prosim o kontrolu logu,pc po nahrani her od deti skoro nejede
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:16:29, on 16.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Users\adlt\AppData\Local\Temp\cisad40ca\cmdinstall.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\expIorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mnchuxkSrv] C:\Windows\system32\mnchuxk.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mncrmeeptSrv] C:\Windows\system32\mncrmeept.vbe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Startup: MC service.lnk = with the lemons\Downloads\Hstart_4.1-bi\hstartt.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12268 bytes
zpomalene pc...trha se veskery pohyb
zpomalene pc...trha se veskery pohyb
Naposledy upravil(a) adltak dne 16 dub 2014 17:23, celkem upraveno 1 x.
-
guest
- Pohlaví:
Re: pocitac na bodu mrazu
pocitac na bodu mrazu
Než se ti někdo bude věnovat, přečti si Pravidla fóra, zejména část, jak má vypadat nadpis!
Re: zpomalene pc...trha se veskery pohyb
ok, predelano na popis problemu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalene pc...trha se veskery pohyb
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: zpomalene pc...trha se veskery pohyb
# AdwCleaner v3.023 - Report created 16/04/2014 at 20:33:42
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : adlt - ADLT-PC
# Running from : C:\Users\adlt\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : BackupStack
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\VideoDownloadConverter_4z
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\VideoDownloadConverter_4z
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\adlt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14262 octets] - [16/04/2014 20:13:29]
AdwCleaner[R1].txt - [13533 octets] - [16/04/2014 20:18:48]
AdwCleaner[R2].txt - [1853 octets] - [16/04/2014 20:33:42]
AdwCleaner[S0].txt - [14076 octets] - [16/04/2014 20:14:01]
AdwCleaner[S1].txt - [13585 octets] - [16/04/2014 20:19:17]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2035 octets] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 16.4.2014
Scan Time: 20:45:58
Logfile: sajzdrek.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.10.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: adlt
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325756
Time Elapsed: 6 min, 37 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Trojan.BitCoinMiner, C:\Windows\expIorer.exe, 4968, , [a00fc8606f0cce680bd746bbaf52916f]
Modules: 0
(No malicious items detected)
Registry Keys: 3
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, , [4e612404720913232c58d3bee320a060],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [ab04899f1e5d67cfbef31f55f60c718f],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [b0ffef39c0bb7eb8a64899f11de6ec14],
Registry Values: 4
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [fbb41810196255e1deb7ef20e31ffb05],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXH·kQOA¤Ä?8Ä?A1>»X, , [fbb41810196255e1deb7ef20e31ffb05]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|4zffxtbr@VideoDownloadConverter_4z.com, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, , [2a8530f80c6f8caac4642640a35fab55]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1L1L1L, , [b0ffef39c0bb7eb8a64899f11de6ec14]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 8
Trojan.BitCoinMiner, C:\Windows\expIorer.exe, , [a00fc8606f0cce680bd746bbaf52916f],
PUP.BitCoinMiner, C:\Users\adlt\AppData\Roaming\Aperture Deleter\cgminer.exe, , [05aabc6cccaf57dff71cf29a53ae817f],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmnchuxk.exe, , [159a7cac3843d95d6b9f7209a859ae52],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncrmeept.exe, , [802f5fc981fafd3964a6fa813ec39967],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmnchuxk.exe, , [8f20a08825567db9ce928d7a53ae7d83],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncrmeept.exe, , [9817ee3ad8a32a0c2a36d532778a5aa6],
Trojan.Agent.VBS, C:\Users\adlt\Downloads\minecraft-1-5-2.exe.079a6b8.partial, , [2c8373b5e3981e18d2a992a0b44c629e],
Trojan.FileFill, C:\Users\adlt\Desktop\4401.tmp, , [317ef5336f0cb08664765f3707fcfc04],
Physical Sectors: 0
(No malicious items detected)
(end)
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : adlt - ADLT-PC
# Running from : C:\Users\adlt\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : BackupStack
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\VideoDownloadConverter_4z
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\VideoDownloadConverter_4z
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\adlt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14262 octets] - [16/04/2014 20:13:29]
AdwCleaner[R1].txt - [13533 octets] - [16/04/2014 20:18:48]
AdwCleaner[R2].txt - [1853 octets] - [16/04/2014 20:33:42]
AdwCleaner[S0].txt - [14076 octets] - [16/04/2014 20:14:01]
AdwCleaner[S1].txt - [13585 octets] - [16/04/2014 20:19:17]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2035 octets] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 16.4.2014
Scan Time: 20:45:58
Logfile: sajzdrek.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.10.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: adlt
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325756
Time Elapsed: 6 min, 37 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Trojan.BitCoinMiner, C:\Windows\expIorer.exe, 4968, , [a00fc8606f0cce680bd746bbaf52916f]
Modules: 0
(No malicious items detected)
Registry Keys: 3
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, , [4e612404720913232c58d3bee320a060],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [ab04899f1e5d67cfbef31f55f60c718f],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [b0ffef39c0bb7eb8a64899f11de6ec14],
Registry Values: 4
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, , [fbb41810196255e1deb7ef20e31ffb05],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, %dXH·kQOA¤Ä?8Ä?A1>»X, , [fbb41810196255e1deb7ef20e31ffb05]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|4zffxtbr@VideoDownloadConverter_4z.com, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, , [2a8530f80c6f8caac4642640a35fab55]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3685201810-2618282722-923631027-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1L1L1L, , [b0ffef39c0bb7eb8a64899f11de6ec14]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 8
Trojan.BitCoinMiner, C:\Windows\expIorer.exe, , [a00fc8606f0cce680bd746bbaf52916f],
PUP.BitCoinMiner, C:\Users\adlt\AppData\Roaming\Aperture Deleter\cgminer.exe, , [05aabc6cccaf57dff71cf29a53ae817f],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmnchuxk.exe, , [159a7cac3843d95d6b9f7209a859ae52],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncrmeept.exe, , [802f5fc981fafd3964a6fa813ec39967],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmnchuxk.exe, , [8f20a08825567db9ce928d7a53ae7d83],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncrmeept.exe, , [9817ee3ad8a32a0c2a36d532778a5aa6],
Trojan.Agent.VBS, C:\Users\adlt\Downloads\minecraft-1-5-2.exe.079a6b8.partial, , [2c8373b5e3981e18d2a992a0b44c629e],
Trojan.FileFill, C:\Users\adlt\Desktop\4401.tmp, , [317ef5336f0cb08664765f3707fcfc04],
Physical Sectors: 0
(No malicious items detected)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalene pc...trha se veskery pohyb
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: zpomalene pc...trha se veskery pohyb
Ten MBAM mi smaznul asi 4 soubory ale nez jsem se vzpamatoval tak mi restartoval pc,takze nemam ten text :(
# AdwCleaner v3.023 - Report created 17/04/2014 at 15:12:40
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : adlt - ADLT-PC
# Running from : C:\Users\adlt\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BackupStack
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\VideoDownloadConverter_4z
Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\adlt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14262 octets] - [16/04/2014 20:13:29]
AdwCleaner[R1].txt - [13533 octets] - [16/04/2014 20:18:48]
AdwCleaner[R2].txt - [2135 octets] - [16/04/2014 20:33:42]
AdwCleaner[R3].txt - [2195 octets] - [17/04/2014 15:11:50]
AdwCleaner[S0].txt - [14076 octets] - [16/04/2014 20:14:01]
AdwCleaner[S1].txt - [13585 octets] - [16/04/2014 20:19:17]
AdwCleaner[S2].txt - [1838 octets] - [17/04/2014 15:12:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1898 octets] ##########
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : adlt [Práva správce]
Mód : Kontrola -- Datum : 04/17/2014 15:35:30
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\4728libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szninstall.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] szndesktop.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Run : Comodo_TE_{B9B19C9E-4F55-443C-B1C6-ED38C7F8E3CD} ("C:\Users\adlt\AppData\Local\Temp\cisad40ca\cmdinstall.exe" -cmdfile "C:\Users\adlt\AppData\Local\Temp\cisad40ca" [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3685201810-2618282722-923631027-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3685201810-2618282722-923631027-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 3 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{1DFA998B-39AF-4096-BF2C-AC4F376134E4}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{1DFA998B-39AF-4096-BF2C-AC4F376134E4}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} : C:\ProgramData\cisE474.exe - --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} [-][x] -> NALEZENO
¤¤¤ spuštění položky : 1 ¤¤¤
[adlt][SUSP PATH] MC service.lnk : C:\Users\adlt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MC service.lnk @C:\Users\adlt\Downloads\Hstart_4.1-bi\hstartt.exe /NOCONSOLE /NONELEVATED /SILENT /D="%appdata%\Aperture Deleter" /IDLE "C:\Users\with the lemons\AppData\Roaming\Aperture Deleter\start.bat" [-][x][-][x] -> NALEZENO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8ABB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C56B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE86BF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE871F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D3808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D36B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE917200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9171DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D2E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D7394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C94D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DBD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DBD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DA1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D2F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE990270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE990694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8514E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CDC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE867470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85E8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8564A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8689FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D2DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE871CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85EB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE868680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D78B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97D968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9820EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9821C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE968D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D73F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CB510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BAB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B9C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8836A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87C8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE882A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BBD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BBE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B56C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9AD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE977BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87ABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9788B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9789BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87F8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE88F3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE912A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B54A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE88287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8A04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE971EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE971F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9967F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE878400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE874DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B33E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B33E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE881460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89C300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D1DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE874880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9720D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE99686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE980DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE983160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B1254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E3098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE873FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9161B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9161B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8912A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B1224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9969A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E2DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9722B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE86A100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BB8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8946D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE894540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE870660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE876F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8774F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8901F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B27F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89BDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE91763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE875EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96EBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96ECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE876370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8964B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8964B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DB9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C7860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C7860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE92D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE913590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE913590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9134C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BB644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE899E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D43A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9173E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89D40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B46E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D44F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE852A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9713F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D47DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D49B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8989B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8A8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DFA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D58BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D59DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85EC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE918A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E0A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C2E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9AD998)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EZEX-00RKKA0 ATA Device +++++
--- User ---
[MBR] 46c7c8673629e713e7e8e450b704acc9
[BSP] 6b4681ece042a9a0b4a89a8a2a0521af : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 953667 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multi Flash Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_04172014_153530.txt >>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by adlt on źt 17.04.2014 at 15:16:22,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{175410FB-9335-443D-B487-09276F70BFCA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{79F5CF4A-6CE9-43E7-BA8D-7E2602D22B55}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\video download converter"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17.04.2014 at 15:20:39,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.023 - Report created 17/04/2014 at 15:12:40
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : adlt - ADLT-PC
# Running from : C:\Users\adlt\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BackupStack
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\VideoDownloadConverter_4z
Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\adlt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14262 octets] - [16/04/2014 20:13:29]
AdwCleaner[R1].txt - [13533 octets] - [16/04/2014 20:18:48]
AdwCleaner[R2].txt - [2135 octets] - [16/04/2014 20:33:42]
AdwCleaner[R3].txt - [2195 octets] - [17/04/2014 15:11:50]
AdwCleaner[S0].txt - [14076 octets] - [16/04/2014 20:14:01]
AdwCleaner[S1].txt - [13585 octets] - [16/04/2014 20:19:17]
AdwCleaner[S2].txt - [1838 octets] - [17/04/2014 15:12:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1898 octets] ##########
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : adlt [Práva správce]
Mód : Kontrola -- Datum : 04/17/2014 15:35:30
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\4728libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szninstall.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] szndesktop.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Run : Comodo_TE_{B9B19C9E-4F55-443C-B1C6-ED38C7F8E3CD} ("C:\Users\adlt\AppData\Local\Temp\cisad40ca\cmdinstall.exe" -cmdfile "C:\Users\adlt\AppData\Local\Temp\cisad40ca" [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3685201810-2618282722-923631027-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\adlt\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3685201810-2618282722-923631027-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\adlt\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 3 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{1DFA998B-39AF-4096-BF2C-AC4F376134E4}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{1DFA998B-39AF-4096-BF2C-AC4F376134E4}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} : C:\ProgramData\cisE474.exe - --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} [-][x] -> NALEZENO
¤¤¤ spuštění položky : 1 ¤¤¤
[adlt][SUSP PATH] MC service.lnk : C:\Users\adlt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MC service.lnk @C:\Users\adlt\Downloads\Hstart_4.1-bi\hstartt.exe /NOCONSOLE /NONELEVATED /SILENT /D="%appdata%\Aperture Deleter" /IDLE "C:\Users\with the lemons\AppData\Roaming\Aperture Deleter\start.bat" [-][x][-][x] -> NALEZENO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AD2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AA1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8AA2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D1F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8ABB30)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C56B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE86BF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE871F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A9180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D3808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D36B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE917200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9171DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D2E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D7394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C94D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DBD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DBD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DA1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D2F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE990270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE990694)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8514E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CDC70)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE867470)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85E8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8564A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8689FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D2DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE871CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85EB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE868680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A9390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A93E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D78B8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97D968)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97DEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE981F88)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9820EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9821C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97E920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE968D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D73F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CB510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BAB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B9C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D3F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8836A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87C8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE882A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BBD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BBE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B56C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9AD5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE977BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87ABE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9788B4)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978964)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9789BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE87F8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE88F3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE912A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE995814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B54A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE88287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A5E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A63CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A5F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A6878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A6DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9A707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8A04A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CC48)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE971EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE971F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96CDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9967F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE878400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE874DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B33E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B33E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90FA00)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D3A0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE881460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89C300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D1DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE874880)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972018)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972018)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9720D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE99686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE980DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE983160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B1254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E3098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE873FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9161B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9161B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8912A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B1224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9969A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E2DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E48C)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE97217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972220)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9722B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE86A100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BB8D0)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8946D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E590)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE894540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE870660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE978A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE876F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8774F0)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8901F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C6D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B27F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2960)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89BDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE997FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE972390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE91763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE875EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96EBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96ECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE876370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE996AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8964B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8964B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DB9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96D8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE96E73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C7860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C7860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE92D9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE913590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE913590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9134C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8BB644)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B5760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE899E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D43A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9173E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE98A424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE89D40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE90CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8B46E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D44F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE852A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9713F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D47DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D49B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE915FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8521A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8989B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8A8EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D4FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5524)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9B2C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8DFA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D58BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D59DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE85EC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8D8948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE918A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8E0A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8CC358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9D5CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE8C2E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE9AD998)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EZEX-00RKKA0 ATA Device +++++
--- User ---
[MBR] 46c7c8673629e713e7e8e450b704acc9
[BSP] 6b4681ece042a9a0b4a89a8a2a0521af : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 953667 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Multi Flash Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_04172014_153530.txt >>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by adlt on źt 17.04.2014 at 15:16:22,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{175410FB-9335-443D-B487-09276F70BFCA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{79F5CF4A-6CE9-43E7-BA8D-7E2602D22B55}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\video download converter"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17.04.2014 at 15:20:39,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalene pc...trha se veskery pohyb
Malwarebytes' Anti-Malware dej sem nový log z něj.
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 83 hostů