ivy

Pfiou, je me suis énervée un bon coup ! Je suis allée racler dans toutes les fenêtres, toutes les propriétés, tous les "avancés". J'ai tout mis en contrôle total, comme je le fais depuis trois jours. Mais pour en avoir le coeur net, j'ai aussi fait un petit tour par "Compatibilité". Et là, stupeur, j'ai vu que la case "Exécuter en tant qu'administrateur" était cochée... Ça doit être pour ça que ça ne gardait jamais les changements que je faisais... J'ai vérifié les trois comptes admin/utilisateurs, ça marche nickel, chaque session avec ses spécificités propres MERCI NOTPA, MERCI PEAR ! MERCI ZEBULON !

Bonjour. J'ai fait les opérations. En apparence, les utilisateurs pak et ivy ont le contrôle total partout. Sauf qu'en pratique, ça reste l'administrateur Sonic qui peut faire toutes les opérations, qui doit se logguer pour avoir accès à Internet et sur le bureau duquel ça "upload" et "download" tout (donc il faut rechanger de sessions à chaque fois, et se relogguer). J'ai refait un GrantPerms. Voici les rapports : GrantPerms by Farbar Ran by Sonic Jr (administrator) at 2014-04-28 12:57:46 =============================================== \\?\C:\Program Files (x86)\Mozilla Firefox Owner: Sonic\ivy DACL(P)(AI): AUTORITÉ DE PACKAGE D?APPLICATION\TOUS LES PACKAGES D?APPLICATION READ/EXECUTE ALLOW (CI)(OI) BUILTIN\Administrateurs FULL ALLOW (CI)(OI) BUILTIN\Utilisateurs FULL ALLOW (CI)(OI) NT SERVICE\TrustedInstaller FULL ALLOW (CI)(OI) CREATEUR PROPRIETAIRE FULL ALLOW (CI)(OI)(IO) AUTORITE NT\Système FULL ALLOW (CI)(OI) Sonic\pak FULL ALLOW (CI)(OI) Sonic\ivy FULL ALLOW (CI)(OI) ================ End Of List ================ Après Unlock : GrantPerms by Farbar Ran by Sonic Jr (administrator) at 2014-04-28 12:59:03 =============================================== \\?\C:\Program Files (x86)\Mozilla Firefox Owner: BUILTIN\Administrateurs DACL(P)(AI): BUILTIN\Administrateurs FULL ALLOW (CI)(OI) AUTORITE NT\Système FULL ALLOW (CI)(OI) BUILTIN\Utilisateurs READ/EXECUTE ALLOW (CI)(OI) ================ End Of List ================ Merci et bonne semaine à tous

Salut Pear Voici les rapports : GrantPerms by Farbar Ran by Sonic Jr (administrator) at 2014-04-26 12:00:06 =============================================== \\?\C:\Program Files (x86)\Mozilla Firefox Owner: BUILTIN\Administrateurs DACL(NP)(AI): BUILTIN\Administrateurs FULL ALLOW (CI)(OI) AUTORITE NT\Système FULL ALLOW (CI)(OI) BUILTIN\Utilisateurs READ/EXECUTE ALLOW (CI)(OI) NT SERVICE\TrustedInstaller FULL ALLOW (I) NT SERVICE\TrustedInstaller FULL ALLOW (CI)(IO)(I) AUTORITE NT\Système FULL ALLOW (I) AUTORITE NT\Système FULL ALLOW (CI)(OI)(IO)(I) BUILTIN\Administrateurs FULL ALLOW (I) BUILTIN\Administrateurs FULL ALLOW (CI)(OI)(IO)(I) BUILTIN\Utilisateurs READ/EXECUTE ALLOW (I) BUILTIN\Utilisateurs READ/EXECUTE ALLOW (CI)(OI)(IO)(I) CREATEUR PROPRIETAIRE FULL ALLOW (CI)(OI)(IO)(I) AUTORITÉ DE PACKAGE D?APPLICATION\TOUS LES PACKAGES D?APPLICATION READ/EXECUTE ALLOW (I) AUTORITÉ DE PACKAGE D?APPLICATION\TOUS LES PACKAGES D?APPLICATION READ/EXECUTE ALLOW (CI)(OI)(IO)(I) ================ End Of List ================ Et le CTR : Rapport de Contrôle restrictions Pierre13 (CTR version 2.0.0.0 ) du 26\04\2014 à 12:02:04 PC de Sonic Jr Analyse effectuée en 0.597 s Windows 8.1 (64 bits) Contrôle présence restrictions Restriction Affichage Documents récents supprimée. Restriction Affichage Documents supprimée. Restriction synchronisation en arrière-plan des flux d’informations et des Web Slices supprimée. Restriction découverte des flux RSS et des Web Slices supprimée. Recherche Windows Update rétablie. Service Pare feu Windows activé. Paramètres Pare feu Windows rétablis par défaut et activé. 193 restrictions contrôlées. 5 restriction(s) réparée(s). Re démarrer le PC pour prendre en compte la ou les réparations. Le rapport est sur le bureau (C:\Users\Sonic Jr\Desktop\CTR.txt) L'icône de FF sur le bureau me montre le petit bouclier Windows, et quand je clique, ça me demande le mot de passe admin (sur le compte utilisateur donc). Merci pour votre aide à tous. Bon appétit

Salut Notpa. En fait, je n'ai pas vraiment besoin de faire de sauvegarde de FF, car depuis quelques jours, il ne "garde" plus rien, ni marque-page, ni préférence, ni page de démarrage, ni rien. C'est comme s'il était "rayé" : il recommence comme il était il y a trois ou quatre jours et je ne peux plus modifier, ajouter ou retirer de marque-page, ajouter des paramètres aux extensions (qui ont été effacés etc). J'ai essayé la manip', mais ça ne marche pas (on vide très souvent le cache). Si tu as d'autres idées, je prends avec plaisir ! En tout cas merci pour ta réponse

Bonjour. J'ai eu une infection (voir ici) et dès qu'on a commencé à nettoyer l'ordi, Firefox s'est mis à se comporter de façon bizarre. Il agit comme s'il était dans un bac à sable, ne retient aucun des paramètres qu'on lui indique, se remet systématiquement à zéro, comme si je venais de le télécharger et que je l'utilisais pour la première fois. - J'ai essayé de désactiver les modules, en bloc ou un par un, ça ne change rien. Même chose quand je le démarre en "mode sans échec". - Il y a trois comptes sur l'ordi : un administrateur, qu'on n'utilise quasi jamais et deux utilisateurs courants. J'ai remarqué que le compte admin fonctionnait bien, mais pas les utilisateurs. J'ai essayé d'ouvrir FF en compte admin, sur ma session utilisateur, et là, ça marche nickel, je peux paramétrer comme je veux, ça garde en mémoire les paramètres et les marque-pages. Le problème, c'est qu'on est deux à utiliser FF, sous deux comptes différents donc, et qu'on a des modules différents, mais surtout énormément de marque-pages et de préférences (taille des caractères etc) différents. Ce serait très difficile, pour ne pas dire impossible, de lisser les deux comptes en un seul. Est-ce que vous auriez une solution pour que Firefox cesse de fonctionner seulement en mode admin ? Quelque chose à faire avec l'UAC ? (Windows 8.1) Merci pour votre aide

Ok merci, je fais toutes les manip' ce soir en rentrant. Encore merci pour ton aide Et merci aux forums Zebulon

Le problème est que Firefox continue à se comporter comme s'il était dans un bac à sable. Aucune des options n'est persistante, les modules ne servent plus à rien car ils ne retiennent pas les paramètres et à chaque fois que je le mets en route. J'ai l'impression de recommencer avec un navigateur que je viendrais tout juste d'installer pour la première fois... Merci

Et voilà le rapport : http://cjoint.com/?0DznvUFHqSC Merci, bon après-midi

Hop ! J'ai compris le problème : dans l'analyse par défaut, la case Rootkit n'est pas cochée. Donc mon erreur était d'aller dans "Examen personnalisé" où je pouvais cocher Rootkit. Et là, ça prenait des plombes Aujourd'hui, comme tu m'as dit que ça ne devait pas être si long, j'ai farfouillé un peu. Et bien sûr, je suis allée dans Paramètres, où on peut tout à fait cocher "Rootkit" et se retrouver avec un temps d'analyse effectivement très rapide (une vingtaine de minutes). Voici le rapport, je fais le SFTGC de suite Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 25/04/2014 Heure de l'examen: 12:48:57 Fichier journal: Administrateur: Oui Version: 2.00.1.1004 Base de données Malveillants: v2014.04.25.04 Base de données Rootkits: v2014.03.27.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Chameleon: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Sonic Jr Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 366282 Temps écoulé: 26 min, 31 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Shuriken: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 0 (No malicious items detected) Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 0 (No malicious items detected) Secteurs physiques: 0 (No malicious items detected) (end)

D'accord, je lance alors (J'ai eu une fois 4h30 et l'autre 5h)

Hm, tu sais, si je coche "examen rapide", l'analyse passe systématiquement de 20 minutes à 5 heures. Tu veux que je te le fasse en rapide ou en rootkit-pas-rapide ? Merci

Bonjour, bonjour Pas de souci pour télécharger ou exécuter RogueKiller (j'avais le choix, j'ai pris le X64). En revanche, le Driver ne s'est pas chargé, comme c'est expliqué dans le tuto, donc on n'a pas l'analyse Rootkit. Voici les rapports : RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : Recherche -- Date : 04/25/2014 09:16:52 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 4 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1010) [Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1E60) [Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F30B0) [Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F3114) [Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FA0C) [Address] EAT @explorer.exe (AccConvertAccessToSD) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FB80) [Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FD3C) [Address] EAT @explorer.exe (AccConvertAclToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FE90) [Address] EAT @explorer.exe (AccConvertSDToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FF2C) [Address] EAT @explorer.exe (AccFreeIndexArray) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000D80) [Address] EAT @explorer.exe (AccGetAccessForTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280101A8) [Address] EAT @explorer.exe (AccGetExplicitEntries) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010288) [Address] EAT @explorer.exe (AccGetInheritanceSource) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000EA0) [Address] EAT @explorer.exe (AccLookupAccountName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010348) [Address] EAT @explorer.exe (AccLookupAccountSid) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010648) [Address] EAT @explorer.exe (AccLookupAccountTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280109CC) [Address] EAT @explorer.exe (AccProvCancelOperation) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CAFC) [Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CB74) [Address] EAT @explorer.exe (AccProvGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CC1C) [Address] EAT @explorer.exe (AccProvGetCapabilities) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF8100) [Address] EAT @explorer.exe (AccProvGetOperationResults) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CDF8) [Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CF38) [Address] EAT @explorer.exe (AccProvGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D040) [Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D1B0) [Address] EAT @explorer.exe (AccProvHandleGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D298) [Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D410) [Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800C4D0) [Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D48C) [Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D524) [Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D660) [Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D738) [Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D810) [Address] EAT @explorer.exe (AccProvIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D910) [Address] EAT @explorer.exe (AccProvIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DA24) [Address] EAT @explorer.exe (AccProvRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DE74) [Address] EAT @explorer.exe (AccProvRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DFB0) [Address] EAT @explorer.exe (AccProvSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800E0EC) [Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BD4) [Address] EAT @explorer.exe (AccRewriteGetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001510) [Address] EAT @explorer.exe (AccRewriteGetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001680) [Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3070) [Address] EAT @explorer.exe (AccRewriteSetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2270) [Address] EAT @explorer.exe (AccRewriteSetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3BA0) [Address] EAT @explorer.exe (AccSetEntriesInAList) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010AD4) [Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF58A0) [Address] EAT @explorer.exe (EventGuidToName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDE68) [Address] EAT @explorer.exe (EventNameFree) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDEF4) [Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BCC) [Address] EAT @explorer.exe (GetMartaExtensionInterface) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3600) [Address] EAT @explorer.exe (GetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2680) [Address] EAT @explorer.exe (GetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF1390) [Address] EAT @explorer.exe (SetEntriesInAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3060) [Address] EAT @explorer.exe (SetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3E64) [Address] EAT @explorer.exe (SetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF21B0) [Address] EAT @explorer.exe (AppCacheCheckManifest) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27635828) [Address] EAT @explorer.exe (AppCacheCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276317E0) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741320) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741378) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27631950) [Address] EAT @explorer.exe (AppCacheFinalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277413D0) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741428) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276897C0) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607548) [Address] EAT @explorer.exe (AppCacheFreeSpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741510) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741568) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2769BB94) [Address] EAT @explorer.exe (AppCacheGetGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768979C) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277415C0) [Address] EAT @explorer.exe (AppCacheGetInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741618) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276340B0) [Address] EAT @explorer.exe (AppCacheLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27656FF8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B2C0) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764C888) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E4C0) [Address] EAT @explorer.exe (CreateMD5SSOHash) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27718690) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760322C) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27603388) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B450) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E7C) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E58) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774252C) [Address] EAT @explorer.exe (DeleteIE3Cache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27746A34) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607A00) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276383B0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607B70) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774262C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF76C) [Address] EAT @explorer.exe (DispatchAPICall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D1B28) [Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649CC0) [Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27645990) [Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DA544) [Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E22D0) [Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E2310) [Address] EAT @explorer.exe (FindCloseUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA0C0) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E16C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602CB4) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBA6C) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647DA8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276097E0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647570) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742730) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602F48) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBED0) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742878) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742A48) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27609400) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742C18) [Address] EAT @explorer.exe (ForceNexusLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771889C) [Address] EAT @explorer.exe (ForceNexusLookupExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277188F0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742D34) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276066F0) [Address] EAT @explorer.exe (FtpCommandA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED388) [Address] EAT @explorer.exe (FtpCommandW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0D4C) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED46C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0EE8) [Address] EAT @explorer.exe (FtpDeleteFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED50C) [Address] EAT @explorer.exe (FtpDeleteFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1050) [Address] EAT @explorer.exe (FtpFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED5AC) [Address] EAT @explorer.exe (FtpFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F11B8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED818) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1390) [Address] EAT @explorer.exe (FtpGetFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED8D8) [Address] EAT @explorer.exe (FtpGetFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1518) [Address] EAT @explorer.exe (FtpGetFileSize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDAFC) [Address] EAT @explorer.exe (FtpGetFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F16AC) [Address] EAT @explorer.exe (FtpOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDD70) [Address] EAT @explorer.exe (FtpOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F17B0) [Address] EAT @explorer.exe (FtpPutFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDE50) [Address] EAT @explorer.exe (FtpPutFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1840) [Address] EAT @explorer.exe (FtpPutFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F19A4) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE1D0) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1A78) [Address] EAT @explorer.exe (FtpRenameFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE270) [Address] EAT @explorer.exe (FtpRenameFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1BD4) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE324) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1DF4) [Address] EAT @explorer.exe (GetProxyDllInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D7C00) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742F54) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276062C8) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DACF0) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277431F0) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277433A8) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764F540) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D7824) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277435F0) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743858) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EBDE0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherCreateLocatorW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E4140) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7A30) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277045C8) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276530E0) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27653240) [Address] EAT @explorer.exe (HttpEndRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618A68) [Address] EAT @explorer.exe (HttpEndRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704C64) [Address] EAT @explorer.exe (HttpGetServerCredentials) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771CBCC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7058) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276563C0) [Address] EAT @explorer.exe (HttpOpenRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277052C0) [Address] EAT @explorer.exe (HttpOpenRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E2EE0) [Address] EAT @explorer.exe (HttpPushClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7D94) [Address] EAT @explorer.exe (HttpPushEnable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E44) [Address] EAT @explorer.exe (HttpPushWait) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E9C) [Address] EAT @explorer.exe (HttpQueryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E8B60) [Address] EAT @explorer.exe (HttpQueryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EA090) [Address] EAT @explorer.exe (HttpSendRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276840D0) [Address] EAT @explorer.exe (HttpSendRequestExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704D64) [Address] EAT @explorer.exe (HttpSendRequestExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618880) [Address] EAT @explorer.exe (HttpSendRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7634) [Address] EAT @explorer.exe (HttpWebSocketClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715350) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277158DC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715498) [Address] EAT @explorer.exe (HttpWebSocketReceive) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715D7C) [Address] EAT @explorer.exe (HttpWebSocketSend) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277162C0) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27716580) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276174F4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721ABC) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721CA0) [Address] EAT @explorer.exe (InternetAttemptConnect) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DBF9C) [Address] EAT @explorer.exe (InternetAutodial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1148) [Address] EAT @explorer.exe (InternetAutodialCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D844C) [Address] EAT @explorer.exe (InternetAutodialHangup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E11E0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC004) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687A50) [Address] EAT @explorer.exe (InternetCheckConnectionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC110) [Address] EAT @explorer.exe (InternetCheckConnectionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD40C) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D68) [Address] EAT @explorer.exe (InternetCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E71F4) [Address] EAT @explorer.exe (InternetCombineUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC5B8) [Address] EAT @explorer.exe (InternetCombineUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C930) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27681BD0) [Address] EAT @explorer.exe (InternetConnectA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC6D0) [Address] EAT @explorer.exe (InternetConnectW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E65EC) [Address] EAT @explorer.exe (InternetCrackUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276130E4) [Address] EAT @explorer.exe (InternetCrackUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27659760) [Address] EAT @explorer.exe (InternetCreateUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC800) [Address] EAT @explorer.exe (InternetCreateUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763BEC8) [Address] EAT @explorer.exe (InternetDial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270) [Address] EAT @explorer.exe (InternetDialA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270) [Address] EAT @explorer.exe (InternetDialW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E131C) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D74) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705DE0) [Address] EAT @explorer.exe (InternetErrorDlg) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722B24) [Address] EAT @explorer.exe (InternetFindNextFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F06A8) [Address] EAT @explorer.exe (InternetFindNextFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F29E8) [Address] EAT @explorer.exe (InternetFortezzaCommand) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7EF4) [Address] EAT @explorer.exe (InternetFreeCookies) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616AC8) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768762C) [Address] EAT @explorer.exe (InternetGetCertByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (InternetGetCertByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (InternetGetConnectedState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764EE28) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762AD90) [Address] EAT @explorer.exe (InternetGetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070B0) [Address] EAT @explorer.exe (InternetGetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616A98) [Address] EAT @explorer.exe (InternetGetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070E0) [Address] EAT @explorer.exe (InternetGetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616B34) [Address] EAT @explorer.exe (InternetGetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277073E4) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC898) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD500) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705EC4) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705F14) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687374) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD6BC) [Address] EAT @explorer.exe (InternetGoOnline) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0) [Address] EAT @explorer.exe (InternetGoOnlineA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0) [Address] EAT @explorer.exe (InternetGoOnlineW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1468) [Address] EAT @explorer.exe (InternetHangUp) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1500) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C574) [Address] EAT @explorer.exe (InternetLockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276502BC) [Address] EAT @explorer.exe (InternetOpenA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D55C) [Address] EAT @explorer.exe (InternetOpenUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCB50) [Address] EAT @explorer.exe (InternetOpenUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD7B8) [Address] EAT @explorer.exe (InternetOpenW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D3D4) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275FAB70) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7F54) [Address] EAT @explorer.exe (InternetQueryOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E0D50) [Address] EAT @explorer.exe (InternetQueryOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E1220) [Address] EAT @explorer.exe (InternetReadFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F8430) [Address] EAT @explorer.exe (InternetReadFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF90) [Address] EAT @explorer.exe (InternetReadFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721E78) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721FE8) [Address] EAT @explorer.exe (InternetSetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707404) [Address] EAT @explorer.exe (InternetSetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770742C) [Address] EAT @explorer.exe (InternetSetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770748C) [Address] EAT @explorer.exe (InternetSetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27612BB0) [Address] EAT @explorer.exe (InternetSetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707530) [Address] EAT @explorer.exe (InternetSetDialState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580) [Address] EAT @explorer.exe (InternetSetDialStateA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580) [Address] EAT @explorer.exe (InternetSetDialStateW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E15D8) [Address] EAT @explorer.exe (InternetSetFilePointer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A07C) [Address] EAT @explorer.exe (InternetSetOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DDF30) [Address] EAT @explorer.exe (InternetSetOptionExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDDE0) [Address] EAT @explorer.exe (InternetSetOptionExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDED4) [Address] EAT @explorer.exe (InternetSetOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DE3F0) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705FAC) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27706044) [Address] EAT @explorer.exe (InternetSetStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761EF08) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD970) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768AD7C) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768468C) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764FFF0) [Address] EAT @explorer.exe (InternetWriteFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618B08) [Address] EAT @explorer.exe (InternetWriteFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (InternetWriteFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762BC50) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743A8C) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A290) [Address] EAT @explorer.exe (LoadUrlCacheContent) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276146B8) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704318) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761CBBC) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743BDC) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649ED8) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E0670) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743CEC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743EC8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277440A0) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276880B8) [Address] EAT @explorer.exe (RunOnceUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277442A4) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277443D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27611278) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761C1EC) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277446A4) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744860) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744A50) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744C10) [Address] EAT @explorer.exe (ShowCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (ShowClientAuthCerts) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (ShowSecurityInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722178) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722310) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744E68) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27652364) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744FA8) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277450C8) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745120) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774516C) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602630) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276077A0) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768BA04) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276589A8) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277451C4) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA5B0) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774521C) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745274) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277452D4) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774532C) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745384) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277453E4) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27658FF4) [Address] EAT @explorer.exe (UrlZonesDetach) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771D000) [Address] EAT @explorer.exe (DllCanUnloadNow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08274C) [Address] EAT @explorer.exe (DllGetClassObject) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C084984) [Address] EAT @explorer.exe (DwmAttachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmDefWindowProc) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082C30) [Address] EAT @explorer.exe (DwmDetachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082A70) [Address] EAT @explorer.exe (DwmEnableComposition) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C60C) [Address] EAT @explorer.exe (DwmEnableMMCSS) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083788) [Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082DC0) [Address] EAT @explorer.exe (DwmFlush) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0826C0) [Address] EAT @explorer.exe (DwmGetColorizationColor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C118) [Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081D40) [Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmGetTransportAttributes) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C8B0) [Address] EAT @explorer.exe (DwmGetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081010) [Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086308) [Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0811B0) [Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086F34) [Address] EAT @explorer.exe (DwmRegisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0869A8) [Address] EAT @explorer.exe (DwmRenderGesture) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087CEC) [Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D1CC) [Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D558) [Address] EAT @explorer.exe (DwmSetPresentParameters) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmSetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0810E8) [Address] EAT @explorer.exe (DwmShowContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A90) [Address] EAT @explorer.exe (DwmTetherContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CB1C) [Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08DBD8) [Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08677C) [Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A10) [Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082320) [Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C085FE0) [Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087710) [Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083760) [Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0822E4) [Address] EAT @explorer.exe (DwmpRenderFlick) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CE70) [Address] EAT @explorer.exe (DllCanUnloadNow) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671010) [Address] EAT @explorer.exe (DllGetClassObject) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671130) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++ --- User --- [MBR] 9f57b91429c7fb29218b824589d1936c [bSP] 266bfe222773337e6090355ba634d302 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multiple Card Reader USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) Termine : << RKreport[0]_S_04252014_091652.txt >> ♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦ RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : Suppression -- Date : 04/25/2014 09:17:10 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 4 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0) [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0) ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1010) [Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1E60) [Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F30B0) [Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F3114) [Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FA0C) [Address] EAT @explorer.exe (AccConvertAccessToSD) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FB80) [Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FD3C) [Address] EAT @explorer.exe (AccConvertAclToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FE90) [Address] EAT @explorer.exe (AccConvertSDToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FF2C) [Address] EAT @explorer.exe (AccFreeIndexArray) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000D80) [Address] EAT @explorer.exe (AccGetAccessForTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280101A8) [Address] EAT @explorer.exe (AccGetExplicitEntries) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010288) [Address] EAT @explorer.exe (AccGetInheritanceSource) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000EA0) [Address] EAT @explorer.exe (AccLookupAccountName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010348) [Address] EAT @explorer.exe (AccLookupAccountSid) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010648) [Address] EAT @explorer.exe (AccLookupAccountTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280109CC) [Address] EAT @explorer.exe (AccProvCancelOperation) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CAFC) [Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CB74) [Address] EAT @explorer.exe (AccProvGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CC1C) [Address] EAT @explorer.exe (AccProvGetCapabilities) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF8100) [Address] EAT @explorer.exe (AccProvGetOperationResults) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CDF8) [Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CF38) [Address] EAT @explorer.exe (AccProvGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D040) [Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D1B0) [Address] EAT @explorer.exe (AccProvHandleGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D298) [Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D410) [Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800C4D0) [Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D48C) [Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D524) [Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D660) [Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D738) [Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D810) [Address] EAT @explorer.exe (AccProvIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D910) [Address] EAT @explorer.exe (AccProvIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DA24) [Address] EAT @explorer.exe (AccProvRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DE74) [Address] EAT @explorer.exe (AccProvRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DFB0) [Address] EAT @explorer.exe (AccProvSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800E0EC) [Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BD4) [Address] EAT @explorer.exe (AccRewriteGetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001510) [Address] EAT @explorer.exe (AccRewriteGetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001680) [Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3070) [Address] EAT @explorer.exe (AccRewriteSetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2270) [Address] EAT @explorer.exe (AccRewriteSetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3BA0) [Address] EAT @explorer.exe (AccSetEntriesInAList) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010AD4) [Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF58A0) [Address] EAT @explorer.exe (EventGuidToName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDE68) [Address] EAT @explorer.exe (EventNameFree) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDEF4) [Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BCC) [Address] EAT @explorer.exe (GetMartaExtensionInterface) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3600) [Address] EAT @explorer.exe (GetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2680) [Address] EAT @explorer.exe (GetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF1390) [Address] EAT @explorer.exe (SetEntriesInAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3060) [Address] EAT @explorer.exe (SetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3E64) [Address] EAT @explorer.exe (SetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF21B0) [Address] EAT @explorer.exe (AppCacheCheckManifest) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27635828) [Address] EAT @explorer.exe (AppCacheCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276317E0) [Address] EAT @explorer.exe (AppCacheDeleteGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741320) [Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741378) [Address] EAT @explorer.exe (AppCacheDuplicateHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27631950) [Address] EAT @explorer.exe (AppCacheFinalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277413D0) [Address] EAT @explorer.exe (AppCacheFreeDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741428) [Address] EAT @explorer.exe (AppCacheFreeGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276897C0) [Address] EAT @explorer.exe (AppCacheFreeIESpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607548) [Address] EAT @explorer.exe (AppCacheFreeSpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741510) [Address] EAT @explorer.exe (AppCacheGetDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741568) [Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2769BB94) [Address] EAT @explorer.exe (AppCacheGetGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768979C) [Address] EAT @explorer.exe (AppCacheGetIEGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277415C0) [Address] EAT @explorer.exe (AppCacheGetInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741618) [Address] EAT @explorer.exe (AppCacheGetManifestUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276340B0) [Address] EAT @explorer.exe (AppCacheLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27656FF8) [Address] EAT @explorer.exe (CommitUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B2C0) [Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764C888) [Address] EAT @explorer.exe (CommitUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E4C0) [Address] EAT @explorer.exe (CreateMD5SSOHash) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27718690) [Address] EAT @explorer.exe (CreateUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760322C) [Address] EAT @explorer.exe (CreateUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27603388) [Address] EAT @explorer.exe (CreateUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B450) [Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E7C) [Address] EAT @explorer.exe (CreateUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E58) [Address] EAT @explorer.exe (CreateUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774252C) [Address] EAT @explorer.exe (DeleteIE3Cache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27746A34) [Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607A00) [Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276383B0) [Address] EAT @explorer.exe (DeleteUrlCacheEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494) [Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494) [Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607B70) [Address] EAT @explorer.exe (DeleteUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774262C) [Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF270) [Address] EAT @explorer.exe (DetectAutoProxyUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF76C) [Address] EAT @explorer.exe (DispatchAPICall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D1B28) [Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649CC0) [Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27645990) [Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DA544) [Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E22D0) [Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E2310) [Address] EAT @explorer.exe (FindCloseUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA0C0) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E16C) [Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602CB4) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBA6C) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647DA8) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276097E0) [Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647570) [Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742730) [Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E044) [Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602F48) [Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBED0) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742878) [Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742A48) [Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27609400) [Address] EAT @explorer.exe (FindNextUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742C18) [Address] EAT @explorer.exe (ForceNexusLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771889C) [Address] EAT @explorer.exe (ForceNexusLookupExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277188F0) [Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742D34) [Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276066F0) [Address] EAT @explorer.exe (FtpCommandA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED388) [Address] EAT @explorer.exe (FtpCommandW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0D4C) [Address] EAT @explorer.exe (FtpCreateDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED46C) [Address] EAT @explorer.exe (FtpCreateDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0EE8) [Address] EAT @explorer.exe (FtpDeleteFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED50C) [Address] EAT @explorer.exe (FtpDeleteFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1050) [Address] EAT @explorer.exe (FtpFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED5AC) [Address] EAT @explorer.exe (FtpFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F11B8) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED818) [Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1390) [Address] EAT @explorer.exe (FtpGetFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED8D8) [Address] EAT @explorer.exe (FtpGetFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1518) [Address] EAT @explorer.exe (FtpGetFileSize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDAFC) [Address] EAT @explorer.exe (FtpGetFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F16AC) [Address] EAT @explorer.exe (FtpOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDD70) [Address] EAT @explorer.exe (FtpOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F17B0) [Address] EAT @explorer.exe (FtpPutFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDE50) [Address] EAT @explorer.exe (FtpPutFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1840) [Address] EAT @explorer.exe (FtpPutFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F19A4) [Address] EAT @explorer.exe (FtpRemoveDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE1D0) [Address] EAT @explorer.exe (FtpRemoveDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1A78) [Address] EAT @explorer.exe (FtpRenameFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE270) [Address] EAT @explorer.exe (FtpRenameFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1BD4) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE324) [Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1DF4) [Address] EAT @explorer.exe (GetProxyDllInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D7C00) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742F54) [Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276062C8) [Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DACF0) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277431F0) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277433A8) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764F540) [Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D7824) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277435F0) [Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743858) [Address] EAT @explorer.exe (GetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EBDE0) [Address] EAT @explorer.exe (GopherCreateLocatorA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherCreateLocatorW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetLocatorTypeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherGetLocatorTypeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (GopherOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (HttpAddRequestHeadersA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E4140) [Address] EAT @explorer.exe (HttpAddRequestHeadersW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7A30) [Address] EAT @explorer.exe (HttpCheckDavCompliance) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277045C8) [Address] EAT @explorer.exe (HttpCloseDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276530E0) [Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27653240) [Address] EAT @explorer.exe (HttpEndRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618A68) [Address] EAT @explorer.exe (HttpEndRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704C64) [Address] EAT @explorer.exe (HttpGetServerCredentials) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771CBCC) [Address] EAT @explorer.exe (HttpGetTunnelSocket) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7058) [Address] EAT @explorer.exe (HttpOpenDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276563C0) [Address] EAT @explorer.exe (HttpOpenRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277052C0) [Address] EAT @explorer.exe (HttpOpenRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E2EE0) [Address] EAT @explorer.exe (HttpPushClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7D94) [Address] EAT @explorer.exe (HttpPushEnable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E44) [Address] EAT @explorer.exe (HttpPushWait) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E9C) [Address] EAT @explorer.exe (HttpQueryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E8B60) [Address] EAT @explorer.exe (HttpQueryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EA090) [Address] EAT @explorer.exe (HttpSendRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276840D0) [Address] EAT @explorer.exe (HttpSendRequestExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704D64) [Address] EAT @explorer.exe (HttpSendRequestExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618880) [Address] EAT @explorer.exe (HttpSendRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7634) [Address] EAT @explorer.exe (HttpWebSocketClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715350) [Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277158DC) [Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715498) [Address] EAT @explorer.exe (HttpWebSocketReceive) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715D7C) [Address] EAT @explorer.exe (HttpWebSocketSend) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277162C0) [Address] EAT @explorer.exe (HttpWebSocketShutdown) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27716580) [Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276174F4) [Address] EAT @explorer.exe (InternetAlgIdToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721ABC) [Address] EAT @explorer.exe (InternetAlgIdToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721CA0) [Address] EAT @explorer.exe (InternetAttemptConnect) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DBF9C) [Address] EAT @explorer.exe (InternetAutodial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1148) [Address] EAT @explorer.exe (InternetAutodialCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D844C) [Address] EAT @explorer.exe (InternetAutodialHangup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E11E0) [Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC004) [Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687A50) [Address] EAT @explorer.exe (InternetCheckConnectionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC110) [Address] EAT @explorer.exe (InternetCheckConnectionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD40C) [Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D68) [Address] EAT @explorer.exe (InternetCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E71F4) [Address] EAT @explorer.exe (InternetCombineUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC5B8) [Address] EAT @explorer.exe (InternetCombineUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C930) [Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C) [Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27681BD0) [Address] EAT @explorer.exe (InternetConnectA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC6D0) [Address] EAT @explorer.exe (InternetConnectW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E65EC) [Address] EAT @explorer.exe (InternetCrackUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276130E4) [Address] EAT @explorer.exe (InternetCrackUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27659760) [Address] EAT @explorer.exe (InternetCreateUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC800) [Address] EAT @explorer.exe (InternetCreateUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763BEC8) [Address] EAT @explorer.exe (InternetDial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270) [Address] EAT @explorer.exe (InternetDialA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270) [Address] EAT @explorer.exe (InternetDialW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E131C) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D74) [Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705DE0) [Address] EAT @explorer.exe (InternetErrorDlg) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722B24) [Address] EAT @explorer.exe (InternetFindNextFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F06A8) [Address] EAT @explorer.exe (InternetFindNextFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F29E8) [Address] EAT @explorer.exe (InternetFortezzaCommand) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7EF4) [Address] EAT @explorer.exe (InternetFreeCookies) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616AC8) [Address] EAT @explorer.exe (InternetFreeProxyInfoList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768762C) [Address] EAT @explorer.exe (InternetGetCertByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (InternetGetCertByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (InternetGetConnectedState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764EE28) [Address] EAT @explorer.exe (InternetGetConnectedStateEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0) [Address] EAT @explorer.exe (InternetGetConnectedStateExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0) [Address] EAT @explorer.exe (InternetGetConnectedStateExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762AD90) [Address] EAT @explorer.exe (InternetGetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070B0) [Address] EAT @explorer.exe (InternetGetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616A98) [Address] EAT @explorer.exe (InternetGetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070E0) [Address] EAT @explorer.exe (InternetGetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616B34) [Address] EAT @explorer.exe (InternetGetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277073E4) [Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC898) [Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD500) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705EC4) [Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705F14) [Address] EAT @explorer.exe (InternetGetProxyForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687374) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38) [Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD6BC) [Address] EAT @explorer.exe (InternetGoOnline) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0) [Address] EAT @explorer.exe (InternetGoOnlineA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0) [Address] EAT @explorer.exe (InternetGoOnlineW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1468) [Address] EAT @explorer.exe (InternetHangUp) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1500) [Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C574) [Address] EAT @explorer.exe (InternetLockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276502BC) [Address] EAT @explorer.exe (InternetOpenA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D55C) [Address] EAT @explorer.exe (InternetOpenUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCB50) [Address] EAT @explorer.exe (InternetOpenUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD7B8) [Address] EAT @explorer.exe (InternetOpenW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D3D4) [Address] EAT @explorer.exe (InternetQueryDataAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275FAB70) [Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7F54) [Address] EAT @explorer.exe (InternetQueryOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E0D50) [Address] EAT @explorer.exe (InternetQueryOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E1220) [Address] EAT @explorer.exe (InternetReadFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F8430) [Address] EAT @explorer.exe (InternetReadFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF90) [Address] EAT @explorer.exe (InternetReadFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF00) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721E78) [Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721FE8) [Address] EAT @explorer.exe (InternetSetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707404) [Address] EAT @explorer.exe (InternetSetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770742C) [Address] EAT @explorer.exe (InternetSetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770748C) [Address] EAT @explorer.exe (InternetSetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27612BB0) [Address] EAT @explorer.exe (InternetSetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707530) [Address] EAT @explorer.exe (InternetSetDialState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580) [Address] EAT @explorer.exe (InternetSetDialStateA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580) [Address] EAT @explorer.exe (InternetSetDialStateW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E15D8) [Address] EAT @explorer.exe (InternetSetFilePointer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A07C) [Address] EAT @explorer.exe (InternetSetOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DDF30) [Address] EAT @explorer.exe (InternetSetOptionExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDDE0) [Address] EAT @explorer.exe (InternetSetOptionExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDED4) [Address] EAT @explorer.exe (InternetSetOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DE3F0) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705FAC) [Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27706044) [Address] EAT @explorer.exe (InternetSetStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178) [Address] EAT @explorer.exe (InternetSetStatusCallbackA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178) [Address] EAT @explorer.exe (InternetSetStatusCallbackW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761EF08) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4) [Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD970) [Address] EAT @explorer.exe (InternetTimeFromSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC) [Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768AD7C) [Address] EAT @explorer.exe (InternetTimeToSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760) [Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760) [Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768468C) [Address] EAT @explorer.exe (InternetUnlockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764FFF0) [Address] EAT @explorer.exe (InternetWriteFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618B08) [Address] EAT @explorer.exe (InternetWriteFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (InternetWriteFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (IsHostInProxyBypassList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762BC50) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743A8C) [Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A290) [Address] EAT @explorer.exe (LoadUrlCacheContent) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C) [Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276146B8) [Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704318) [Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761CBBC) [Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743BDC) [Address] EAT @explorer.exe (RegisterUrlCacheNotification) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649ED8) [Address] EAT @explorer.exe (ResumeSuspendedDownload) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E0670) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743CEC) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743EC8) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277440A0) [Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276880B8) [Address] EAT @explorer.exe (RunOnceUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277442A4) [Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277443D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8) [Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27611278) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761C1EC) [Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277446A4) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744860) [Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744A50) [Address] EAT @explorer.exe (SetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744C10) [Address] EAT @explorer.exe (ShowCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (ShowClientAuthCerts) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158) [Address] EAT @explorer.exe (ShowSecurityInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722178) [Address] EAT @explorer.exe (ShowX509EncodedCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722310) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30) [Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744E68) [Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27652364) [Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744FA8) [Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277450C8) [Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745120) [Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774516C) [Address] EAT @explorer.exe (UrlCacheCreateContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602630) [Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276077A0) [Address] EAT @explorer.exe (UrlCacheFindNextEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768BA04) [Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276589A8) [Address] EAT @explorer.exe (UrlCacheGetContentPaths) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277451C4) [Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA5B0) [Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774521C) [Address] EAT @explorer.exe (UrlCacheReadEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745274) [Address] EAT @explorer.exe (UrlCacheReloadSettings) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277452D4) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774532C) [Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745384) [Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277453E4) [Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27658FF4) [Address] EAT @explorer.exe (UrlZonesDetach) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771D000) [Address] EAT @explorer.exe (DllCanUnloadNow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08274C) [Address] EAT @explorer.exe (DllGetClassObject) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C084984) [Address] EAT @explorer.exe (DwmAttachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmDefWindowProc) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082C30) [Address] EAT @explorer.exe (DwmDetachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082A70) [Address] EAT @explorer.exe (DwmEnableComposition) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C60C) [Address] EAT @explorer.exe (DwmEnableMMCSS) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083788) [Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082DC0) [Address] EAT @explorer.exe (DwmFlush) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0826C0) [Address] EAT @explorer.exe (DwmGetColorizationColor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C118) [Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081D40) [Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180) [Address] EAT @explorer.exe (DwmGetTransportAttributes) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C8B0) [Address] EAT @explorer.exe (DwmGetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081010) [Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086308) [Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0811B0) [Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086F34) [Address] EAT @explorer.exe (DwmRegisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0869A8) [Address] EAT @explorer.exe (DwmRenderGesture) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087CEC) [Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D1CC) [Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D558) [Address] EAT @explorer.exe (DwmSetPresentParameters) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050) [Address] EAT @explorer.exe (DwmSetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0810E8) [Address] EAT @explorer.exe (DwmShowContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A90) [Address] EAT @explorer.exe (DwmTetherContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CB1C) [Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08DBD8) [Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08677C) [Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A10) [Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082320) [Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C085FE0) [Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087710) [Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083760) [Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0822E4) [Address] EAT @explorer.exe (DwmpRenderFlick) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CE70) [Address] EAT @explorer.exe (DllCanUnloadNow) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671010) [Address] EAT @explorer.exe (DllGetClassObject) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671130) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++ --- User --- [MBR] 9f57b91429c7fb29218b824589d1936c [bSP] 266bfe222773337e6090355ba634d302 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multiple Card Reader USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) Termine : << RKreport[0]_D_04252014_091710.txt >> RKreport[0]_S_04252014_091652.txt ♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦ RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : HOSTS RAZ -- Date : 04/25/2014 09:19:09 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ Termine : << RKreport[0]_H_04252014_091909.txt >> RKreport[0]_S_04252014_091652.txt ♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦ RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : Proxy RAZ -- Date : 04/25/2014 09:19:58 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_PR_04252014_091958.txt >> RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt ♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦ RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : DNS RAZ -- Date : 04/25/2014 09:20:25 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_DN_04252014_092025.txt >> RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt ♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦ RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version Demarrage : Mode normal Utilisateur : Sonic Jr [Droits d'admin] Mode : Raccourcis RAZ -- Date : 04/25/2014 09:21:21 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 0 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 0 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 0 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 15 / Fail 24 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume4 -- 0x3 --> Restored [D:] \Device\HarddiskVolume5 -- 0x3 --> Restored [E:] \Device\CdRom0 -- 0x5 --> Skipped [F:] \Device\HarddiskVolume6 -- 0x2 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[0]_SC_04252014_092121.txt >> RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt Merci, bon vendredi

Bonsoir Voici le lien vers le rapport : http://cjoint.com/?0DywGuLvf8B Merci

Bonsoir ♦ J'ai fait le fix ce matin. Dans le rapport, il me semble avoir vu que l'antivirus n'était pas désactivé. Or pour moi, il l'était (Avira), et il n'arrêtait pas de hurler des notifications comme quoi l'ordi n'était plus protégé etc. Au besoin, je le désinstalle temporairement. Voici le rapport : Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014 Fichier d'export Registre : Run by Sonic Jr at 24/04/2014 09:31:45 High Elevated Privileges : OK Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Corbeille vidée (00mn 05s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Clés du Registre ========== SUPPRIMÉ: SearchScopes :{D944BB61-2E34-4DBF-A683-47E505C587DC} Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== SUPPRIMÉ AAKE KeyValue: C:\Program Files (x86)\JeuDeMots\JeuDeMots.exe ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D} SUPPRIMÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6} SUPPRIMÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266} SUPPRIMÉ: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD} ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Temporaires Windows (13) SUPPRIMÉS Flash Cookies (0) ========== Fichiers ========== SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\wstlibg64.sys SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsb491a.tmp\uac.dll SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsgb4d1.tmp\uac.dll SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsob59f.tmp\uac.dll SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsi106b.tmp\nsprocess.dll SUPPRIMÉS Temporaires Windows (41) (1 535 190 octets) SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Fichier HOSTS ========== Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus. ========== Récapitulatif ========== 2 : Clés du Registre 13 : Valeurs du Registre 3 : Dossiers 7 : Fichiers 1 : Fichier HOSTS End of clean in 00mn 06s ========== Chemin de fichier rapport ========== C:\Users\Sonic Jr\AppData\Roaming\ZHP\ZHPFix[R1].txt - 24/04/2014 09:31:50 [2130] ♦ L'analyse MBAM a été très longue (5 heures). 6 éléments ont été trouvés. Voici le rapport : Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 24/04/2014 Heure de l'examen: 19:04:21 Fichier journal: Administrateur: Oui Version: 2.00.1.1004 Base de données Malveillants: v2014.04.24.06 Base de données Rootkits: v2014.03.27.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Chameleon: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Sonic Jr Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 617974 Temps écoulé: 5 h, 2 min, 53 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Shuriken: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 3 PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\mysearchdial.com, Supprimé-au-redémarrage, [e31dd42c54ac0df39bc8f4a62cd71de3], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\mysearchdial.com, Supprimé-au-redémarrage, [30d032ce16ea817f481b98023fc44eb2], PUP.Optional.Softonic.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SOFTONIC\Universal Downloader, Supprimé-au-redémarrage, [5da357a9d12f0bf53525a4cde31f7d83], Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 3 PUP.Optional.MySearchDial.A, C:\Users\Sonic Jr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iagcajndpnfncplednpbnkahadegklfa_0.localstorage, Mis en quarantaine, [dc24ad53fa06e917d87c036eb34fe020], PUP.Optional.MySearchDial.A, C:\Users\pak\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyE0AtByEzyyBtBtAyCtN0D0Tzu0SzzyEtBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtB0A0CyC0CyDtDtG0B0FyB0FtGtD0FyBzztGyE0D0FyBtGyDyBtAyDyC0EtD0EyDtBzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyyDzyyDzyyBzytGzyzyyCtBtG0DtC0ByDtG0B0E0CtBtGtBtAtA0E0B0FtByBzzzztCyE2Q&cr=143980044&ir=",), Remplacé,[06fa847cc53bad53896b8bce26de9a66] PUP.Optional.MySearchDial.A, C:\Users\pak\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyE0AtByEzyyBtBtAyCtN0D0Tzu0SzzyEtBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtB0A0CyC0CyDtDtG0B0FyB0FtGtD0FyBzztGyE0D0FyBtGyDyBtAyDyC0EtD0EyDtBzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyyDzyyDzyyBzytGzyzyyCtBtG0DtC0ByDtG0B0E0CtBtGtBtAtA0E0B0FtByBzzzztCyE2Q&cr=143980044&ir=" ],), Remplacé,[a35d3fc13ec2ba4675b1c89234d0a060] Secteurs physiques: 0 (No malicious items detected) (end) Encore merci pour ton aide

Coucou ♦ Non, je ne trouve pas trace du premier rapport MBAM, désolée. Il m'en notifie un qui se serait terminé vers 14 h 20, mais quand je l'ouvre, il me dit qu'il a duré une heure. Or pour moi, l'analyse a duré 4 heures... Voici, quoi qu'il en soit, le rapport : http://cjoint.com/?0Dxw62c3Fee ♦ Ce soir, analyse rapide des rootkits : aucune menace détectée (je dois le refaire en scannant aussi les archives ? Ce serait peut-être judicieux). Log : http://cjoint.com/?0Dxxa68mNjd ♦ Java apparemment pas installé (?). L'outil de Pierre l'installe (J'en étais restée à JavaRa, j'apprécie la différence, hihihi ! ). Rapport : JavaUpdate (Pierre13) Rapport du 23\04\2014 à 22:24:12 PC de Sonic Jr Version de Windows : Windows 8.1 (64 bits) Dernière version 7 Update 55 Aucune version de Java installée Dernière version Java 7 Update 55 installée ! Mise à jour automatique de Java désactivée. Fin du rapport. Le rapport est sur le bureau : C:\Users\Sonic Jr\Desktop\Rapport_JavaUpdate.txt ♦ Adobe Reader n'est pas installé. Ça, je me rappelle clairement l'avoir désinstallé moi-même : j'utilise Sumatra, plus léger et plus rapide. Donc c'est normal, et si je peux continuer comme ça, ça me va très bien : Rapport Adobe Reader Update (Pierre13) 23/04/2014 => 22:28:24 PC : Sonic Jr Version de Windows : Windows 8.1 (64 bits) Adobe Reader n'est pas installé. Installation dernière version refusée. Dernière version : 11.0.06 Fin du rapport. Le rapport est sur le bureau (C:\Users\Sonic Jr\Desktop\Rapport_ADRUpdate.txt) ♦ J'ai vérifié : Flash Player semble à jour (vérification sur le site d'Adobe) : "You have version 13,0,0,182 installed" ♦ Rapport ZHPDiag ici : http://cjoint.com/?0DxwUMOpiSk ♦ L'ordi marche bien, pas de souci. En revanche, Firefox est bizarre, comme si je l'utilisais avec un bac à sable : il ne maintient aucune "préférence". Je lui dis de mettre telle page en accueil, de ne pas enregistrer les mots de passe ou l'historique (etc.) il dit OK, et tout fonctionne bien. Mais dès que je le redémarre, c'est comme s'il n'avait rien pris en compte. C'est identique sur toutes les sessions. Ça me pose un souci avec les extensions qui mettent un message systématique à chaque ouverture (Zotero, LastPass, Xmarks), ça me pose un énorme souci avec les marque-pages (que normalement, je ne garde pas avec Firefox mais avec Xmarks : j'ai peur qu'ils ne se "combinent" plus et que je perde une partie – d'autant qu'Xmarks est inopérant pour le moment : impossible de se logguer). C'est la première fois que je rencontre ce problème, je n'ai aucune idée de ce qui se passe et de comment y remédier Encore merci pour tout, bonne soirée