Jump to content

PUM Registry/url4short HELP!


Recommended Posts

Hi my computer got the url4short virus and I have learned that it is a very notorious virus. I ran a malwarebyte scan and a windows security essentials scan and found nothing. I got the Rouge Killer program and ran a scan and it found several pum files in the registry! Could I have some help!!!!!

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Post the log from RogueKiller,

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log..

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Post those logs.

 

Kevin

Link to post
Share on other sites

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software





 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : User [Admin rights]

Mode : Scan -- Date : 03/27/2014 19:55:32

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 8 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

[Address] EAT @explorer.exe (AppCacheCheckManifest) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD00D2BC)

[Address] EAT @explorer.exe (AppCacheCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD00A1D8)

[Address] EAT @explorer.exe (AppCacheDeleteGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131BE0)

[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131C38)

[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD00A2BC)

[Address] EAT @explorer.exe (AppCacheFinalize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131C90)

[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131CE8)

[Address] EAT @explorer.exe (AppCacheFreeGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD075488)

[Address] EAT @explorer.exe (AppCacheFreeIESpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD038570)

[Address] EAT @explorer.exe (AppCacheFreeSpace) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131DCC)

[Address] EAT @explorer.exe (AppCacheGetDownloadList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131E24)

[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131E7C)

[Address] EAT @explorer.exe (AppCacheGetGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD075464)

[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131ED4)

[Address] EAT @explorer.exe (AppCacheGetInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD131F2C)

[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD00BB30)

[Address] EAT @explorer.exe (AppCacheLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0256B8)

[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD015F8C)

[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFCBF24)

[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD1F50)

[Address] EAT @explorer.exe (CreateMD5SSOHash) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD109180)

[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD033808)

[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0336B8)

[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD015CC0)

[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD077200)

[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0771DC)

[Address] EAT @explorer.exe (CreateUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD132E4C)

[Address] EAT @explorer.exe (DeleteIE3Cache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD137394)

[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD038BE0)

[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0294D0)

[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD03BD40)

[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD03BD40)

[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD03A1B0)

[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD132F4C)

[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F0270)

[Address] EAT @explorer.exe (DetectAutoProxyUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F0694)

[Address] EAT @explorer.exe (DispatchAPICall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB14E8)

[Address] EAT @explorer.exe (DllCanUnloadNow) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD02DC70)

[Address] EAT @explorer.exe (DllGetClassObject) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFC7470)

[Address] EAT @explorer.exe (DllInstall) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD06CD10)

[Address] EAT @explorer.exe (DllRegisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2E30)

[Address] EAT @explorer.exe (DllUnregisterServer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2E64)

[Address] EAT @explorer.exe (FindCloseUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB553C)

[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD183C)

[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFBE8C8)

[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD02C580)

[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB64A0)

[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFC89FC)

[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD032DE0)

[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133044)

[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD1CA0)

[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFBEB5C)

[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD02C704)

[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD13318C)

[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD13335C)

[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFC8680)

[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD13352C)

[Address] EAT @explorer.exe (ForceNexusLookup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD109390)

[Address] EAT @explorer.exe (ForceNexusLookupExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1093E0)

[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133648)

[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0378B8)

[Address] EAT @explorer.exe (FtpCommandA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DD968)

[Address] EAT @explorer.exe (FtpCommandW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1494)

[Address] EAT @explorer.exe (FtpCreateDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DDA4C)

[Address] EAT @explorer.exe (FtpCreateDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1630)

[Address] EAT @explorer.exe (FtpDeleteFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DDAEC)

[Address] EAT @explorer.exe (FtpDeleteFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1798)

[Address] EAT @explorer.exe (FtpFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DDB8C)

[Address] EAT @explorer.exe (FtpFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1900)

[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DDDF8)

[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1AD8)

[Address] EAT @explorer.exe (FtpGetFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DDEB8)

[Address] EAT @explorer.exe (FtpGetFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1C60)

[Address] EAT @explorer.exe (FtpGetFileSize) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE0DC)

[Address] EAT @explorer.exe (FtpGetFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1DF4)

[Address] EAT @explorer.exe (FtpOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE36C)

[Address] EAT @explorer.exe (FtpOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1EF8)

[Address] EAT @explorer.exe (FtpPutFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE44C)

[Address] EAT @explorer.exe (FtpPutFileEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E1F88)

[Address] EAT @explorer.exe (FtpPutFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E20EC)

[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE7CC)

[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E21C0)

[Address] EAT @explorer.exe (FtpRenameFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE86C)

[Address] EAT @explorer.exe (FtpRenameFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E231C)

[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0DE920)

[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E253C)

[Address] EAT @explorer.exe (GetProxyDllInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0C8D3C)

[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133868)

[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0373F4)

[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD02B510)

[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133B04)

[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133CBC)

[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01AB20)

[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD019C80)

[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD133F04)

[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD13416C)

[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFE36A0)

[Address] EAT @explorer.exe (GopherCreateLocatorA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherCreateLocatorW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherFindFirstFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherFindFirstFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherGetAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherGetAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherOpenFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (GopherOpenFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFDC8C0)

[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFE2A20)

[Address] EAT @explorer.exe (HttpCheckDavCompliance) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F5078)

[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01BD00)

[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01BE60)

[Address] EAT @explorer.exe (HttpEndRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0156C0)

[Address] EAT @explorer.exe (HttpEndRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F5714)

[Address] EAT @explorer.exe (HttpGetServerCredentials) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD10D5FC)

[Address] EAT @explorer.exe (HttpGetTunnelSocket) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D7BD4)

[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD026090)

[Address] EAT @explorer.exe (HttpOpenRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F5D6C)

[Address] EAT @explorer.exe (HttpOpenRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFDABE0)

[Address] EAT @explorer.exe (HttpPushClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D88B4)

[Address] EAT @explorer.exe (HttpPushEnable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D8964)

[Address] EAT @explorer.exe (HttpPushWait) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D89BC)

[Address] EAT @explorer.exe (HttpQueryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFDF8B0)

[Address] EAT @explorer.exe (HttpQueryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFEF3A0)

[Address] EAT @explorer.exe (HttpSendRequestA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD072A14)

[Address] EAT @explorer.exe (HttpSendRequestExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F5814)

[Address] EAT @explorer.exe (HttpSendRequestExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0154A4)

[Address] EAT @explorer.exe (HttpSendRequestW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFE287C)

[Address] EAT @explorer.exe (HttpWebSocketClose) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD105E40)

[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1063CC)

[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD105F88)

[Address] EAT @explorer.exe (HttpWebSocketReceive) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD106878)

[Address] EAT @explorer.exe (HttpWebSocketSend) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD106DBC)

[Address] EAT @explorer.exe (HttpWebSocketShutdown) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD10707C)

[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0004A4)

[Address] EAT @explorer.exe (InternetAlgIdToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112440)

[Address] EAT @explorer.exe (InternetAlgIdToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112618)

[Address] EAT @explorer.exe (InternetAttemptConnect) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CCC48)

[Address] EAT @explorer.exe (InternetAutodial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D1EF0)

[Address] EAT @explorer.exe (InternetAutodialCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0C955C)

[Address] EAT @explorer.exe (InternetAutodialHangup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D1F88)

[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CCCB0)

[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE0CC)

[Address] EAT @explorer.exe (InternetCheckConnectionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CCDBC)

[Address] EAT @explorer.exe (InternetCheckConnectionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE1DC)

[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F67F8)

[Address] EAT @explorer.exe (InternetCloseHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD8400)

[Address] EAT @explorer.exe (InternetCombineUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD288)

[Address] EAT @explorer.exe (InternetCombineUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD4DA8)

[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1133E4)

[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1133E4)

[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD06FA00)

[Address] EAT @explorer.exe (InternetConnectA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD3A0)

[Address] EAT @explorer.exe (InternetConnectW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFE1460)

[Address] EAT @explorer.exe (InternetCrackUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFFC300)

[Address] EAT @explorer.exe (InternetCrackUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD031DD0)

[Address] EAT @explorer.exe (InternetCreateUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD4CC)

[Address] EAT @explorer.exe (InternetCreateUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD4880)

[Address] EAT @explorer.exe (InternetDial) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2018)

[Address] EAT @explorer.exe (InternetDialA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2018)

[Address] EAT @explorer.exe (InternetDialW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D20D0)

[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F6804)

[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F686C)

[Address] EAT @explorer.exe (InternetErrorDlg) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD11349C)

[Address] EAT @explorer.exe (InternetFindNextFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E0DF0)

[Address] EAT @explorer.exe (InternetFindNextFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0E3160)

[Address] EAT @explorer.exe (InternetFortezzaCommand) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D8A14)

[Address] EAT @explorer.exe (InternetFreeCookies) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD011254)

[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD043098)

[Address] EAT @explorer.exe (InternetGetCertByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB21A8)

[Address] EAT @explorer.exe (InternetGetCertByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB21A8)

[Address] EAT @explorer.exe (InternetGetConnectedState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD3FF0)

[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0761B4)

[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0761B4)

[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF12A4)

[Address] EAT @explorer.exe (InternetGetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7B40)

[Address] EAT @explorer.exe (InternetGetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD011224)

[Address] EAT @explorer.exe (InternetGetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7B64)

[Address] EAT @explorer.exe (InternetGetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01126C)

[Address] EAT @explorer.exe (InternetGetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7E70)

[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD564)

[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE2D0)

[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F6950)

[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F69A0)

[Address] EAT @explorer.exe (InternetGetProxyForUrl) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD042DE0)

[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD704)

[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD704)

[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE48C)

[Address] EAT @explorer.exe (InternetGoOnline) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D217C)

[Address] EAT @explorer.exe (InternetGoOnlineA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D217C)

[Address] EAT @explorer.exe (InternetGoOnlineW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2220)

[Address] EAT @explorer.exe (InternetHangUp) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D22B8)

[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFCA100)

[Address] EAT @explorer.exe (InternetLockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01B8D0)

[Address] EAT @explorer.exe (InternetOpenA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF46D0)

[Address] EAT @explorer.exe (InternetOpenUrlA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD81C)

[Address] EAT @explorer.exe (InternetOpenUrlW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE590)

[Address] EAT @explorer.exe (InternetOpenW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF4540)

[Address] EAT @explorer.exe (InternetQueryDataAvailable) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD0660)

[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D8A74)

[Address] EAT @explorer.exe (InternetQueryOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD6F40)

[Address] EAT @explorer.exe (InternetQueryOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD74F0)

[Address] EAT @explorer.exe (InternetReadFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF01F0)

[Address] EAT @explorer.exe (InternetReadFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD026D90)

[Address] EAT @explorer.exe (InternetReadFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD026D00)

[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1127F0)

[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112960)

[Address] EAT @explorer.exe (InternetSetCookieA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7E90)

[Address] EAT @explorer.exe (InternetSetCookieEx2) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7EB8)

[Address] EAT @explorer.exe (InternetSetCookieExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7F18)

[Address] EAT @explorer.exe (InternetSetCookieExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFFBDA0)

[Address] EAT @explorer.exe (InternetSetCookieW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F7FBC)

[Address] EAT @explorer.exe (InternetSetDialState) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2338)

[Address] EAT @explorer.exe (InternetSetDialStateA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2338)

[Address] EAT @explorer.exe (InternetSetDialStateW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D2390)

[Address] EAT @explorer.exe (InternetSetFilePointer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD07763C)

[Address] EAT @explorer.exe (InternetSetOptionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD5EB0)

[Address] EAT @explorer.exe (InternetSetOptionExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CEBA4)

[Address] EAT @explorer.exe (InternetSetOptionExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CECA0)

[Address] EAT @explorer.exe (InternetSetOptionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFD6370)

[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F6A38)

[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0F6AD0)

[Address] EAT @explorer.exe (InternetSetStatusCallback) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF64B0)

[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF64B0)

[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD03B9BC)

[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD8B0)

[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CD8B0)

[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0CE73C)

[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD027860)

[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD027860)

[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD08D9A8)

[Address] EAT @explorer.exe (InternetTimeToSystemTime) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD073590)

[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD073590)

[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0734C0)

[Address] EAT @explorer.exe (InternetUnlockRequestFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD01B644)

[Address] EAT @explorer.exe (InternetWriteFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD015760)

[Address] EAT @explorer.exe (InternetWriteFileExA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (InternetWriteFileExW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (IsHostInProxyBypassList) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF9E94)

[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1343A0)

[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0773E4)

[Address] EAT @explorer.exe (LoadUrlCacheContent) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0EA424)

[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112AD0)

[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFFD40C)

[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD06CF94)

[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0146E4)

[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1344F0)

[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB2A20)

[Address] EAT @explorer.exe (ResumeSuspendedDownload) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD0D13F8)

[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134600)

[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1347DC)

[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1349B4)

[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD075FD0)

[Address] EAT @explorer.exe (RunOnceUrlCache) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFB21A8)

[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134BB8)

[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134CEC)

[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134DEC)

[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134DEC)

[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFF89B0)

[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD008EE8)

[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD134FB8)

[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135174)

[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135364)

[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135524)

[Address] EAT @explorer.exe (ShowCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112AD0)

[Address] EAT @explorer.exe (ShowClientAuthCerts) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112AD0)

[Address] EAT @explorer.exe (ShowSecurityInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112AF0)

[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD112C80)

[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135644)

[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135644)

[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD13577C)

[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD03FA10)

[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1358BC)

[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD1359DC)

[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135A34)

[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135A80)

[Address] EAT @explorer.exe (UrlCacheCreateContainer) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFCFBEC5C)

[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD038948)

[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD078A90)

[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD040A60)

[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135AD8)

[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD02C358)

[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135B30)

[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135B88)

[Address] EAT @explorer.exe (UrlCacheReloadSettings) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135BE8)

[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135C40)

[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135C98)

[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD135CF8)

[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD022E78)

[Address] EAT @explorer.exe (UrlZonesDetach) : imagehlp.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD10D998)

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPKT-60PK4T0 ATA Device +++++

--- User ---

[MBR] 03080ace328ab490c9888da13f60d727

[bSP] 4123767d460759521d26eea06d264a0f : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ ) SDHC Card +++++

--- User ---

[MBR] d6c81a7a79be04b3276b82dd112ea7f4

[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code

Partition table:

0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 3819 MB

User = LL1 ... OK!

Error reading LL2 MBR! ([0x32] The request is not supported. )

 

Finished : << RKreport[0]_S_03272014_195532.txt >>
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 3/28/2014

Scan Time: 6:44:08 AM

Logfile: 

Administrator: Yes

 

Version: 2.00.0.1000

Malware Database: v2014.03.28.03

Rootkit Database: v2014.03.27.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Chameleon: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: User

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 253500

Time Elapsed: 4 min, 28 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Shuriken: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Up to now the logs you post are clean, no obvious Malware or infection...

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Kevin

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.