsiOpenProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78BF2)
[Address] EAT @firefox.exe (MsiOpenProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B857)
[Address] EAT @firefox.exe (MsiPreviewBillboardA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D4E)
[Address] EAT @firefox.exe (MsiPreviewBillboardW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93AEA)
[Address] EAT @firefox.exe (MsiPreviewDialogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D0B)
[Address] EAT @firefox.exe (MsiPreviewDialogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93A96)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CBB2)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DF39)
[Address] EAT @firefox.exe (MsiProcessMessage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92F51)
[Address] EAT @firefox.exe (MsiProvideAssemblyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FD5D)
[Address] EAT @firefox.exe (MsiProvideAssemblyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80765)
[Address] EAT @firefox.exe (MsiProvideComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F7B9)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FAB3)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4F84)
[Address] EAT @firefox.exe (MsiProvideComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8030C)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEC385)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BED411)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8A47)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8C86)
[Address] EAT @firefox.exe (MsiQueryComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8687C)
[Address] EAT @firefox.exe (MsiQueryComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81AE1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F6F1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86A94)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81CD9)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FC02)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8057D)
[Address] EAT @firefox.exe (MsiQueryFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC617D)
[Address] EAT @firefox.exe (MsiQueryProductStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D45D)
[Address] EAT @firefox.exe (MsiQueryProductStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD49FE)
[Address] EAT @firefox.exe (MsiRecordClearData) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D27)
[Address] EAT @firefox.exe (MsiRecordDataSize) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C916E5)
[Address] EAT @firefox.exe (MsiRecordGetFieldCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91916)
[Address] EAT @firefox.exe (MsiRecordGetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C918B5)
[Address] EAT @firefox.exe (MsiRecordGetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93F1D)
[Address] EAT @firefox.exe (MsiRecordGetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C940CC)
[Address] EAT @firefox.exe (MsiRecordIsNull) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C915F5)
[Address] EAT @firefox.exe (MsiRecordReadStream) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91B6D)
[Address] EAT @firefox.exe (MsiRecordSetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C917C2)
[Address] EAT @firefox.exe (MsiRecordSetStreamA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95877)
[Address] EAT @firefox.exe (MsiRecordSetStreamW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91A03)
[Address] EAT @firefox.exe (MsiRecordSetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9561D)
[Address] EAT @firefox.exe (MsiRecordSetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9572E)
[Address] EAT @firefox.exe (MsiReinstallFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71EDE)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D8C2)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E657)
[Address] EAT @firefox.exe (MsiReinstallFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD8C24)
[Address] EAT @firefox.exe (MsiReinstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71AFE)
[Address] EAT @firefox.exe (MsiReinstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CFF1)
[Address] EAT @firefox.exe (MsiRemovePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89606)
[Address] EAT @firefox.exe (MsiRemovePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83702)
[Address] EAT @firefox.exe (MsiSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96180)
[Address] EAT @firefox.exe (MsiSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92E4B)
[Address] EAT @firefox.exe (MsiSetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C973EB)
[Address] EAT @firefox.exe (MsiSetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C974E5)
[Address] EAT @firefox.exe (MsiSetExternalUIA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C72F)
[Address] EAT @firefox.exe (MsiSetExternalUIRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8336B)
[Address] EAT @firefox.exe (MsiSetExternalUIW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4E86)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97001)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C970B4)
[Address] EAT @firefox.exe (MsiSetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96E2D)
[Address] EAT @firefox.exe (MsiSetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96EDF)
[Address] EAT @firefox.exe (MsiSetInstallLevel) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93424)
[Address] EAT @firefox.exe (MsiSetInternalUI) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4FE6)
[Address] EAT @firefox.exe (MsiSetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C928BB)
[Address] EAT @firefox.exe (MsiSetOfflineContextW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C98485)
[Address] EAT @firefox.exe (MsiSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95DC1)
[Address] EAT @firefox.exe (MsiSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95F85)
[Address] EAT @firefox.exe (MsiSetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C969DD)
[Address] EAT @firefox.exe (MsiSetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96B61)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87136)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82165)
[Address] EAT @firefox.exe (MsiSourceListAddSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73037)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86F13)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81F43)
[Address] EAT @firefox.exe (MsiSourceListAddSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DC51)
[Address] EAT @firefox.exe (MsiSourceListClearAllA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72EF0)
[Address] EAT @firefox.exe (MsiSourceListClearAllExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87875)
[Address] EAT @firefox.exe (MsiSourceListClearAllExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8281B)
[Address] EAT @firefox.exe (MsiSourceListClearAllW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DAEB)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8764A)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8260D)
[Address] EAT @firefox.exe (MsiSourceListClearSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87436)
[Address] EAT @firefox.exe (MsiSourceListClearSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82405)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8834E)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C831B5)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87C4B)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82C07)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C731B8)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87A6C)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82A09)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DDDB)
[Address] EAT @firefox.exe (MsiSourceListGetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87E30)
[Address] EAT @firefox.exe (MsiSourceListGetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82DB5)
[Address] EAT @firefox.exe (MsiSourceListSetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C880F8)
[Address] EAT @firefox.exe (MsiSourceListSetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82FAB)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C921B9)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91E3D)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9238B)
[Address] EAT @firefox.exe (MsiSummaryInfoPersist) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92551)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95906)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91F2B)
[Address] EAT @firefox.exe (MsiUseFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80D83)
[Address] EAT @firefox.exe (MsiUseFeatureExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F9E8)
[Address] EAT @firefox.exe (MsiUseFeatureExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4D3A)
[Address] EAT @firefox.exe (MsiUseFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80DA0)
[Address] EAT @firefox.exe (MsiVerifyDiskSpace) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93863)
[Address] EAT @firefox.exe (MsiVerifyPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C707AA)
[Address] EAT @firefox.exe (MsiVerifyPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F097)
[Address] EAT @firefox.exe (MsiViewClose) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90BAF)
[Address] EAT @firefox.exe (MsiViewExecute) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9070F)
[Address] EAT @firefox.exe (MsiViewFetch) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90833)
[Address] EAT @firefox.exe (MsiViewGetColumnInfo) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90A91)
[Address] EAT @firefox.exe (MsiViewGetErrorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C903F1)
[Address] EAT @firefox.exe (MsiViewGetErrorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C905CE)
[Address] EAT @firefox.exe (MsiViewModify) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9093F)
[Address] EAT @firefox.exe (QueryInstanceCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B2A)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_224214.txt >>
RKreport[0]_D_04162014_205909.txt;RKreport[0]_S_04162014_205107.txt
j'ai fait suppression et voici le rapport :
RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Administrateur [Droits d'admin]
Mode : Recherche -- Date : 04/16/2014 22:42:14
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A73FC)
[Address] EAT @explorer.exe (CoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF755660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7580A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7446A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7443C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF720810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7953D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF759CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF712460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF758DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7551B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7456A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF721490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF757C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF754044)
[Address] EAT @explorer.exe (CopyBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3020)
[Address] EAT @explorer.exe (CopyStgMedium) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF71BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7686C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7368E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF713660)
[Address] EAT @explorer.exe (CreateURLMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7178D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7540F0)
[Address] EAT @explorer.exe (CreateUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7116F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF711600)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF75AB3C)
[Address] EAT @explorer.exe (DllInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792458)
[Address] EAT @explorer.exe (DllRegisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792470)
[Address] EAT @explorer.exe (Extract) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF746B60)
[Address] EAT @explorer.exe (FindMediaType) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF736080)
[Address] EAT @explorer.exe (FindMimeFromData) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7550BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D02B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76B8EC)
[Address] EAT @explorer.exe (GetClassURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D8B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EA4)
[Address] EAT @explorer.exe (GetPropertyName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF716D90)
[Address] EAT @explorer.exe (HlinkGoBack) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A12FC)
[Address] EAT @explorer.exe (IEDllLoader) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7926F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3244)
[Address] EAT @explorer.exe (IEInstallScope) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7521FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0668)
[Address] EAT @explorer.exe (IsJITInProgress) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8688)
[Address] EAT @explorer.exe (IsStringProperty) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF791ED4)
[Address] EAT @explorer.exe (IsValidURL) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF747610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7692F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A7560)
[Address] EAT @explorer.exe (QueryAssociations) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF72E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF751C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7920C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF748C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF717D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7922CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7A3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF79DE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF753A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7D0820)
[Address] EAT @explorer.exe (URLDownloadA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF795D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF76C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF792804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF723E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF74D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF73A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C85D0)
[Address] EAT @explorer.exe (ZonesReInit) : WININET.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFF7C9C30)
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A38A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A57E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A99D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A94D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A9D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A91EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A92A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A1960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5AA358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A87D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A3D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A4470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A6760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A78A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A5F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A71A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A7644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A81B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xFA5A8B58)
[Address] EAT @firefox.exe (DllMain) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C916E4)
[Address] EAT @firefox.exe (NSPStartup) : api-ms-win-downlevel-advapi32-l2-1-0.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x71C91D20)
[Address] EAT @firefox.exe (DllCanUnloadNow) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B3B)
[Address] EAT @firefox.exe (DllGetClassObject) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BE188E)
[Address] EAT @firefox.exe (DllGetVersion) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2982)
[Address] EAT @firefox.exe (DllRegisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C67DC5)
[Address] EAT @firefox.exe (DllUnregisterServer) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6818F)
[Address] EAT @firefox.exe (Migrate10CachedPackagesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C744)
[Address] EAT @firefox.exe (Migrate10CachedPackagesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6E1AC)
[Address] EAT @firefox.exe (MsiAdvertiseProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7257F)
[Address] EAT @firefox.exe (MsiAdvertiseProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C727D7)
[Address] EAT @firefox.exe (MsiAdvertiseProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D6C1)
[Address] EAT @firefox.exe (MsiAdvertiseProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D46F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78A3F)
[Address] EAT @firefox.exe (MsiAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B641)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85903)
[Address] EAT @firefox.exe (MsiApplyMultiplePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81057)
[Address] EAT @firefox.exe (MsiApplyPatchA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72D5D)
[Address] EAT @firefox.exe (MsiApplyPatchW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D943)
[Address] EAT @firefox.exe (MsiBeginTransactionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89441)
[Address] EAT @firefox.exe (MsiBeginTransactionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C839D4)
[Address] EAT @firefox.exe (MsiCloseAllHandles) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C900C3)
[Address] EAT @firefox.exe (MsiCloseHandle) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90015)
[Address] EAT @firefox.exe (MsiCollectUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71C3A)
[Address] EAT @firefox.exe (MsiCollectUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D16F)
[Address] EAT @firefox.exe (MsiConfigureFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71D5A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D70A)
[Address] EAT @firefox.exe (MsiConfigureFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E41B)
[Address] EAT @firefox.exe (MsiConfigureFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6D2B7)
[Address] EAT @firefox.exe (MsiConfigureProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F256)
[Address] EAT @firefox.exe (MsiConfigureProductExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DACA)
[Address] EAT @firefox.exe (MsiConfigureProductExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E891)
[Address] EAT @firefox.exe (MsiConfigureProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F581)
[Address] EAT @firefox.exe (MsiCreateAndVerifyInstallerDirectory) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEB2E1)
[Address] EAT @firefox.exe (MsiCreateRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91514)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C955D1)
[Address] EAT @firefox.exe (MsiCreateTransformSummaryInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948EF)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C948A9)
[Address] EAT @firefox.exe (MsiDatabaseApplyTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91397)
[Address] EAT @firefox.exe (MsiDatabaseCommit) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90DEB)
[Address] EAT @firefox.exe (MsiDatabaseExportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94792)
[Address] EAT @firefox.exe (MsiDatabaseExportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91008)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9485D)
[Address] EAT @firefox.exe (MsiDatabaseGenerateTransformW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91270)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945FD)
[Address] EAT @firefox.exe (MsiDatabaseGetPrimaryKeysW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93C54)
[Address] EAT @firefox.exe (MsiDatabaseImportA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9472E)
[Address] EAT @firefox.exe (MsiDatabaseImportW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90F1E)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94643)
[Address] EAT @firefox.exe (MsiDatabaseIsTablePersistentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90C8F)
[Address] EAT @firefox.exe (MsiDatabaseMergeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94817)
[Address] EAT @firefox.exe (MsiDatabaseMergeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91111)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C945B7)
[Address] EAT @firefox.exe (MsiDatabaseOpenViewW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C902B7)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DA7B)
[Address] EAT @firefox.exe (MsiDecomposeDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC6286)
[Address] EAT @firefox.exe (MsiDeleteUserDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A367)
[Address] EAT @firefox.exe (MsiDeleteUserDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C769EB)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D4C5)
[Address] EAT @firefox.exe (MsiDetermineApplicablePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C559)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D9D9)
[Address] EAT @firefox.exe (MsiDeterminePatchSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8C9E1)
[Address] EAT @firefox.exe (MsiDoActionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9613D)
[Address] EAT @firefox.exe (MsiDoActionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92D61)
[Address] EAT @firefox.exe (MsiEnableLogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7189B)
[Address] EAT @firefox.exe (MsiEnableLogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6FBE9)
[Address] EAT @firefox.exe (MsiEnableUIPreview) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C939CD)
[Address] EAT @firefox.exe (MsiEndTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83E11)
[Address] EAT @firefox.exe (MsiEnumClientsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEC96)
[Address] EAT @firefox.exe (MsiEnumClientsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85D6E)
[Address] EAT @firefox.exe (MsiEnumClientsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C813A7)
[Address] EAT @firefox.exe (MsiEnumClientsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD3647)
[Address] EAT @firefox.exe (MsiEnumComponentCostsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97847)
[Address] EAT @firefox.exe (MsiEnumComponentCostsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97A95)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CD6D)
[Address] EAT @firefox.exe (MsiEnumComponentQualifiersW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD384D)
[Address] EAT @firefox.exe (MsiEnumComponentsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791B9)
[Address] EAT @firefox.exe (MsiEnumComponentsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85B08)
[Address] EAT @firefox.exe (MsiEnumComponentsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8121D)
[Address] EAT @firefox.exe (MsiEnumComponentsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7BA57)
[Address] EAT @firefox.exe (MsiEnumFeaturesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79C04)
[Address] EAT @firefox.exe (MsiEnumFeaturesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C259)
[Address] EAT @firefox.exe (MsiEnumPatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C897EB)
[Address] EAT @firefox.exe (MsiEnumPatchesExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84897)
[Address] EAT @firefox.exe (MsiEnumPatchesExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80E79)
[Address] EAT @firefox.exe (MsiEnumPatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8468E)
[Address] EAT @firefox.exe (MsiEnumProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79175)
[Address] EAT @firefox.exe (MsiEnumProductsExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86313)
[Address] EAT @firefox.exe (MsiEnumProductsExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81729)
[Address] EAT @firefox.exe (MsiEnumProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD559D)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C79109)
[Address] EAT @firefox.exe (MsiEnumRelatedProductsW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B9EB)
[Address] EAT @firefox.exe (MsiEvaluateConditionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C961C6)
[Address] EAT @firefox.exe (MsiEvaluateConditionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C930C1)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84FAE)
[Address] EAT @firefox.exe (MsiExtractPatchXMLDataW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C84C22)
[Address] EAT @firefox.exe (MsiFormatRecordA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92A73)
[Address] EAT @firefox.exe (MsiFormatRecordW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92BF9)
[Address] EAT @firefox.exe (MsiGetActiveDatabase) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92639)
[Address] EAT @firefox.exe (MsiGetComponentPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7EEBD)
[Address] EAT @firefox.exe (MsiGetComponentPathExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86053)
[Address] EAT @firefox.exe (MsiGetComponentPathExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81559)
[Address] EAT @firefox.exe (MsiGetComponentPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC62DD)
[Address] EAT @firefox.exe (MsiGetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C971E3)
[Address] EAT @firefox.exe (MsiGetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C972DC)
[Address] EAT @firefox.exe (MsiGetDatabaseState) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90ED9)
[Address] EAT @firefox.exe (MsiGetFeatureCostA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C975FD)
[Address] EAT @firefox.exe (MsiGetFeatureCostW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97702)
[Address] EAT @firefox.exe (MsiGetFeatureInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70D1A)
[Address] EAT @firefox.exe (MsiGetFeatureInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F5EE)
[Address] EAT @firefox.exe (MsiGetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96CD5)
[Address] EAT @firefox.exe (MsiGetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96DC3)
[Address] EAT @firefox.exe (MsiGetFeatureUsageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A111)
[Address] EAT @firefox.exe (MsiGetFeatureUsageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7C9BD)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97CC5)
[Address] EAT @firefox.exe (MsiGetFeatureValidStatesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C936EC)
[Address] EAT @firefox.exe (MsiGetFileHashA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71214)
[Address] EAT @firefox.exe (MsiGetFileHashW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA49)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7128C)
[Address] EAT @firefox.exe (MsiGetFileSignatureInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CA9F)
[Address] EAT @firefox.exe (MsiGetFileVersionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70EF8)
[Address] EAT @firefox.exe (MsiGetFileVersionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73D2F)
[Address] EAT @firefox.exe (MsiGetLanguage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92727)
[Address] EAT @firefox.exe (MsiGetLastErrorRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D69)
[Address] EAT @firefox.exe (MsiGetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9279F)
[Address] EAT @firefox.exe (MsiGetPatchFileListA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8D25D)
[Address] EAT @firefox.exe (MsiGetPatchFileListW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C88B6E)
[Address] EAT @firefox.exe (MsiGetPatchInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A24F)
[Address] EAT @firefox.exe (MsiGetPatchInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C855E9)
[Address] EAT @firefox.exe (MsiGetPatchInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C85177)
[Address] EAT @firefox.exe (MsiGetPatchInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CAFB)
[Address] EAT @firefox.exe (MsiGetProductCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEADC)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7ED5F)
[Address] EAT @firefox.exe (MsiGetProductCodeFromPackageCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F353)
[Address] EAT @firefox.exe (MsiGetProductCodeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEEE6C)
[Address] EAT @firefox.exe (MsiGetProductInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D362)
[Address] EAT @firefox.exe (MsiGetProductInfoExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C865DE)
[Address] EAT @firefox.exe (MsiGetProductInfoExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C818FF)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70880)
[Address] EAT @firefox.exe (MsiGetProductInfoFromScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F132)
[Address] EAT @firefox.exe (MsiGetProductInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4273)
[Address] EAT @firefox.exe (MsiGetProductPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C70B90)
[Address] EAT @firefox.exe (MsiGetProductPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F48B)
[Address] EAT @firefox.exe (MsiGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9596D)
[Address] EAT @firefox.exe (MsiGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95BA3)
[Address] EAT @firefox.exe (MsiGetShortcutTargetA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72A58)
[Address] EAT @firefox.exe (MsiGetShortcutTargetW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74689)
[Address] EAT @firefox.exe (MsiGetSourcePathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96209)
[Address] EAT @firefox.exe (MsiGetSourcePathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9640D)
[Address] EAT @firefox.exe (MsiGetSummaryInformationA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C958BD)
[Address] EAT @firefox.exe (MsiGetSummaryInformationW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94293)
[Address] EAT @firefox.exe (MsiGetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C965F5)
[Address] EAT @firefox.exe (MsiGetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C967F9)
[Address] EAT @firefox.exe (MsiGetUserInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C791FE)
[Address] EAT @firefox.exe (MsiGetUserInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEE466)
[Address] EAT @firefox.exe (MsiInstallMissingComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C722C7)
[Address] EAT @firefox.exe (MsiInstallMissingComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C743D9)
[Address] EAT @firefox.exe (MsiInstallMissingFileA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72067)
[Address] EAT @firefox.exe (MsiInstallMissingFileW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74179)
[Address] EAT @firefox.exe (MsiInstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7197E)
[Address] EAT @firefox.exe (MsiInstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE4B)
[Address] EAT @firefox.exe (MsiInvalidateFeatureCache) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C2D1D3)
[Address] EAT @firefox.exe (MsiIsProductElevatedA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73306)
[Address] EAT @firefox.exe (MsiIsProductElevatedW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C74A5D)
[Address] EAT @firefox.exe (MsiJoinTransaction) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83FEB)
[Address] EAT @firefox.exe (MsiLoadStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7141F)
[Address] EAT @firefox.exe (MsiLoadStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BDAE09)
[Address] EAT @firefox.exe (MsiLocateComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F19F)
[Address] EAT @firefox.exe (MsiLocateComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F4CA)
[Address] EAT @firefox.exe (MsiMessageBoxA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C716DA)
[Address] EAT @firefox.exe (MsiMessageBoxExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71528)
[Address] EAT @firefox.exe (MsiMessageBoxExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CCB1)
[Address] EAT @firefox.exe (MsiMessageBoxW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CE24)
[Address] EAT @firefox.exe (MsiNotifySidChangeA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7A306)
[Address] EAT @firefox.exe (MsiNotifySidChangeW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7501B)
[Address] EAT @firefox.exe (MsiOpenDatabaseA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C94691)
[Address] EAT @firefox.exe (MsiOpenDatabaseW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93D8D)
[Address] EAT @firefox.exe (MsiOpenPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6EDC0)
[Address] EAT @firefox.exe (MsiOpenPackageExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C63E)
[Address] EAT @firefox.exe (MsiOpenPackageExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C8E9)
[Address] EAT @firefox.exe (MsiOpenPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F7AB)
[Address] EAT @firefox.exe (MsiOpenProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C78BF2)
[Address] EAT @firefox.exe (MsiOpenProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7B857)
[Address] EAT @firefox.exe (MsiPreviewBillboardA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D4E)
[Address] EAT @firefox.exe (MsiPreviewBillboardW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93AEA)
[Address] EAT @firefox.exe (MsiPreviewDialogA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97D0B)
[Address] EAT @firefox.exe (MsiPreviewDialogW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93A96)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7CBB2)
[Address] EAT @firefox.exe (MsiProcessAdvertiseScriptW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7DF39)
[Address] EAT @firefox.exe (MsiProcessMessage) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92F51)
[Address] EAT @firefox.exe (MsiProvideAssemblyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FD5D)
[Address] EAT @firefox.exe (MsiProvideAssemblyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80765)
[Address] EAT @firefox.exe (MsiProvideComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F7B9)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FAB3)
[Address] EAT @firefox.exe (MsiProvideComponentFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4F84)
[Address] EAT @firefox.exe (MsiProvideComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8030C)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BEC385)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BED411)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8A47)
[Address] EAT @firefox.exe (MsiProvideQualifiedComponentW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC8C86)
[Address] EAT @firefox.exe (MsiQueryComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8687C)
[Address] EAT @firefox.exe (MsiQueryComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81AE1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F6F1)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86A94)
[Address] EAT @firefox.exe (MsiQueryFeatureStateExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81CD9)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7FC02)
[Address] EAT @firefox.exe (MsiQueryFeatureStateFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8057D)
[Address] EAT @firefox.exe (MsiQueryFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BC617D)
[Address] EAT @firefox.exe (MsiQueryProductStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D45D)
[Address] EAT @firefox.exe (MsiQueryProductStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD49FE)
[Address] EAT @firefox.exe (MsiRecordClearData) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91D27)
[Address] EAT @firefox.exe (MsiRecordDataSize) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C916E5)
[Address] EAT @firefox.exe (MsiRecordGetFieldCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91916)
[Address] EAT @firefox.exe (MsiRecordGetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C918B5)
[Address] EAT @firefox.exe (MsiRecordGetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93F1D)
[Address] EAT @firefox.exe (MsiRecordGetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C940CC)
[Address] EAT @firefox.exe (MsiRecordIsNull) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C915F5)
[Address] EAT @firefox.exe (MsiRecordReadStream) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91B6D)
[Address] EAT @firefox.exe (MsiRecordSetInteger) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C917C2)
[Address] EAT @firefox.exe (MsiRecordSetStreamA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95877)
[Address] EAT @firefox.exe (MsiRecordSetStreamW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91A03)
[Address] EAT @firefox.exe (MsiRecordSetStringA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9561D)
[Address] EAT @firefox.exe (MsiRecordSetStringW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9572E)
[Address] EAT @firefox.exe (MsiReinstallFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71EDE)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7D8C2)
[Address] EAT @firefox.exe (MsiReinstallFeatureFromDescriptorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7E657)
[Address] EAT @firefox.exe (MsiReinstallFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD8C24)
[Address] EAT @firefox.exe (MsiReinstallProductA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C71AFE)
[Address] EAT @firefox.exe (MsiReinstallProductW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6CFF1)
[Address] EAT @firefox.exe (MsiRemovePatchesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C89606)
[Address] EAT @firefox.exe (MsiRemovePatchesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C83702)
[Address] EAT @firefox.exe (MsiSequenceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96180)
[Address] EAT @firefox.exe (MsiSequenceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92E4B)
[Address] EAT @firefox.exe (MsiSetComponentStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C973EB)
[Address] EAT @firefox.exe (MsiSetComponentStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C974E5)
[Address] EAT @firefox.exe (MsiSetExternalUIA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6C72F)
[Address] EAT @firefox.exe (MsiSetExternalUIRecord) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8336B)
[Address] EAT @firefox.exe (MsiSetExternalUIW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4E86)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C97001)
[Address] EAT @firefox.exe (MsiSetFeatureAttributesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C970B4)
[Address] EAT @firefox.exe (MsiSetFeatureStateA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96E2D)
[Address] EAT @firefox.exe (MsiSetFeatureStateW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96EDF)
[Address] EAT @firefox.exe (MsiSetInstallLevel) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93424)
[Address] EAT @firefox.exe (MsiSetInternalUI) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4FE6)
[Address] EAT @firefox.exe (MsiSetMode) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C928BB)
[Address] EAT @firefox.exe (MsiSetOfflineContextW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C98485)
[Address] EAT @firefox.exe (MsiSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95DC1)
[Address] EAT @firefox.exe (MsiSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95F85)
[Address] EAT @firefox.exe (MsiSetTargetPathA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C969DD)
[Address] EAT @firefox.exe (MsiSetTargetPathW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C96B61)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87136)
[Address] EAT @firefox.exe (MsiSourceListAddMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82165)
[Address] EAT @firefox.exe (MsiSourceListAddSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C73037)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C86F13)
[Address] EAT @firefox.exe (MsiSourceListAddSourceExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C81F43)
[Address] EAT @firefox.exe (MsiSourceListAddSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DC51)
[Address] EAT @firefox.exe (MsiSourceListClearAllA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C72EF0)
[Address] EAT @firefox.exe (MsiSourceListClearAllExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87875)
[Address] EAT @firefox.exe (MsiSourceListClearAllExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8281B)
[Address] EAT @firefox.exe (MsiSourceListClearAllW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DAEB)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8764A)
[Address] EAT @firefox.exe (MsiSourceListClearMediaDiskW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8260D)
[Address] EAT @firefox.exe (MsiSourceListClearSourceA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87436)
[Address] EAT @firefox.exe (MsiSourceListClearSourceW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82405)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C8834E)
[Address] EAT @firefox.exe (MsiSourceListEnumMediaDisksW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C831B5)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87C4B)
[Address] EAT @firefox.exe (MsiSourceListEnumSourcesW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82C07)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C731B8)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87A6C)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82A09)
[Address] EAT @firefox.exe (MsiSourceListForceResolutionW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6DDDB)
[Address] EAT @firefox.exe (MsiSourceListGetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C87E30)
[Address] EAT @firefox.exe (MsiSourceListGetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82DB5)
[Address] EAT @firefox.exe (MsiSourceListSetInfoA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C880F8)
[Address] EAT @firefox.exe (MsiSourceListSetInfoW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C82FAB)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C921B9)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91E3D)
[Address] EAT @firefox.exe (MsiSummaryInfoGetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9238B)
[Address] EAT @firefox.exe (MsiSummaryInfoPersist) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C92551)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C95906)
[Address] EAT @firefox.exe (MsiSummaryInfoSetPropertyW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C91F2B)
[Address] EAT @firefox.exe (MsiUseFeatureA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80D83)
[Address] EAT @firefox.exe (MsiUseFeatureExA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C7F9E8)
[Address] EAT @firefox.exe (MsiUseFeatureExW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD4D3A)
[Address] EAT @firefox.exe (MsiUseFeatureW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C80DA0)
[Address] EAT @firefox.exe (MsiVerifyDiskSpace) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C93863)
[Address] EAT @firefox.exe (MsiVerifyPackageA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C707AA)
[Address] EAT @firefox.exe (MsiVerifyPackageW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C6F097)
[Address] EAT @firefox.exe (MsiViewClose) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90BAF)
[Address] EAT @firefox.exe (MsiViewExecute) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9070F)
[Address] EAT @firefox.exe (MsiViewFetch) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90833)
[Address] EAT @firefox.exe (MsiViewGetColumnInfo) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C90A91)
[Address] EAT @firefox.exe (MsiViewGetErrorA) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C903F1)
[Address] EAT @firefox.exe (MsiViewGetErrorW) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C905CE)
[Address] EAT @firefox.exe (MsiViewModify) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72C9093F)
[Address] EAT @firefox.exe (QueryInstanceCount) : MSVCR90.dll -> HOOKED (C:\Windows\SysWOW64\msi.dll @ 0x72BD2B2A)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] f2bfff68032b4cdd609ad1bba6cfbe59
[BSP] 6bd99482b59c8c78a7772384e0f1e68f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462251 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947099648 | Size: 14385 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_04162014_224214.txt >>
RKreport[0]_D_04162014_205909.txt;RKreport[0]_S_04162014_205107.txt
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
17 avril 2014 à 07:35
17 avril 2014 à 07:35
salut
ok, fait ceci et poste le rapport via 1 copier/coller
http://www.sosvirus.net/viewtopic.php?f=281&t=937
merci
@+
ok, fait ceci et poste le rapport via 1 copier/coller
http://www.sosvirus.net/viewtopic.php?f=281&t=937
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
17 avril 2014 à 19:09
17 avril 2014 à 19:09
Bonjour,
voici le rapport :
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:02:33 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2456 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 15 Go (12 Go libre(s) - 76%) [REMYS] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 468)
C:\Windows\system32\wininit.exe (ID: 548 |ParentID: 468)
C:\Windows\system32\csrss.exe (ID: 568 |ParentID: 556)
C:\Windows\system32\services.exe (ID: 612 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 644 |ParentID: 548)
C:\Windows\system32\winlogon.exe (ID: 652 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 660 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 888 |ParentID: 612)
C:\Windows\system32\atiesrxx.exe (ID: 936 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 444 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 472 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 436 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1096 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 612)
C:\Windows\system32\atieclxx.exe (ID: 1204 |ParentID: 936)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1364 |ParentID: 612)
C:\Windows\system32\WLANExt.exe (ID: 1372 |ParentID: 444)
C:\Windows\system32\conhost.exe (ID: 1380 |ParentID: 476)
C:\Windows\System32\spoolsv.exe (ID: 1612 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 612)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1832 |ParentID: 612)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1860 |ParentID: 612)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1884 |ParentID: 612)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1920 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1980 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2004 |ParentID: 612)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2036 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1188 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1528 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1512 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1040 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2124 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2472 |ParentID: 2124)
C:\Windows\system32\SearchIndexer.exe (ID: 2784 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 2804 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 2532 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (ID: 2088 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (ID: 1132 |ParentID: 2088)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2388 |ParentID: 612)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1848 |ParentID: 612)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2948 |ParentID: 788)
C:\Windows\system32\taskhost.exe (ID: 1668 |ParentID: 612)
C:\Windows\system32\Dwm.exe (ID: 3724 |ParentID: 444)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3896 |ParentID: 1512)
C:\Windows\Explorer.EXE (ID: 3900 |ParentID: 3260)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 904 |ParentID: 3900)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3560 |ParentID: 3900)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1768 |ParentID: 3900)
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (ID: 4084 |ParentID: 3900)
C:\Windows\System32\hkcmd.exe (ID: 3164 |ParentID: 3900)
C:\Windows\System32\igfxpers.exe (ID: 3292 |ParentID: 3900)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 3748 |ParentID: 3900)
C:\Windows\system32\igfxsrvc.exe (ID: 3180 |ParentID: 788)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 728 |ParentID: 3900)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3920 |ParentID: 3900)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3552 |ParentID: 3940)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ID: 3848 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 984 |ParentID: 3140)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3644 |ParentID: 3140)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 740 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4184 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 4892 |ParentID: 612)
C:\Windows\system32\wuauclt.exe (ID: 4368 |ParentID: 436)
C:\Windows\system32\DllHost.exe (ID: 784 |ParentID: 788)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2780 |ParentID: 3224)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4692 |ParentID: 2780)
C:\Windows\System32\WUDFHost.exe (ID: 5084 |ParentID: 444)
C:\Windows\system32\taskeng.exe (ID: 4772 |ParentID: 436)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5456 |ParentID: 788)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
voici le rapport :
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:02:33 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2456 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 20%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Disque amovible # 15 Go (12 Go libre(s) - 76%) [REMYS] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 476 |ParentID: 468)
C:\Windows\system32\wininit.exe (ID: 548 |ParentID: 468)
C:\Windows\system32\csrss.exe (ID: 568 |ParentID: 556)
C:\Windows\system32\services.exe (ID: 612 |ParentID: 548)
C:\Windows\system32\lsass.exe (ID: 644 |ParentID: 548)
C:\Windows\system32\winlogon.exe (ID: 652 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 660 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 788 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 888 |ParentID: 612)
C:\Windows\system32\atiesrxx.exe (ID: 936 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1020 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 444 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 472 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 436 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1096 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 612)
C:\Windows\system32\atieclxx.exe (ID: 1204 |ParentID: 936)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1364 |ParentID: 612)
C:\Windows\system32\WLANExt.exe (ID: 1372 |ParentID: 444)
C:\Windows\system32\conhost.exe (ID: 1380 |ParentID: 476)
C:\Windows\System32\spoolsv.exe (ID: 1612 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 1640 |ParentID: 612)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1832 |ParentID: 612)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1860 |ParentID: 612)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1884 |ParentID: 612)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1920 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1980 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2004 |ParentID: 612)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 2036 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 1188 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1528 |ParentID: 612)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1512 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 1040 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2124 |ParentID: 612)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 612)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2472 |ParentID: 2124)
C:\Windows\system32\SearchIndexer.exe (ID: 2784 |ParentID: 612)
C:\Windows\system32\svchost.exe (ID: 2804 |ParentID: 612)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID: 2532 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (ID: 2088 |ParentID: 612)
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (ID: 1132 |ParentID: 2088)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2388 |ParentID: 612)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 1848 |ParentID: 612)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2948 |ParentID: 788)
C:\Windows\system32\taskhost.exe (ID: 1668 |ParentID: 612)
C:\Windows\system32\Dwm.exe (ID: 3724 |ParentID: 444)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 3896 |ParentID: 1512)
C:\Windows\Explorer.EXE (ID: 3900 |ParentID: 3260)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 904 |ParentID: 3900)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ID: 3560 |ParentID: 3900)
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ID: 1768 |ParentID: 3900)
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (ID: 4084 |ParentID: 3900)
C:\Windows\System32\hkcmd.exe (ID: 3164 |ParentID: 3900)
C:\Windows\System32\igfxpers.exe (ID: 3292 |ParentID: 3900)
C:\Program Files\Java\jre6\bin\jusched.exe (ID: 3748 |ParentID: 3900)
C:\Windows\system32\igfxsrvc.exe (ID: 3180 |ParentID: 788)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 728 |ParentID: 3900)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3920 |ParentID: 3900)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3552 |ParentID: 3940)
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ID: 3848 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (ID: 984 |ParentID: 3140)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 3644 |ParentID: 3140)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 740 |ParentID: 3140)
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (ID: 4184 |ParentID: 612)
C:\Windows\System32\svchost.exe (ID: 4892 |ParentID: 612)
C:\Windows\system32\wuauclt.exe (ID: 4368 |ParentID: 436)
C:\Windows\system32\DllHost.exe (ID: 784 |ParentID: 788)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ID: 2780 |ParentID: 3224)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ID: 4692 |ParentID: 2780)
C:\Windows\System32\WUDFHost.exe (ID: 5084 |ParentID: 444)
C:\Windows\system32\taskeng.exe (ID: 4772 |ParentID: 436)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5456 |ParentID: 788)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
17 avril 2014 à 20:58
17 avril 2014 à 20:58
re
relance usbfix en mode suppression et poste le rapport via 1 copier/coller
merci
@+
relance usbfix en mode suppression et poste le rapport via 1 copier/coller
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
17 avril 2014 à 21:42
17 avril 2014 à 21:42
Bonsoir,
voici le rapport :
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 21:33:04 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2549 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 19%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 556 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 548)
C:\Windows\system32\services.exe (ID: 604 |ParentID: 556)
C:\Windows\system32\lsass.exe (ID: 628 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 636 |ParentID: 556)
C:\Windows\system32\winlogon.exe (ID: 692 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 604)
C:\Windows\system32\atiesrxx.exe (ID: 940 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 112 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 484 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1116 |ParentID: 604)
C:\Windows\system32\atieclxx.exe (ID: 1232 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 604)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1380 |ParentID: 604)
C:\Windows\system32\WLANExt.exe (ID: 1388 |ParentID: 484)
C:\Windows\system32\conhost.exe (ID: 1396 |ParentID: 480)
C:\Windows\System32\spoolsv.exe (ID: 1608 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1644 |ParentID: 604)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1736 |ParentID: 604)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1756 |ParentID: 604)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1780 |ParentID: 604)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1828 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1876 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 1904 |ParentID: 604)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 1924 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2036 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1080 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1184 |ParentID: 604)
C:\Windows\system32\taskhost.exe (ID: 1136 |ParentID: 604)
C:\Windows\system32\Dwm.exe (ID: 2064 |ParentID: 484)
C:\Windows\Explorer.EXE (ID: 2096 |ParentID: 2056)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2248 |ParentID: 1184)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 2256 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 2304 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2340 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2384 |ParentID: 604)
C:\Windows\system32\runonce.exe (ID: 2612 |ParentID: 2096)
C:\Windows\system32\SearchIndexer.exe (ID: 2764 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2896 |ParentID: 2340)
C:\Windows\System32\rundll32.exe (ID: 2916 |ParentID: 792)
C:\Windows\system32\svchost.exe (ID: 2952 |ParentID: 604)
C:\Windows\SysWOW64\runonce.exe (ID: 3128 |ParentID: 2612)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3412 |ParentID: 2764)
C:\Windows\system32\SearchFilterHost.exe (ID: 3524 |ParentID: 2764)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 3220 |ParentID: 1380)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2624 |ParentID: 792)
################## | Recherche générique |
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKU\S-1-5-21-1629809806-1617948266-3175222210-500\Software\.\.\.\.\Mountpoints2\{80c4a24e-2d15-11e3-b716-08002700ac24}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[04/02/2014 - 12:44:26 | SHD] - C:\$RECYCLE.BIN
[16/05/2010 - 23:43:34 | SHD] - C:\boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[15/04/2014 - 23:45:21 | D] - C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[17/04/2014 - 21:32:10 | ASH | 2990484 Ko] - C:\hiberfil.sys
[12/06/2010 - 11:26:21 | D] - C:\HP
[12/06/2010 - 11:37:11 | D] - C:\Intel
[07/04/2014 - 21:07:49 | RHD] - C:\MSOCache
[17/04/2014 - 21:32:10 | ASH | 3987312 Ko] - C:\pagefile.sys
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[15/04/2014 - 21:31:10 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[13/04/2014 - 23:52:47 | D] - C:\Program Files
[15/04/2014 - 23:42:24 | D] - C:\Program Files (x86)
[15/04/2014 - 23:42:24 | HD] - C:\ProgramData
[04/02/2014 - 11:36:18 | D] - C:\Qoobox
[02/10/2013 - 20:44:03 | SHD] - C:\Recovery
[13/02/2014 - 09:02:18 | N | 2 Ko] - C:\RHDSetup.log
[07/04/2014 - 22:48:40 | D] - C:\rsit
[07/04/2014 - 22:58:27 | D] - C:\SwSetup
[15/04/2014 - 00:34:10 | SHD] - C:\System Volume Information
[02/10/2013 - 20:44:07 | D] - C:\SYSTEM.SAV
[17/04/2014 - 19:01:16 | D] - C:\UsbFix
[17/04/2014 - 21:34:26 | A | 9 Ko | 56A0DCA7A2543EEBCB7A622F34103755] - C:\UsbFix [Clean 2] REMY-PC.txt
[17/04/2014 - 19:03:31 | N | 10 Ko | ED75992E603D0031E2CE0B49D3D6EBB7] - C:\UsbFix [Scan 1] REMY-PC.txt
[17/04/2014 - 21:30:21 | N | 10 Ko | F19E426C38A503BA05F7940653CA0518] - C:\UsbFix [Scan 2] REMY-PC.txt
[02/10/2013 - 21:52:38 | D] - C:\Users
[15/04/2014 - 22:19:15 | D] - C:\Windows
[30/09/2013 - 19:11:58 | SHD] - D:\$RECYCLE.BIN
[25/09/2010 - 18:38:39 | SHD] - D:\boot
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\BT_HP.FLG
[12/06/2010 - 22:00:19 | N | 0 Ko] - D:\CSP.DAT
[12/06/2010 - 22:07:40 | N | 14 Ko] - D:\DeployRp.log
[22/10/2011 - 13:46:48 | N | 0 Ko] - D:\Disque local (C) - Raccourci (2).lnk
[15/10/2010 - 22:49:54 | N | 0 Ko] - D:\Disque local (C) - Raccourci.lnk
[25/09/2010 - 19:32:47 | D] - D:\hp
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\language.ini
[25/09/2010 - 18:38:39 | SHD] - D:\preload
[02/10/2013 - 20:44:06 | SD] - D:\Recovery
[01/07/2012 - 20:20:55 | N | 291452 Ko] - D:\registre-exporté-01072012.reg
[12/06/2010 - 22:07:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[18/06/2011 - 13:25:00 | SHD] - D:\System Volume Information
[25/09/2010 - 18:38:39 | D] - D:\system.sav
[01/07/2012 - 17:25:30 | SHD] - E:\$RECYCLE.BIN
[02/10/2013 - 20:14:02 | D] - E:\Hewlett-Packard
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
voici le rapport :
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: Administrateur (Administrateur) # REMY-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 21:33:04 | 17/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: Hewlett-Packard (143A)
CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
RAM -> [Total : 3894 Mo| Free : 2549 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17041
WB: Mozilla Firefox : 28.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 451 Go (88 Go libre(s) - 19%) [] # NTFS
D:\ -> Disque fixe # 14 Go (2 Go libre(s) - 12%) [RECOVERY] # NTFS
E:\ -> Disque fixe # 99 Mo (89 Mo libre(s) - 90%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 556 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 580 |ParentID: 548)
C:\Windows\system32\services.exe (ID: 604 |ParentID: 556)
C:\Windows\system32\lsass.exe (ID: 628 |ParentID: 556)
C:\Windows\system32\lsm.exe (ID: 636 |ParentID: 556)
C:\Windows\system32\winlogon.exe (ID: 692 |ParentID: 548)
C:\Windows\system32\svchost.exe (ID: 792 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 604)
C:\Windows\system32\atiesrxx.exe (ID: 940 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 112 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 484 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1040 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1116 |ParentID: 604)
C:\Windows\system32\atieclxx.exe (ID: 1232 |ParentID: 940)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 604)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1380 |ParentID: 604)
C:\Windows\system32\WLANExt.exe (ID: 1388 |ParentID: 484)
C:\Windows\system32\conhost.exe (ID: 1396 |ParentID: 480)
C:\Windows\System32\spoolsv.exe (ID: 1608 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 1644 |ParentID: 604)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1736 |ParentID: 604)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ID: 1756 |ParentID: 604)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (ID: 1780 |ParentID: 604)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1828 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (ID: 1876 |ParentID: 604)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 1904 |ParentID: 604)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 1924 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 2036 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1080 |ParentID: 604)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1184 |ParentID: 604)
C:\Windows\system32\taskhost.exe (ID: 1136 |ParentID: 604)
C:\Windows\system32\Dwm.exe (ID: 2064 |ParentID: 484)
C:\Windows\Explorer.EXE (ID: 2096 |ParentID: 2056)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2248 |ParentID: 1184)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 2256 |ParentID: 604)
C:\Windows\System32\svchost.exe (ID: 2304 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2340 |ParentID: 604)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2384 |ParentID: 604)
C:\Windows\system32\runonce.exe (ID: 2612 |ParentID: 2096)
C:\Windows\system32\SearchIndexer.exe (ID: 2764 |ParentID: 604)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2896 |ParentID: 2340)
C:\Windows\System32\rundll32.exe (ID: 2916 |ParentID: 792)
C:\Windows\system32\svchost.exe (ID: 2952 |ParentID: 604)
C:\Windows\SysWOW64\runonce.exe (ID: 3128 |ParentID: 2612)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3412 |ParentID: 2764)
C:\Windows\system32\SearchFilterHost.exe (ID: 3524 |ParentID: 2764)
C:\Program Files\AVAST Software\Avast\setup\instup.exe (ID: 3220 |ParentID: 1380)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2624 |ParentID: 792)
################## | Recherche générique |
(!) Fichiers temporaires supprimés.
################## | Registre |
Réparé ! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 0
Supprimé! HKU\S-1-5-21-1629809806-1617948266-3175222210-500\Software\.\.\.\.\Mountpoints2\{80c4a24e-2d15-11e3-b716-08002700ac24}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKCU\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : []
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
04 - [x64] HKLM\..\Run : [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1629809806-1617948266-3175222210-500\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[04/02/2014 - 12:44:26 | SHD] - C:\$RECYCLE.BIN
[16/05/2010 - 23:43:34 | SHD] - C:\boot
[14/07/2009 - 03:38:58 | RASH | 375 Ko] - C:\bootmgr
[15/04/2014 - 23:45:21 | D] - C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[17/04/2014 - 21:32:10 | ASH | 2990484 Ko] - C:\hiberfil.sys
[12/06/2010 - 11:26:21 | D] - C:\HP
[12/06/2010 - 11:37:11 | D] - C:\Intel
[07/04/2014 - 21:07:49 | RHD] - C:\MSOCache
[17/04/2014 - 21:32:10 | ASH | 3987312 Ko] - C:\pagefile.sys
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[15/04/2014 - 21:31:10 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[13/04/2014 - 23:52:47 | D] - C:\Program Files
[15/04/2014 - 23:42:24 | D] - C:\Program Files (x86)
[15/04/2014 - 23:42:24 | HD] - C:\ProgramData
[04/02/2014 - 11:36:18 | D] - C:\Qoobox
[02/10/2013 - 20:44:03 | SHD] - C:\Recovery
[13/02/2014 - 09:02:18 | N | 2 Ko] - C:\RHDSetup.log
[07/04/2014 - 22:48:40 | D] - C:\rsit
[07/04/2014 - 22:58:27 | D] - C:\SwSetup
[15/04/2014 - 00:34:10 | SHD] - C:\System Volume Information
[02/10/2013 - 20:44:07 | D] - C:\SYSTEM.SAV
[17/04/2014 - 19:01:16 | D] - C:\UsbFix
[17/04/2014 - 21:34:26 | A | 9 Ko | 56A0DCA7A2543EEBCB7A622F34103755] - C:\UsbFix [Clean 2] REMY-PC.txt
[17/04/2014 - 19:03:31 | N | 10 Ko | ED75992E603D0031E2CE0B49D3D6EBB7] - C:\UsbFix [Scan 1] REMY-PC.txt
[17/04/2014 - 21:30:21 | N | 10 Ko | F19E426C38A503BA05F7940653CA0518] - C:\UsbFix [Scan 2] REMY-PC.txt
[02/10/2013 - 21:52:38 | D] - C:\Users
[15/04/2014 - 22:19:15 | D] - C:\Windows
[30/09/2013 - 19:11:58 | SHD] - D:\$RECYCLE.BIN
[25/09/2010 - 18:38:39 | SHD] - D:\boot
[14/07/2009 - 20:39:00 | ASH | 375 Ko] - D:\bootmgr
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\BT_HP.FLG
[12/06/2010 - 22:00:19 | N | 0 Ko] - D:\CSP.DAT
[12/06/2010 - 22:07:40 | N | 14 Ko] - D:\DeployRp.log
[22/10/2011 - 13:46:48 | N | 0 Ko] - D:\Disque local (C) - Raccourci (2).lnk
[15/10/2010 - 22:49:54 | N | 0 Ko] - D:\Disque local (C) - Raccourci.lnk
[25/09/2010 - 19:32:47 | D] - D:\hp
[02/10/2013 - 20:49:26 | N | 0 Ko] - D:\language.ini
[25/09/2010 - 18:38:39 | SHD] - D:\preload
[02/10/2013 - 20:44:06 | SD] - D:\Recovery
[01/07/2012 - 20:20:55 | N | 291452 Ko] - D:\registre-exporté-01072012.reg
[12/06/2010 - 22:07:37 | N | 0 Ko] - D:\RPCONFIG.LOG
[18/06/2011 - 13:25:00 | SHD] - D:\System Volume Information
[25/09/2010 - 18:38:39 | D] - D:\system.sav
[01/07/2012 - 17:25:30 | SHD] - E:\$RECYCLE.BIN
[02/10/2013 - 20:14:02 | D] - E:\Hewlett-Packard
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
Modifié par billmaxime le 18/04/2014 à 05:11
Modifié par billmaxime le 18/04/2014 à 05:11
re
ok, fait ceci et poste le rapport
http://sosvirus.net/viewtopic.php?f=281&t=594
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
a la fin de l'installation, décoche la case "activer l'essai gratuit de MBAM premium"
regarde l'image >> clique ici
regarde ceci pour le mettre a jour et en français >> clique ici
dans l'onglet "examens" sélectionne "examen menaces" puis clique sur "examiner maintenant"
a la fin du scan, clique sur "tout mettre en quarantaine " puis sur "appliquer les actions"
si MBAM demande de redémarrer le pc, fait le
le rapport s'affichera sur ton bureau, mais sera aussi disponible dans "historique"
et "journaux de l'application"
sélectionne le rapport et demande l'affichage (choisit bien le dernier en date)
en bas a gauche, clique sur "exporter" et choisit "format texte"
enregistre le sur ton bureau (pour le retrouver facilement)
poste le rapport via 1 copier/coller dans ta prochaine réponse
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
ok, fait ceci et poste le rapport
http://sosvirus.net/viewtopic.php?f=281&t=594
utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)
a la fin de l'installation, décoche la case "activer l'essai gratuit de MBAM premium"
regarde l'image >> clique ici
regarde ceci pour le mettre a jour et en français >> clique ici
dans l'onglet "examens" sélectionne "examen menaces" puis clique sur "examiner maintenant"
a la fin du scan, clique sur "tout mettre en quarantaine " puis sur "appliquer les actions"
si MBAM demande de redémarrer le pc, fait le
le rapport s'affichera sur ton bureau, mais sera aussi disponible dans "historique"
et "journaux de l'application"
sélectionne le rapport et demande l'affichage (choisit bien le dernier en date)
en bas a gauche, clique sur "exporter" et choisit "format texte"
enregistre le sur ton bureau (pour le retrouver facilement)
poste le rapport via 1 copier/coller dans ta prochaine réponse
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
19 avril 2014 à 21:53
19 avril 2014 à 21:53
Bonjour,
le rapport a trouvé une menace :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 19/04/2014
Heure de l'examen: 21:43:15
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.19.09
Base de données Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301265
Temps écoulé: 13 min, 59 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 0
(No malicious items detected)
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 1
PUP.Optional.MySearchDial.A, C:\Users\REMY\AppData\Local\Google\Chrome\User Data\Default\preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele0103&cd=2XzuyEtN2Y1L1QzutDtDtByCzztBzz0ByD0EtDtByC0C0AzytN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1909010176&ir=" ],), Remplacé,[ca6b5dcfc6b5dc5a619763f1699bb050]
Secteurs physiques: 0
(No malicious items detected)
(end)
le rapport a trouvé une menace :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 19/04/2014
Heure de l'examen: 21:43:15
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.19.09
Base de données Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 301265
Temps écoulé: 13 min, 59 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 0
(No malicious items detected)
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 1
PUP.Optional.MySearchDial.A, C:\Users\REMY\AppData\Local\Google\Chrome\User Data\Default\preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele0103&cd=2XzuyEtN2Y1L1QzutDtDtByCzztBzz0ByD0EtDtByC0C0AzytN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1909010176&ir=" ],), Remplacé,[ca6b5dcfc6b5dc5a619763f1699bb050]
Secteurs physiques: 0
(No malicious items detected)
(end)
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
20 avril 2014 à 10:32
20 avril 2014 à 10:32
salut
dit moi si tu as encore des soucis
merci
@+
dit moi si tu as encore des soucis
merci
@+
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
20 avril 2014 à 11:59
20 avril 2014 à 11:59
Bonjour,
le problème est toujours la. Les pages internet se chargent un peu plus vite mais la rapidité n'est plus la même qu'avant. Est -il possible que ce soit du à un pb de mise à jour de la carte wifi? J'ai déja eu un problème de lenteur auparavant et j'avais mis à jour la carte et tt était revenu à la normale. Mais maintenant, la mise à jour ne suffit plus. Je constate aussi dans le gestionnaire des taches que mon processeur utilise peu d'UC environ 5% avec quelques pics allant jusqu'à 50% lorsque j'ouvre une page internet. D'où peut provenir cette lenteur? Je ne comprends plus rien...
le problème est toujours la. Les pages internet se chargent un peu plus vite mais la rapidité n'est plus la même qu'avant. Est -il possible que ce soit du à un pb de mise à jour de la carte wifi? J'ai déja eu un problème de lenteur auparavant et j'avais mis à jour la carte et tt était revenu à la normale. Mais maintenant, la mise à jour ne suffit plus. Je constate aussi dans le gestionnaire des taches que mon processeur utilise peu d'UC environ 5% avec quelques pics allant jusqu'à 50% lorsque j'ouvre une page internet. D'où peut provenir cette lenteur? Je ne comprends plus rien...
billmaxime
Messages postés
49927
Date d'inscription
dimanche 20 novembre 2011
Statut
Contributeur
Dernière intervention
18 avril 2024
5 944
Modifié par billmaxime le 20/04/2014 à 12:22
Modifié par billmaxime le 20/04/2014 à 12:22
re
désactive ton antivirus pour télécharger le logiciel et pour faire le scan
fait ceci et poste le rapport via ce lien https://www.cjoint.com/index.php
http://sosvirus.net/viewtopic.php?f=281&t=613
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
désactive ton antivirus pour télécharger le logiciel et pour faire le scan
fait ceci et poste le rapport via ce lien https://www.cjoint.com/index.php
http://sosvirus.net/viewtopic.php?f=281&t=613
merci
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
Skywalker78
Messages postés
22
Date d'inscription
lundi 14 avril 2014
Statut
Membre
Dernière intervention
8 juin 2014
21 avril 2014 à 14:09
21 avril 2014 à 14:09
Bonjour,
J'ai lancé Shortcut_Module. Pendant le scan, il trouve une cinquantaine d'éléments infectés mais lorsque le scan se termine il m'affiche un message d'erreur : "Error : Variable type "Object" must be used ". Et ensuite je suis obligé de redémarer mon pc car celui -ci est bloqué.
J'ai bien desactivé mon AV...
J'ai lancé Shortcut_Module. Pendant le scan, il trouve une cinquantaine d'éléments infectés mais lorsque le scan se termine il m'affiche un message d'erreur : "Error : Variable type "Object" must be used ". Et ensuite je suis obligé de redémarer mon pc car celui -ci est bloqué.
J'ai bien desactivé mon AV...
27 avril 2014 à 20:26
27 avril 2014 à 20:26