[Résolu] Problème MySearchDial

[ivy]

Bonsoir

♦ J'ai fait le fix ce matin. Dans le rapport, il me semble avoir vu que l'antivirus n'était pas désactivé. Or pour moi, il l'était (Avira), et il n'arrêtait pas de hurler des notifications comme quoi l'ordi n'était plus protégé etc. Au besoin, je le désinstalle temporairement. Voici le rapport :
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Sonic Jr at 24/04/2014 09:31:45
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (00mn 05s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Clés du Registre ==========
SUPPRIMÉ: SearchScopes :{D944BB61-2E34-4DBF-A683-47E505C587DC}
Branche de Base de Registres IFEO non infectée !

========== Valeurs du Registre ==========
SUPPRIMÉ AAKE KeyValue: C:\Program Files (x86)\JeuDeMots\JeuDeMots.exe
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
SUPPRIMÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
SUPPRIMÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
SUPPRIMÉ: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIMÉS Temporaires Windows (13)
SUPPRIMÉS Flash Cookies (0)

========== Fichiers ==========
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\wstlibg64.sys
SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsb491a.tmp\uac.dll
SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsgb4d1.tmp\uac.dll
SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsob59f.tmp\uac.dll
SUPPRIMÉ: c:\users\sonic jr\appdata\local\temp\nsi106b.tmp\nsprocess.dll
SUPPRIMÉS Temporaires Windows (41) (1 535 190 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.


========== Récapitulatif ==========
2 : Clés du Registre
13 : Valeurs du Registre
3 : Dossiers
7 : Fichiers
1 : Fichier HOSTS


End of clean in 00mn 06s

========== Chemin de fichier rapport ==========
C:\Users\Sonic Jr\AppData\Roaming\ZHP\ZHPFix[R1].txt - 24/04/2014 09:31:50 [2130]

 

♦ L'analyse MBAM a été très longue (5 heures). 6 éléments ont été trouvés. Voici le rapport :
Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 24/04/2014
Heure de l'examen: 19:04:21
Fichier journal:
Administrateur: Oui

Version: 2.00.1.1004
Base de données Malveillants: v2014.04.24.06
Base de données Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Chameleon: Désactivé(e)

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Sonic Jr

Type d'examen: Examen "Personnalisé"
Résultat: Terminé
Objets analysés: 617974
Temps écoulé: 5 h, 2 min, 53 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 3
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\mysearchdial.com, Supprimé-au-redémarrage, [e31dd42c54ac0df39bc8f4a62cd71de3],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\mysearchdial.com, Supprimé-au-redémarrage, [30d032ce16ea817f481b98023fc44eb2],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1254929784-3388957645-1428939581-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SOFTONIC\Universal Downloader, Supprimé-au-redémarrage, [5da357a9d12f0bf53525a4cde31f7d83],

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 0
(No malicious items detected)

Dossiers: 0
(No malicious items detected)

Fichiers: 3
PUP.Optional.MySearchDial.A, C:\Users\Sonic Jr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iagcajndpnfncplednpbnkahadegklfa_0.localstorage, Mis en quarantaine, [dc24ad53fa06e917d87c036eb34fe020],
PUP.Optional.MySearchDial.A, C:\Users\pak\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyE0AtByEzyyBtBtAyCtN0D0Tzu0SzzyEtBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtB0A0CyC0CyDtDtG0B0FyB0FtGtD0FyBzztGyE0D0FyBtGyDyBtAyDyC0EtD0EyDtBzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyyDzyyDzyyBzytGzyzyyCtBtG0DtC0ByDtG0B0E0CtBtGtBtAtA0E0B0FtByBzzzztCyE2Q&cr=143980044&ir=",), Remplacé,[06fa847cc53bad53896b8bce26de9a66]
PUP.Optional.MySearchDial.A, C:\Users\pak\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyE0AtByEzyyBtBtAyCtN0D0Tzu0SzzyEtBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtB0A0CyC0CyDtDtG0B0FyB0FtGtD0FyBzztGyE0D0FyBtGyDyBtAyDyC0EtD0EyDtBzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyyDzyyDzyyBzytGzyzyyCtBtG0DtC0ByDtG0B0E0CtBtGtBtAtA0E0B0FtByBzzzztCyE2Q&cr=143980044&ir=" ],), Remplacé,[a35d3fc13ec2ba4675b1c89234d0a060]

Secteurs physiques: 0
(No malicious items detected)


(end)

 

Encore merci pour ton aide

[Apollo]

Je voudrais vérifier quelques trucs, refais un scan ZhpDiag stp.

 

Héberge le rapport.

 

@++

[ivy]

Bonsoir

 

Voici le lien vers le rapport : http://cjoint.com/?0DywGuLvf8B

 

Merci

[Apollo]

Bonsoir

 

1) Télécharge RogueKiller (par Tigzy) sur le bureau
(A partir d'une clé USB si le Rogue empêche l'accès au net) .
http://www.sur-la-toile.com/RogueKiller/
Quitte tous les programmes en cours
Lance RogueKiller.exe.

Sous Vista/Seven/8, faire un clic droit et choisir Exécuter en tant qu'administrateur. Clique sur scan

Poste le rapport stp.

----------------------------------

2) Clique sur Suppression et poste le rapport.

Explications de Tigzy: http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html

Poste les rapports obtenus après chaque demande de manip stp.

Autres options à faire:

- HostRAZ
- Proxyraz
- DNS Raz
- RaccourcisRaz
- Rapports.

 

@++

[ivy]

Bonjour, bonjour

Pas de souci pour télécharger ou exécuter RogueKiller (j'avais le choix, j'ai pris le X64). En revanche, le Driver ne s'est pas chargé, comme c'est expliqué dans le tuto, donc on n'a pas l'analyse Rootkit.
Voici les rapports :

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : Recherche -- Date : 04/25/2014 09:16:52
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1010)
[Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1E60)
[Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F30B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F3114)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280101A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280109CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF8100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800C4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800E0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF58A0)
[Address] EAT @explorer.exe (EventGuidToName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDE68)
[Address] EAT @explorer.exe (EventNameFree) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2680)
[Address] EAT @explorer.exe (GetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF1390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF21B0)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27635828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276317E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27631950)
[Address] EAT @explorer.exe (AppCacheFinalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277413D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276897C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2769BB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277415C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276340B0)
[Address] EAT @explorer.exe (AppCacheLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27656FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764C888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27718690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27603388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27746A34)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276383B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF76C)
[Address] EAT @explorer.exe (DispatchAPICall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D1B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27645990)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DA544)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E22D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E2310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276097E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27609400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277188F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276066F0)
[Address] EAT @explorer.exe (FtpCommandA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED388)
[Address] EAT @explorer.exe (FtpCommandW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F11B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1390)
[Address] EAT @explorer.exe (FtpGetFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1518)
[Address] EAT @explorer.exe (FtpGetFileSize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F16AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F17B0)
[Address] EAT @explorer.exe (FtpPutFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1840)
[Address] EAT @explorer.exe (FtpPutFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F19A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE270)
[Address] EAT @explorer.exe (FtpRenameFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D7C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276062C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277431F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277433A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764F540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D7824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277435F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EBDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E4140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277045C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276530E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27653240)
[Address] EAT @explorer.exe (HttpEndRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771CBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276563C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277052C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E2EE0)
[Address] EAT @explorer.exe (HttpPushClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7D94)
[Address] EAT @explorer.exe (HttpPushEnable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E44)
[Address] EAT @explorer.exe (HttpPushWait) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E8B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EA090)
[Address] EAT @explorer.exe (HttpSendRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276840D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618880)
[Address] EAT @explorer.exe (HttpSendRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277158DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277162C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27716580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276174F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DBF9C)
[Address] EAT @explorer.exe (InternetAutodial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E11E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E71F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C930)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27681BD0)
[Address] EAT @explorer.exe (InternetConnectA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC6D0)
[Address] EAT @explorer.exe (InternetConnectW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E65EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276130E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27659760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763BEC8)
[Address] EAT @explorer.exe (InternetDial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270)
[Address] EAT @explorer.exe (InternetDialA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270)
[Address] EAT @explorer.exe (InternetDialW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F06A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F29E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764EE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762AD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277073E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1468)
[Address] EAT @explorer.exe (InternetHangUp) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276502BC)
[Address] EAT @explorer.exe (InternetOpenA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD7B8)
[Address] EAT @explorer.exe (InternetOpenW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275FAB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E0D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E1220)
[Address] EAT @explorer.exe (InternetReadFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F8430)
[Address] EAT @explorer.exe (InternetReadFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27612BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707530)
[Address] EAT @explorer.exe (InternetSetDialState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E15D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DDF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DE3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27706044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761EF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768AD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764FFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762BC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276146B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761CBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E0670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277440A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276880B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277442A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277443D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27611278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761C1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277446A4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744C10)
[Address] EAT @explorer.exe (ShowCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27652364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277450C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276077A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768BA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276589A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277451C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745274)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277452D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277453E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27658FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771D000)
[Address] EAT @explorer.exe (DllCanUnloadNow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08274C)
[Address] EAT @explorer.exe (DllGetClassObject) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C084984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082DC0)
[Address] EAT @explorer.exe (DwmFlush) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0826C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0811B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0869A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0810E8)
[Address] EAT @explorer.exe (DwmShowContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A90)
[Address] EAT @explorer.exe (DwmTetherContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C085FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0822E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CE70)
[Address] EAT @explorer.exe (DllCanUnloadNow) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671010)
[Address] EAT @explorer.exe (DllGetClassObject) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671130)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++
--- User ---
[MBR] 9f57b91429c7fb29218b824589d1936c
[bSP] 266bfe222773337e6090355ba634d302 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multiple Card Reader USB Device +++++
Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. )

Termine : << RKreport[0]_S_04252014_091652.txt >>



♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : Suppression -- Date : 04/25/2014 09:17:10
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1010)
[Address] EAT @explorer.exe (DllGetClassObject) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0B1E60)
[Address] EAT @explorer.exe (DllRegisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F30B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : BatMeter.dll -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0x2A0F3114)
[Address] EAT @explorer.exe (AccConvertAccessMaskToActrlAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FA0C)
[Address] EAT @explorer.exe (AccConvertAccessToSD) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FB80)
[Address] EAT @explorer.exe (AccConvertAccessToSecurityDescriptor) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FD3C)
[Address] EAT @explorer.exe (AccConvertAclToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FE90)
[Address] EAT @explorer.exe (AccConvertSDToAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800FF2C)
[Address] EAT @explorer.exe (AccFreeIndexArray) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000D80)
[Address] EAT @explorer.exe (AccGetAccessForTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280101A8)
[Address] EAT @explorer.exe (AccGetExplicitEntries) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010288)
[Address] EAT @explorer.exe (AccGetInheritanceSource) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28000EA0)
[Address] EAT @explorer.exe (AccLookupAccountName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010348)
[Address] EAT @explorer.exe (AccLookupAccountSid) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010648)
[Address] EAT @explorer.exe (AccLookupAccountTrustee) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x280109CC)
[Address] EAT @explorer.exe (AccProvCancelOperation) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CAFC)
[Address] EAT @explorer.exe (AccProvGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CB74)
[Address] EAT @explorer.exe (AccProvGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CC1C)
[Address] EAT @explorer.exe (AccProvGetCapabilities) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF8100)
[Address] EAT @explorer.exe (AccProvGetOperationResults) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CDF8)
[Address] EAT @explorer.exe (AccProvGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800CF38)
[Address] EAT @explorer.exe (AccProvGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D040)
[Address] EAT @explorer.exe (AccProvHandleGetAccessInfoPerObjectType) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D1B0)
[Address] EAT @explorer.exe (AccProvHandleGetAllRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D298)
[Address] EAT @explorer.exe (AccProvHandleGetTrusteesAccess) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D410)
[Address] EAT @explorer.exe (AccProvHandleGrantAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800C4D0)
[Address] EAT @explorer.exe (AccProvHandleIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D48C)
[Address] EAT @explorer.exe (AccProvHandleIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D524)
[Address] EAT @explorer.exe (AccProvHandleRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D660)
[Address] EAT @explorer.exe (AccProvHandleRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D738)
[Address] EAT @explorer.exe (AccProvHandleSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D810)
[Address] EAT @explorer.exe (AccProvIsAccessAudited) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800D910)
[Address] EAT @explorer.exe (AccProvIsObjectAccessible) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DA24)
[Address] EAT @explorer.exe (AccProvRevokeAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DE74)
[Address] EAT @explorer.exe (AccProvRevokeAuditRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800DFB0)
[Address] EAT @explorer.exe (AccProvSetAccessRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x2800E0EC)
[Address] EAT @explorer.exe (AccRewriteGetExplicitEntriesFromAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BD4)
[Address] EAT @explorer.exe (AccRewriteGetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001510)
[Address] EAT @explorer.exe (AccRewriteGetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28001680)
[Address] EAT @explorer.exe (AccRewriteSetEntriesInAcl) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3070)
[Address] EAT @explorer.exe (AccRewriteSetHandleRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2270)
[Address] EAT @explorer.exe (AccRewriteSetNamedRights) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3BA0)
[Address] EAT @explorer.exe (AccSetEntriesInAList) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x28010AD4)
[Address] EAT @explorer.exe (AccTreeResetNamedSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF58A0)
[Address] EAT @explorer.exe (EventGuidToName) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDE68)
[Address] EAT @explorer.exe (EventNameFree) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FFDEF4)
[Address] EAT @explorer.exe (GetExplicitEntriesFromAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF7BCC)
[Address] EAT @explorer.exe (GetMartaExtensionInterface) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3600)
[Address] EAT @explorer.exe (GetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF2680)
[Address] EAT @explorer.exe (GetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF1390)
[Address] EAT @explorer.exe (SetEntriesInAclW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3060)
[Address] EAT @explorer.exe (SetNamedSecurityInfoW) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF3E64)
[Address] EAT @explorer.exe (SetSecurityInfo) : wlanapi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\ntmarta.dll @ 0x27FF21B0)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27635828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276317E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27631950)
[Address] EAT @explorer.exe (AppCacheFinalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277413D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276897C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2769BB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277415C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27741618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276340B0)
[Address] EAT @explorer.exe (AppCacheLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27656FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764C888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27718690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27603388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761B450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27689E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27746A34)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276383B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27615494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27607B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276FF76C)
[Address] EAT @explorer.exe (DispatchAPICall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D1B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27645990)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DA544)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E22D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E2310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276097E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27647570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764E044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DBED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27609400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277188F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276066F0)
[Address] EAT @explorer.exe (FtpCommandA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED388)
[Address] EAT @explorer.exe (FtpCommandW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F0EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F11B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1390)
[Address] EAT @explorer.exe (FtpGetFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276ED8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1518)
[Address] EAT @explorer.exe (FtpGetFileSize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F16AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F17B0)
[Address] EAT @explorer.exe (FtpPutFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EDE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1840)
[Address] EAT @explorer.exe (FtpPutFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F19A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE270)
[Address] EAT @explorer.exe (FtpRenameFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276EE324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F1DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D7C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27742F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276062C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277431F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277433A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764F540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D7824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277435F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EBDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E4140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277045C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276530E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27653240)
[Address] EAT @explorer.exe (HttpEndRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771CBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276563C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277052C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E2EE0)
[Address] EAT @explorer.exe (HttpPushClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7D94)
[Address] EAT @explorer.exe (HttpPushEnable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E44)
[Address] EAT @explorer.exe (HttpPushWait) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E8B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275EA090)
[Address] EAT @explorer.exe (HttpSendRequestA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276840D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618880)
[Address] EAT @explorer.exe (HttpSendRequestW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F7634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277158DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27715D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277162C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27716580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276174F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DBF9C)
[Address] EAT @explorer.exe (InternetAutodial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276D844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E11E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E71F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C930)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27681BD0)
[Address] EAT @explorer.exe (InternetConnectA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC6D0)
[Address] EAT @explorer.exe (InternetConnectW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E65EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276130E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27659760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763BEC8)
[Address] EAT @explorer.exe (InternetDial) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270)
[Address] EAT @explorer.exe (InternetDialA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1270)
[Address] EAT @explorer.exe (InternetDialW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F06A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F29E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764EE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276882A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762AD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277070E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27616B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277073E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DC898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27687374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E13D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1468)
[Address] EAT @explorer.exe (InternetHangUp) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2763C574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276502BC)
[Address] EAT @explorer.exe (InternetOpenA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD7B8)
[Address] EAT @explorer.exe (InternetOpenW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760D3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275FAB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E7F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E0D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275E1220)
[Address] EAT @explorer.exe (InternetReadFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275F8430)
[Address] EAT @explorer.exe (InternetReadFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761DF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27721FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2770748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27612BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27707530)
[Address] EAT @explorer.exe (InternetSetDialState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E1580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E15D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DDF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DDED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DE3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27705FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27706044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2760E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761EF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DCBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276DD970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276518FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768AD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27684760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2764FFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27618B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2762BC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768A290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276F9C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276146B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27704318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761CBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27649ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276E0670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27743EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277440A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276880B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275D4D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277442A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277443D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277444D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27611278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2761C1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277446A4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744C10)
[Address] EAT @explorer.exe (ShowCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27722310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27652364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27744FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277450C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27602630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276077A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2768BA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x276589A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277451C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x275DA5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745274)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277452D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2774532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27745384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x277453E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x27658FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x2771D000)
[Address] EAT @explorer.exe (DllCanUnloadNow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08274C)
[Address] EAT @explorer.exe (DllGetClassObject) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C084984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082DC0)
[Address] EAT @explorer.exe (DwmFlush) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0826C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C088180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C081010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0811B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C086F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0869A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0810E8)
[Address] EAT @explorer.exe (DwmShowContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A90)
[Address] EAT @explorer.exe (DwmTetherContact) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C082320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C085FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C087710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C083760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C0822E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : DAVHLPR.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x2C08CE70)
[Address] EAT @explorer.exe (DllCanUnloadNow) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671010)
[Address] EAT @explorer.exe (DllGetClassObject) : CLVDShellExt.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x29671130)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++
--- User ---
[MBR] 9f57b91429c7fb29218b824589d1936c
[bSP] 266bfe222773337e6090355ba634d302 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multiple Card Reader USB Device +++++
Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. )

Termine : << RKreport[0]_D_04252014_091710.txt >>
RKreport[0]_S_04252014_091652.txt



♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : HOSTS RAZ -- Date : 04/25/2014 09:19:09
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Nouveau fichier HOSTS: ¤¤¤


Termine : << RKreport[0]_H_04252014_091909.txt >>
RKreport[0]_S_04252014_091652.txt





♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : Proxy RAZ -- Date : 04/25/2014 09:19:58
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

Termine : << RKreport[0]_PR_04252014_091958.txt >>
RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt



♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : DNS RAZ -- Date : 04/25/2014 09:20:25
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

Termine : << RKreport[0]_DN_04252014_092025.txt >>
RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt


♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦♦

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Sonic Jr [Droits d'admin]
Mode : Raccourcis RAZ -- Date : 04/25/2014 09:21:21
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 0 / Fail 0
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 0
Mes videos: Success 0 / Fail 0
Disques locaux: Success 15 / Fail 24
Sauvegarde: [NOT FOUND]

Lecteurs:
[C:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume5 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume6 -- 0x2 --> Restored

¤¤¤ Infection : ¤¤¤

Termine : << RKreport[0]_SC_04252014_092121.txt >>
RKreport[0]_H_04252014_091909.txt;RKreport[0]_S_04252014_091652.txt

 

Merci, bon vendredi

[Apollo]

Bonjour,

 

Par sécurité, relance MBAM en examen rapide après avoir coché la case "recherche de rootkits".

 

 

• Dans l'onglet Paramètres > Sous-onglet Détection et Protection, Options de détection, cochez la case située devant Recherche de Rootkits.
• Cliquez sur l'onglet Examen, puis cliquez sur Examiner maintenant >>. Si une mise à jour est disponible, cliquez sur le bouton Mettre à jour maintenant.
• 
  
• Un Examen "Menaces" va démarrer.
• 
  
• Avec certaines infections, vous pouvez voir l'affichage de ce message:
  • 'Malwarebytes n'a pas pu charger le pilote Anti-Rootkit DDA'
• 
  
• Cliquez sur 'Oui' sur ce message, pour permettre le chargement du pilote après un redémarrage.
• 
  
• Laissez l'ordinateur redémarrer. Continuez avec le reste de ces instructions.
• 
  
• Quand l'examen est terminé, click Appliquer les actions.
• 
  
• Attendez l'affichage du message vous invitant à faire redémarrer le PC, puis cliquez sur Oui.

 

@++

[ivy]

Hm, tu sais, si je coche "examen rapide", l'analyse passe systématiquement de 20 minutes à 5 heures. Tu veux que je te le fasse en rapide ou en rootkit-pas-rapide ?

 

Merci

[Apollo]

Je ne "veux" rien mais cet analyse devrait être faite; si elle dure 5 heures il faudra bien s'y plier.

 

C'est quand-même bizarre car quand j'ai fait mes tests, ça n'a pas duré aussi longtemps que ça.

 

@++

[ivy]

D'accord, je lance alors
(J'ai eu une fois 4h30 et l'autre 5h)

[Apollo]

Au fait, exécute SFTGC, cela libérera de l'espace et mbam n'aura plus ces fichiers inutiles à vérifier (temp).

 

Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire.

Ferme tes applications, navigateurs.

Sous XP, double cliquer sur le fichier.
Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFTGC.txt)

Héberger sur http://cjoint.com pour ne pas planter le sujet. ou http://dl.free.fr/

 

@++