Otázka Kontrola logu
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
Pokud to je vše, téma zde označ fajfkou jako vyřešené.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
-
MiliNess
- člen BSOD týmu
-
Master Level 9.5
- Příspěvky: 9112
- Registrován: říjen 09
- Bydliště: Cheb
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
Stáhni Autoruns, spusť ho s právy správce, počkej až dokončí scan, pak v nabídce File zvol Save a výsledný ARN soubor upni na http://www.leteckaposta.cz.
-každý má svou pravdu a ta se nemusí vždycky shodovat s tvou vlastní
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
Re: Otázka Kontrola logu
Nech sa páči: http://leteckaposta.cz/336633435
-
MiliNess
- člen BSOD týmu
-
Master Level 9.5
- Příspěvky: 9112
- Registrován: říjen 09
- Bydliště: Cheb
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
Ty se divíš? Naprostá tragédie. Spusť si Autoruns, až dokončí scan, tak se přepni na záložku Explorer.
Všechno co tam uvidíš (zejména pod ContextMenuHandlers) to může způsobovat. Stačí zrušit zatržítko, odhlásit se a přihlásit, aby se projevily změny.
Takhle postupným vylučováním zjistíš původce. Můžeš vynechat položky od MS a WinRAR, tam chyba nebude.
Osobně typuji buď něco od IObit, eCareme od Asus, Zoner, Filezila.
Především bych se zbavil toho strašného programu - IObit Malware Fighter. Není třeba tam mít tenhle děs, když tam máš
Eset a MBAM.
Osobně bych se zbavil všech produktů od IObit, protože v tom softwaru má určitě prsty nějaký kyberterorista. Ovladač
IObit Smart Defrag Extension obsahoval chybu, díky které padal systém, IObit Malware Fighter obsahoval chybu ve svém filtru a pod.
Všechno co tam uvidíš (zejména pod ContextMenuHandlers) to může způsobovat. Stačí zrušit zatržítko, odhlásit se a přihlásit, aby se projevily změny.
Takhle postupným vylučováním zjistíš původce. Můžeš vynechat položky od MS a WinRAR, tam chyba nebude.
Osobně typuji buď něco od IObit, eCareme od Asus, Zoner, Filezila.
Především bych se zbavil toho strašného programu - IObit Malware Fighter. Není třeba tam mít tenhle děs, když tam máš
Eset a MBAM.
Osobně bych se zbavil všech produktů od IObit, protože v tom softwaru má určitě prsty nějaký kyberterorista. Ovladač
IObit Smart Defrag Extension obsahoval chybu, díky které padal systém, IObit Malware Fighter obsahoval chybu ve svém filtru a pod.
-každý má svou pravdu a ta se nemusí vždycky shodovat s tvou vlastní
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
-
MiliNess
- člen BSOD týmu
-
Master Level 9.5
- Příspěvky: 9112
- Registrován: říjen 09
- Bydliště: Cheb
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
A to jsem zapoměl na Advanced SystemCare. 
Jen si s tím způsobíš problémy, keré zde pak musíš řešit.
Jen si s tím způsobíš problémy, keré zde pak musíš řešit.
-každý má svou pravdu a ta se nemusí vždycky shodovat s tvou vlastní
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
Re: Otázka Kontrola logu
No nič som nerobil a divné prestalo to ako keby je to lepšie a tie programy som vymazal :) ako ste mi napísali :) no počítač sa hlavne dlho spústa čo je 64 sek a niekedy aj viac a nechápem prečo raz som to riešil asi tých 64 sek sa mi načítava to že Vitajte :(
PS: pardon že píšem takto neskoro ale aj som zabudol a dnes ma napadlo že ešte stále mám túto tému otvorenú a aj rozrobenú
PS: pardon že píšem takto neskoro ale aj som zabudol a dnes ma napadlo že ešte stále mám túto tému otvorenú a aj rozrobenú
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
To je opravdu dlouho.
Takže znova:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Takže znova:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Otázka Kontrola logu
Prosím ešte ten prvý program nešlo by niečo také pre google chrome prosím? lebo používam ten mám aj mozilu ale tu nepoužívam :(
a ostatné logy editnem príspevok zajtra to spravím
a ostatné logy editnem príspevok zajtra to spravím
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
ten program vynech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Otázka Kontrola logu
AdwCleaner:
# AdwCleaner v3.023 - Report created 03/04/2014 at 15:27:00
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samerko - SAMERKO-PC
# Running from : C:\Users\Samerko\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\user.js
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Users\Samerko\AppData\Local\Conduit
Folder Found C:\Users\Samerko\AppData\Local\CrashRpt
Folder Found C:\Users\Samerko\AppData\Local\Pokki
Folder Found C:\Users\Samerko\AppData\LocalLow\Conduit
Folder Found C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Found C:\Users\Samerko\AppData\Roaming\OpenCandy
Folder Found C:\Windows\SysWOW64\AI_RecycleBin
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3027 octets] - [03/04/2014 15:27:00]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3087 octets] ##########
Malwarebytes' Anti-Malware:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.20.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Samerko :: SAMERKO-PC [administrátor]
3. 4. 2014 15:29:55
MBAM-log-2014-04-03 (15-51-43).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 234505
Uplynutý čas: 21 min, 37 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 2
C:\Users\Samerko\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310 (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
Detegované súbory: 7
C:\Users\Samerko\Downloads\Artisteer-4+crack.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\CrystalDiskInfo6_1_9a-en.exe (PUP.Optional.Opencandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\FreeAudioConverterSetup-aVrWgtp.exe (PUP.Optional.Somoto) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\Hotspot shield 2.65 Cracked By zulqurnainjutt.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\IMVU_brch.exe (PUP.Optional.Conduit.A) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\PhotoScape_V3-6-3.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310\PokkiInstaller.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
(koniec)
# AdwCleaner v3.023 - Report created 03/04/2014 at 15:27:00
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samerko - SAMERKO-PC
# Running from : C:\Users\Samerko\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\user.js
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Users\Samerko\AppData\Local\Conduit
Folder Found C:\Users\Samerko\AppData\Local\CrashRpt
Folder Found C:\Users\Samerko\AppData\Local\Pokki
Folder Found C:\Users\Samerko\AppData\LocalLow\Conduit
Folder Found C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Found C:\Users\Samerko\AppData\Roaming\OpenCandy
Folder Found C:\Windows\SysWOW64\AI_RecycleBin
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3027 octets] - [03/04/2014 15:27:00]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3087 octets] ##########
Malwarebytes' Anti-Malware:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.20.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Samerko :: SAMERKO-PC [administrátor]
3. 4. 2014 15:29:55
MBAM-log-2014-04-03 (15-51-43).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 234505
Uplynutý čas: 21 min, 37 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 2
C:\Users\Samerko\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310 (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
Detegované súbory: 7
C:\Users\Samerko\Downloads\Artisteer-4+crack.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\CrystalDiskInfo6_1_9a-en.exe (PUP.Optional.Opencandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\FreeAudioConverterSetup-aVrWgtp.exe (PUP.Optional.Somoto) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\Hotspot shield 2.65 Cracked By zulqurnainjutt.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\IMVU_brch.exe (PUP.Optional.Conduit.A) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\Downloads\PhotoScape_V3-6-3.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310\PokkiInstaller.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
(koniec)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Otázka Kontrola logu
Máš tam crack.... a nebude nejspíš jeden, že?
C:\Users\Samerko\Downloads\Artisteer-4+crack.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
Pokud nezačneš Tím, že takovýhle věci z kompu vyházíš, tak tu budem čistit dokolečka dokola, než nám praskne žilka v mozku a budeme tahat jednu nohu.
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
C:\Users\Samerko\Downloads\Artisteer-4+crack.exe (PUP.Optional.4Shared) -> Žiadna úloha nevykonaná.
Pokud nezačneš Tím, že takovýhle věci z kompu vyházíš, tak tu budem čistit dokolečka dokola, než nám praskne žilka v mozku a budeme tahat jednu nohu.
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Otázka Kontrola logu
Tak cracky ktoré som sťahoval som vymazal z zložky... všetky čo som zistil tak tu sú tie čo potrebujete:
MbAM:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.20.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Samerko :: SAMERKO-PC [administrátor]
3. 4. 2014 18:59:47
mbam-log-2014-04-03 (18-59-47).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 234804
Uplynutý čas: 22 min, 4 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 2
C:\Users\Samerko\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310 (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
Detegované súbory: 6
C:\Users\Samerko\Downloads\CrystalDiskInfo6_1_9a-en.exe (PUP.Optional.Opencandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\FreeAudioConverterSetup-aVrWgtp.exe (PUP.Optional.Somoto) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\Hotspot shield 2.65 Cracked By zulqurnainjutt.exe (PUP.Optional.4Shared) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\IMVU_brch.exe (PUP.Optional.Conduit.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\PhotoScape_V3-6-3.exe (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310\PokkiInstaller.exe (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
(koniec)
AdwCleaner:
# AdwCleaner v3.023 - Report created 03/04/2014 at 19:32:45
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samerko - SAMERKO-PC
# Running from : C:\Users\Samerko\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Samerko\AppData\Local\Conduit
Folder Deleted : C:\Users\Samerko\AppData\Local\CrashRpt
[!] Folder Deleted : C:\Users\Samerko\AppData\Local\Pokki
Folder Deleted : C:\Users\Samerko\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
File Deleted : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3191 octets] - [03/04/2014 15:27:00]
AdwCleaner[R1].txt - [3194 octets] - [03/04/2014 19:31:53]
AdwCleaner[S0].txt - [3099 octets] - [03/04/2014 19:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3159 octets] ##########
Junkware Removal Tool:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Samerko on çt 03. 04. 2014 at 19:42:24,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
~~~ Files
Successfully deleted: [File] "C:\Windows\Tasks\wise care 365.job"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Samerko\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Samerko\appdata\locallow\surfcanyon"
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{014A0A52-F5D2-4A7C-B644-B4EA57574D79}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{07F3FF5C-37E9-4D1D-83D3-DAF607CDF4F2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{0A9CA5FF-42E0-42EA-88CE-7BCA7520566D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{2782308F-0542-4FA9-92F0-91F9138C0971}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{2DFCFDB0-5082-4111-AEC3-7FBF30910277}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{30682763-954B-43DB-AD21-D77BB684EFD4}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{3B026DF9-AD00-4B5F-A4EE-B9502E9736A5}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{46E4690E-D9F3-4DE4-9D76-A05F6D608BE3}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{56947A2B-3FC1-40F1-8DA8-06E9996F549D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{60474553-82AE-471E-9425-C16986D2FFE4}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{61C23D03-97F5-414A-84C7-CCE527897CA0}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{6F05D07E-B24D-4AC6-AAF8-A2BFC6C49C36}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{794D67D6-CAD3-4703-AE79-DBEB63683469}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{8144FD35-2A39-4AD0-8A71-E360DC3C44A1}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{8335BD4E-F9D0-4014-A565-F3792A0E63EB}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{899CB1DE-EFF5-44D2-A65D-08041F013453}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{94889013-A38C-49C2-B383-2B9FD5FF8DBF}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{AEC340C3-7BC2-4E29-BD33-0B6B3CCE8E5D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B0D89B47-9BA7-4C02-BCB3-13F24E62B6AC}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B4607FB5-69BE-4B04-B476-54418E8060E2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B816B43B-D3CC-45BA-BBC9-98EC25FDC596}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{BFC16C5B-5758-4068-A96E-1421ADF019DE}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{BFDAA545-2379-4E8C-87BC-97EA6472F5A6}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{C761EF08-38F2-41AA-9FF9-ED7CE4BF418F}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D02FEED7-10CD-4E89-B4A4-04856793ABC2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D827F1A3-2E2B-4553-BED6-A61F71F610F6}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D8D87E6E-12FD-419D-AFEC-EEE928BBBEB7}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D912A666-24D5-433B-999D-619B984DBFCD}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E1EEE7B0-F17A-4857-A07B-46E763690915}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E2F4F967-F527-49EB-AF50-48A194E995AE}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E8625185-3AB4-4DA7-816B-344BFC12F328}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EDAE0709-1A8D-4D00-9DD3-91795E9FBA87}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EE12E8AF-A774-414B-8F34-5FE02C997A8D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EEDA22D5-5DC8-4FC5-B3CA-37CF7DE99626}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{F623246F-75CD-4907-AEBA-8DC03949943A}
~~~ FireFox
Emptied folder: C:\Users\Samerko\AppData\Roaming\mozilla\firefox\profiles\a2z6t27b.default-1381600143778\minidumps [4 files]
RogueKiller:
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Samerko [Práva Správcu]
Režim : Kontrola -- Dátum : 04/03/2014 20:04:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] Lightshot.exe -- C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe [7] -> ZASTAVENÉ [TermProc]
¤¤¤ Záznamy Registrov : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [7]) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1676706566-1539175069-4259669011-1000\[...]\Run : LightShot (C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [7]) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] PeriodicScanRetry : %windir%\ehome\MCUpdate.exe - -pscn 0 [7][-] -> NÁJDENÉ
¤¤¤ spustenie položky : 0 ¤¤¤
¤¤¤ webové prehliadače : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81D528)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81A458)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941BF0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941C48)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81A53C)
[Address] EAT @explorer.exe (AppCacheFinalize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941CA0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941CF8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF885638)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848780)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941DE0)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941E38)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941E90)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF885614)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941EE8)
[Address] EAT @explorer.exe (AppCacheGetInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941F40)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81BDB0)
[Address] EAT @explorer.exe (AppCacheLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8358F8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8261CC)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7DC094)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E20C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF919250)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF843A28)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8438D8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF825F00)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8873B0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF88738C)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF942E8C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9473D4)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848DC4)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF839720)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BF30)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BF30)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84A390)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF942F8C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF900308)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF900730)
[Address] EAT @explorer.exe (DispatchAPICall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C14E0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83DED0)
[Address] EAT @explorer.exe (DllGetClassObject) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D75D0)
[Address] EAT @explorer.exe (DllInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87CEC0)
[Address] EAT @explorer.exe (DllRegisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2E80)
[Address] EAT @explorer.exe (DllUnregisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2EC0)
[Address] EAT @explorer.exe (FindCloseUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C54FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E19AC)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CE8A8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C7F0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C6468)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D8B50)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF843000)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943084)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E1E10)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CEB3C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C974)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9431CC)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94339C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D87D0)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94356C)
[Address] EAT @explorer.exe (ForceNexusLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF919460)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9194B0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943688)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF847AC8)
[Address] EAT @explorer.exe (FtpCommandA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDA34)
[Address] EAT @explorer.exe (FtpCommandW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1560)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDB18)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F16FC)
[Address] EAT @explorer.exe (FtpDeleteFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDBB8)
[Address] EAT @explorer.exe (FtpDeleteFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1864)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDC58)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F19CC)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDEC4)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1BA4)
[Address] EAT @explorer.exe (FtpGetFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDF84)
[Address] EAT @explorer.exe (FtpGetFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1D2C)
[Address] EAT @explorer.exe (FtpGetFileSize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE1A8)
[Address] EAT @explorer.exe (FtpGetFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1EC0)
[Address] EAT @explorer.exe (FtpOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE438)
[Address] EAT @explorer.exe (FtpOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1FC4)
[Address] EAT @explorer.exe (FtpPutFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE518)
[Address] EAT @explorer.exe (FtpPutFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F2054)
[Address] EAT @explorer.exe (FtpPutFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F21B8)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE898)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F228C)
[Address] EAT @explorer.exe (FtpRenameFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE938)
[Address] EAT @explorer.exe (FtpRenameFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F23E8)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE9EC)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F2608)
[Address] EAT @explorer.exe (GetProxyDllInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8D8DE8)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9438A8)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF847604)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83B770)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943B44)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943CFC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82AD70)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF829ED0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943F44)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9441AC)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F37F0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7ECA10)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F2B70)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF905148)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82BF50)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82C0B0)
[Address] EAT @explorer.exe (HttpEndRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF825900)
[Address] EAT @explorer.exe (HttpEndRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9057E4)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91D6CC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E7CC0)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8362CC)
[Address] EAT @explorer.exe (HttpOpenRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF905E3C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7EAD30)
[Address] EAT @explorer.exe (HttpPushClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E89A8)
[Address] EAT @explorer.exe (HttpPushEnable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8A58)
[Address] EAT @explorer.exe (HttpPushWait) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8AB0)
[Address] EAT @explorer.exe (HttpQueryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7EFA00)
[Address] EAT @explorer.exe (HttpQueryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7FF5E0)
[Address] EAT @explorer.exe (HttpSendRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF882BC4)
[Address] EAT @explorer.exe (HttpSendRequestExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9058E4)
[Address] EAT @explorer.exe (HttpSendRequestExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8256DC)
[Address] EAT @explorer.exe (HttpSendRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F29CC)
[Address] EAT @explorer.exe (HttpWebSocketClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF915F10)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91649C)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916058)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916948)
[Address] EAT @explorer.exe (HttpWebSocketSend) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916E8C)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91714C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF810708)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922480)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922658)
[Address] EAT @explorer.exe (InternetAttemptConnect) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCCE4)
[Address] EAT @explorer.exe (InternetAutodial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E1F5C)
[Address] EAT @explorer.exe (InternetAutodialCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8D9614)
[Address] EAT @explorer.exe (InternetAutodialHangup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E1FF4)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCD4C)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE1DC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCE58)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE2EC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9068C8)
[Address] EAT @explorer.exe (InternetCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E8560)
[Address] EAT @explorer.exe (InternetCombineUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD320)
[Address] EAT @explorer.exe (InternetCombineUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E4F08)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF923424)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF923424)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87FBB0)
[Address] EAT @explorer.exe (InternetConnectA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD438)
[Address] EAT @explorer.exe (InternetConnectW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F15B0)
[Address] EAT @explorer.exe (InternetCrackUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80C520)
[Address] EAT @explorer.exe (InternetCrackUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF842010)
[Address] EAT @explorer.exe (InternetCreateUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD564)
[Address] EAT @explorer.exe (InternetCreateUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E49E0)
[Address] EAT @explorer.exe (InternetDial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2084)
[Address] EAT @explorer.exe (InternetDialA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2084)
[Address] EAT @explorer.exe (InternetDialW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2130)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9068D4)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF90693C)
[Address] EAT @explorer.exe (InternetErrorDlg) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9234DC)
[Address] EAT @explorer.exe (InternetFindNextFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F0EBC)
[Address] EAT @explorer.exe (InternetFindNextFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F322C)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8B08)
[Address] EAT @explorer.exe (InternetFreeCookies) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8214B4)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF85322C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (InternetGetConnectedState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E415C)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886364)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886364)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF801500)
[Address] EAT @explorer.exe (InternetGetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907C10)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF821484)
[Address] EAT @explorer.exe (InternetGetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907C34)
[Address] EAT @explorer.exe (InternetGetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8214CC)
[Address] EAT @explorer.exe (InternetGetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F40)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD600)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE3E0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906A20)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906A70)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF852F7C)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD7A0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD7A0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE59C)
[Address] EAT @explorer.exe (InternetGoOnline) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E21DC)
[Address] EAT @explorer.exe (InternetGoOnlineA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E21DC)
[Address] EAT @explorer.exe (InternetGoOnlineW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2274)
[Address] EAT @explorer.exe (InternetHangUp) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E230C)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7DA260)
[Address] EAT @explorer.exe (InternetLockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82BB20)
[Address] EAT @explorer.exe (InternetOpenA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF804930)
[Address] EAT @explorer.exe (InternetOpenUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD8B8)
[Address] EAT @explorer.exe (InternetOpenUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE698)
[Address] EAT @explorer.exe (InternetOpenW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8047A0)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E07D0)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8B68)
[Address] EAT @explorer.exe (InternetQueryOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E70A0)
[Address] EAT @explorer.exe (InternetQueryOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E7650)
[Address] EAT @explorer.exe (InternetReadFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF800430)
[Address] EAT @explorer.exe (InternetReadFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF836FD0)
[Address] EAT @explorer.exe (InternetReadFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF836F38)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922830)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9229A0)
[Address] EAT @explorer.exe (InternetSetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F60)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F88)
[Address] EAT @explorer.exe (InternetSetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907FE8)
[Address] EAT @explorer.exe (InternetSetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80BFC0)
[Address] EAT @explorer.exe (InternetSetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF90808C)
[Address] EAT @explorer.exe (InternetSetDialState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E238C)
[Address] EAT @explorer.exe (InternetSetDialStateA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E238C)
[Address] EAT @explorer.exe (InternetSetDialStateW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E23E4)
[Address] EAT @explorer.exe (InternetSetFilePointer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8877EC)
[Address] EAT @explorer.exe (InternetSetOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E6010)
[Address] EAT @explorer.exe (InternetSetOptionExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DECC0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DEDB4)
[Address] EAT @explorer.exe (InternetSetOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E64D0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906B08)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906BA0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8066F8)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8066F8)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BBAC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD94C)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD94C)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE850)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF837AA0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF837AA0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF89D8A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883740)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883740)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883670)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82B894)
[Address] EAT @explorer.exe (InternetWriteFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8259A0)
[Address] EAT @explorer.exe (InternetWriteFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (InternetWriteFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80A0B4)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9443E0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF887594)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80D62C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87D144)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF824940)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944530)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C29F0)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E146C)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944640)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94481C)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9449F4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886180)
[Address] EAT @explorer.exe (RunOnceUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944BF8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944D2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944E2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944E2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF808BD0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF819178)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944FF8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9451B4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9453A4)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945564)
[Address] EAT @explorer.exe (ShowCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (ShowSecurityInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B30)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922CC0)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945684)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945684)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9457BC)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84FBE0)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9458FC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945A1C)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945A74)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945AC0)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CEC3C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848B28)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF888C20)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF850C28)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945B18)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C5C8)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945B70)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945BC8)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945C28)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945C80)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945CD8)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945D38)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8330A8)
[Address] EAT @explorer.exe (UrlZonesDetach) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91D9D8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA773D60)
[Address] EAT @explorer.exe (DllGetClassObject) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA771A74)
[Address] EAT @explorer.exe (DllRegisterServer) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA776070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA776278)
¤¤¤ Vonkajšie Hives: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-80HXZT3 +++++
--- User ---
[MBR] eff11c629db3241621335bfea4f680bf
[BSP] baa58400c4105655dd5a43eaed9ccc63 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 256054 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 576829440 | Size: 328824 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[0]_S_04032014_200438.txt >>
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on çt 03. 04. 2014 at 19:55:47,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MbAM:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2014.03.20.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Samerko :: SAMERKO-PC [administrátor]
3. 4. 2014 18:59:47
mbam-log-2014-04-03 (18-59-47).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 234804
Uplynutý čas: 22 min, 4 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 2
C:\Users\Samerko\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310 (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
Detegované súbory: 6
C:\Users\Samerko\Downloads\CrystalDiskInfo6_1_9a-en.exe (PUP.Optional.Opencandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\FreeAudioConverterSetup-aVrWgtp.exe (PUP.Optional.Somoto) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\Hotspot shield 2.65 Cracked By zulqurnainjutt.exe (PUP.Optional.4Shared) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\IMVU_brch.exe (PUP.Optional.Conduit.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\Downloads\PhotoScape_V3-6-3.exe (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Samerko\AppData\Roaming\OpenCandy\58ACCE642B5E4C179ED092DBC4BB7310\PokkiInstaller.exe (PUP.Optional.OpenCandy) -> Pridanie do karantény a zmazanie úspešné.
(koniec)
AdwCleaner:
# AdwCleaner v3.023 - Report created 03/04/2014 at 19:32:45
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Samerko - SAMERKO-PC
# Running from : C:\Users\Samerko\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Samerko\AppData\Local\Conduit
Folder Deleted : C:\Users\Samerko\AppData\Local\CrashRpt
[!] Folder Deleted : C:\Users\Samerko\AppData\Local\Pokki
Folder Deleted : C:\Users\Samerko\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
File Deleted : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3191 octets] - [03/04/2014 15:27:00]
AdwCleaner[R1].txt - [3194 octets] - [03/04/2014 19:31:53]
AdwCleaner[S0].txt - [3099 octets] - [03/04/2014 19:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3159 octets] ##########
Junkware Removal Tool:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Samerko on çt 03. 04. 2014 at 19:42:24,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
~~~ Files
Successfully deleted: [File] "C:\Windows\Tasks\wise care 365.job"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Samerko\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Samerko\appdata\locallow\surfcanyon"
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{014A0A52-F5D2-4A7C-B644-B4EA57574D79}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{07F3FF5C-37E9-4D1D-83D3-DAF607CDF4F2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{0A9CA5FF-42E0-42EA-88CE-7BCA7520566D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{2782308F-0542-4FA9-92F0-91F9138C0971}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{2DFCFDB0-5082-4111-AEC3-7FBF30910277}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{30682763-954B-43DB-AD21-D77BB684EFD4}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{3B026DF9-AD00-4B5F-A4EE-B9502E9736A5}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{46E4690E-D9F3-4DE4-9D76-A05F6D608BE3}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{56947A2B-3FC1-40F1-8DA8-06E9996F549D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{60474553-82AE-471E-9425-C16986D2FFE4}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{61C23D03-97F5-414A-84C7-CCE527897CA0}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{6F05D07E-B24D-4AC6-AAF8-A2BFC6C49C36}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{794D67D6-CAD3-4703-AE79-DBEB63683469}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{8144FD35-2A39-4AD0-8A71-E360DC3C44A1}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{8335BD4E-F9D0-4014-A565-F3792A0E63EB}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{899CB1DE-EFF5-44D2-A65D-08041F013453}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{94889013-A38C-49C2-B383-2B9FD5FF8DBF}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{AEC340C3-7BC2-4E29-BD33-0B6B3CCE8E5D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B0D89B47-9BA7-4C02-BCB3-13F24E62B6AC}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B4607FB5-69BE-4B04-B476-54418E8060E2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{B816B43B-D3CC-45BA-BBC9-98EC25FDC596}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{BFC16C5B-5758-4068-A96E-1421ADF019DE}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{BFDAA545-2379-4E8C-87BC-97EA6472F5A6}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{C761EF08-38F2-41AA-9FF9-ED7CE4BF418F}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D02FEED7-10CD-4E89-B4A4-04856793ABC2}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D827F1A3-2E2B-4553-BED6-A61F71F610F6}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D8D87E6E-12FD-419D-AFEC-EEE928BBBEB7}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{D912A666-24D5-433B-999D-619B984DBFCD}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E1EEE7B0-F17A-4857-A07B-46E763690915}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E2F4F967-F527-49EB-AF50-48A194E995AE}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{E8625185-3AB4-4DA7-816B-344BFC12F328}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EDAE0709-1A8D-4D00-9DD3-91795E9FBA87}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EE12E8AF-A774-414B-8F34-5FE02C997A8D}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{EEDA22D5-5DC8-4FC5-B3CA-37CF7DE99626}
Successfully deleted: [Empty Folder] C:\Users\Samerko\appdata\local\{F623246F-75CD-4907-AEBA-8DC03949943A}
~~~ FireFox
Emptied folder: C:\Users\Samerko\AppData\Roaming\mozilla\firefox\profiles\a2z6t27b.default-1381600143778\minidumps [4 files]
RogueKiller:
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Samerko [Práva Správcu]
Režim : Kontrola -- Dátum : 04/03/2014 20:04:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] Lightshot.exe -- C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe [7] -> ZASTAVENÉ [TermProc]
¤¤¤ Záznamy Registrov : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [7]) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1676706566-1539175069-4259669011-1000\[...]\Run : LightShot (C:\Users\Samerko\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [7]) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] PeriodicScanRetry : %windir%\ehome\MCUpdate.exe - -pscn 0 [7][-] -> NÁJDENÉ
¤¤¤ spustenie položky : 0 ¤¤¤
¤¤¤ webové prehliadače : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81D528)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81A458)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941BF0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941C48)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81A53C)
[Address] EAT @explorer.exe (AppCacheFinalize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941CA0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941CF8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF885638)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848780)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941DE0)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941E38)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941E90)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF885614)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941EE8)
[Address] EAT @explorer.exe (AppCacheGetInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF941F40)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF81BDB0)
[Address] EAT @explorer.exe (AppCacheLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8358F8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8261CC)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7DC094)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E20C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF919250)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF843A28)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8438D8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF825F00)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8873B0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF88738C)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF942E8C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9473D4)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848DC4)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF839720)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BF30)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BF30)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84A390)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF942F8C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF900308)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF900730)
[Address] EAT @explorer.exe (DispatchAPICall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C14E0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83DED0)
[Address] EAT @explorer.exe (DllGetClassObject) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D75D0)
[Address] EAT @explorer.exe (DllInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87CEC0)
[Address] EAT @explorer.exe (DllRegisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2E80)
[Address] EAT @explorer.exe (DllUnregisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2EC0)
[Address] EAT @explorer.exe (FindCloseUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C54FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E19AC)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CE8A8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C7F0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C6468)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D8B50)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF843000)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943084)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E1E10)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CEB3C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C974)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9431CC)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94339C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7D87D0)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94356C)
[Address] EAT @explorer.exe (ForceNexusLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF919460)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9194B0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943688)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF847AC8)
[Address] EAT @explorer.exe (FtpCommandA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDA34)
[Address] EAT @explorer.exe (FtpCommandW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1560)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDB18)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F16FC)
[Address] EAT @explorer.exe (FtpDeleteFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDBB8)
[Address] EAT @explorer.exe (FtpDeleteFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1864)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDC58)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F19CC)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDEC4)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1BA4)
[Address] EAT @explorer.exe (FtpGetFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EDF84)
[Address] EAT @explorer.exe (FtpGetFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1D2C)
[Address] EAT @explorer.exe (FtpGetFileSize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE1A8)
[Address] EAT @explorer.exe (FtpGetFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1EC0)
[Address] EAT @explorer.exe (FtpOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE438)
[Address] EAT @explorer.exe (FtpOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F1FC4)
[Address] EAT @explorer.exe (FtpPutFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE518)
[Address] EAT @explorer.exe (FtpPutFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F2054)
[Address] EAT @explorer.exe (FtpPutFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F21B8)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE898)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F228C)
[Address] EAT @explorer.exe (FtpRenameFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE938)
[Address] EAT @explorer.exe (FtpRenameFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F23E8)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8EE9EC)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F2608)
[Address] EAT @explorer.exe (GetProxyDllInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8D8DE8)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9438A8)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF847604)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83B770)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943B44)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943CFC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82AD70)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF829ED0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF943F44)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9441AC)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F37F0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (GopherOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7ECA10)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F2B70)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF905148)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82BF50)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82C0B0)
[Address] EAT @explorer.exe (HttpEndRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF825900)
[Address] EAT @explorer.exe (HttpEndRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9057E4)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91D6CC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E7CC0)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8362CC)
[Address] EAT @explorer.exe (HttpOpenRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF905E3C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7EAD30)
[Address] EAT @explorer.exe (HttpPushClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E89A8)
[Address] EAT @explorer.exe (HttpPushEnable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8A58)
[Address] EAT @explorer.exe (HttpPushWait) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8AB0)
[Address] EAT @explorer.exe (HttpQueryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7EFA00)
[Address] EAT @explorer.exe (HttpQueryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7FF5E0)
[Address] EAT @explorer.exe (HttpSendRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF882BC4)
[Address] EAT @explorer.exe (HttpSendRequestExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9058E4)
[Address] EAT @explorer.exe (HttpSendRequestExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8256DC)
[Address] EAT @explorer.exe (HttpSendRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F29CC)
[Address] EAT @explorer.exe (HttpWebSocketClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF915F10)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91649C)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916058)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916948)
[Address] EAT @explorer.exe (HttpWebSocketSend) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF916E8C)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91714C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF810708)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922480)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922658)
[Address] EAT @explorer.exe (InternetAttemptConnect) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCCE4)
[Address] EAT @explorer.exe (InternetAutodial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E1F5C)
[Address] EAT @explorer.exe (InternetAutodialCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8D9614)
[Address] EAT @explorer.exe (InternetAutodialHangup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E1FF4)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCD4C)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE1DC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DCE58)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE2EC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9068C8)
[Address] EAT @explorer.exe (InternetCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E8560)
[Address] EAT @explorer.exe (InternetCombineUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD320)
[Address] EAT @explorer.exe (InternetCombineUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E4F08)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF923424)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF923424)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87FBB0)
[Address] EAT @explorer.exe (InternetConnectA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD438)
[Address] EAT @explorer.exe (InternetConnectW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7F15B0)
[Address] EAT @explorer.exe (InternetCrackUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80C520)
[Address] EAT @explorer.exe (InternetCrackUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF842010)
[Address] EAT @explorer.exe (InternetCreateUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD564)
[Address] EAT @explorer.exe (InternetCreateUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E49E0)
[Address] EAT @explorer.exe (InternetDial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2084)
[Address] EAT @explorer.exe (InternetDialA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2084)
[Address] EAT @explorer.exe (InternetDialW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2130)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9068D4)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF90693C)
[Address] EAT @explorer.exe (InternetErrorDlg) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9234DC)
[Address] EAT @explorer.exe (InternetFindNextFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F0EBC)
[Address] EAT @explorer.exe (InternetFindNextFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8F322C)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8B08)
[Address] EAT @explorer.exe (InternetFreeCookies) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8214B4)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF85322C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (InternetGetConnectedState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E415C)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886364)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886364)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF801500)
[Address] EAT @explorer.exe (InternetGetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907C10)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF821484)
[Address] EAT @explorer.exe (InternetGetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907C34)
[Address] EAT @explorer.exe (InternetGetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8214CC)
[Address] EAT @explorer.exe (InternetGetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F40)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD600)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE3E0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906A20)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906A70)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF852F7C)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD7A0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD7A0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE59C)
[Address] EAT @explorer.exe (InternetGoOnline) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E21DC)
[Address] EAT @explorer.exe (InternetGoOnlineA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E21DC)
[Address] EAT @explorer.exe (InternetGoOnlineW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E2274)
[Address] EAT @explorer.exe (InternetHangUp) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E230C)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7DA260)
[Address] EAT @explorer.exe (InternetLockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82BB20)
[Address] EAT @explorer.exe (InternetOpenA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF804930)
[Address] EAT @explorer.exe (InternetOpenUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD8B8)
[Address] EAT @explorer.exe (InternetOpenUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE698)
[Address] EAT @explorer.exe (InternetOpenW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8047A0)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E07D0)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E8B68)
[Address] EAT @explorer.exe (InternetQueryOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E70A0)
[Address] EAT @explorer.exe (InternetQueryOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E7650)
[Address] EAT @explorer.exe (InternetReadFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF800430)
[Address] EAT @explorer.exe (InternetReadFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF836FD0)
[Address] EAT @explorer.exe (InternetReadFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF836F38)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922830)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9229A0)
[Address] EAT @explorer.exe (InternetSetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F60)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907F88)
[Address] EAT @explorer.exe (InternetSetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF907FE8)
[Address] EAT @explorer.exe (InternetSetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80BFC0)
[Address] EAT @explorer.exe (InternetSetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF90808C)
[Address] EAT @explorer.exe (InternetSetDialState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E238C)
[Address] EAT @explorer.exe (InternetSetDialStateA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E238C)
[Address] EAT @explorer.exe (InternetSetDialStateW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E23E4)
[Address] EAT @explorer.exe (InternetSetFilePointer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8877EC)
[Address] EAT @explorer.exe (InternetSetOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E6010)
[Address] EAT @explorer.exe (InternetSetOptionExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DECC0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DEDB4)
[Address] EAT @explorer.exe (InternetSetOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7E64D0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906B08)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF906BA0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8066F8)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8066F8)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84BBAC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD94C)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DD94C)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8DE850)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF837AA0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF837AA0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF89D8A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883740)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883740)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF883670)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF82B894)
[Address] EAT @explorer.exe (InternetWriteFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8259A0)
[Address] EAT @explorer.exe (InternetWriteFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (InternetWriteFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80A0B4)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9443E0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF887594)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8FA4D0)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF80D62C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF87D144)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF824940)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944530)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C29F0)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8E146C)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944640)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF94481C)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9449F4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF886180)
[Address] EAT @explorer.exe (RunOnceUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7C2198)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944BF8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944D2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944E2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944E2C)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF808BD0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF819178)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF944FF8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9451B4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9453A4)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945564)
[Address] EAT @explorer.exe (ShowCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B10)
[Address] EAT @explorer.exe (ShowSecurityInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922B30)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF922CC0)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945684)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945684)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9457BC)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF84FBE0)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF9458FC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945A1C)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945A74)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945AC0)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF7CEC3C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF848B28)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF888C20)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF850C28)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945B18)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF83C5C8)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945B70)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945BC8)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945C28)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945C80)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945CD8)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF945D38)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF8330A8)
[Address] EAT @explorer.exe (UrlZonesDetach) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFF91D9D8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA773D60)
[Address] EAT @explorer.exe (DllGetClassObject) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA771A74)
[Address] EAT @explorer.exe (DllRegisterServer) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA776070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MSIMG32.dll -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xFA776278)
¤¤¤ Vonkajšie Hives: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-80HXZT3 +++++
--- User ---
[MBR] eff11c629db3241621335bfea4f680bf
[BSP] baa58400c4105655dd5a43eaed9ccc63 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 256054 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 576829440 | Size: 328824 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[0]_S_04032014_200438.txt >>
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on çt 03. 04. 2014 at 19:55:47,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 100 hostů