Samedi 29 avril 2006
Processes:
PID ParentPID User Path
--------------------------------------------------
380 512 C:Documents and SettingsInternet2Mes documentssyfilessyfileszipchast_ppostcards.gif.exe
Ports:
Port PID Type Path
--------------------------------------------------
Explorer Dlls:
DLL Path Company Name File Description
--------------------------------------------------
No changes Found
IE Dlls:
DLL Path Company Name File Description
--------------------------------------------------
No changes Found
Loaded Drivers:
Driver File Company Name Description
--------------------------------------------------
Monitored RegKeys
Registry Key Value
--------------------------------------------------
Kernel31 Api Log
--------------------------------------------------
***** Installing Hooks *****
***** Install URLDownloadToFileA hook failed...Error: Asm Length failed? 0 JMP [B61788] Unknown identifier
***** Install URLDownloadToCacheFile hook failed...Error: Asm Length failed? 0 JMP [B6178C] Unknown identifier
719f70df RegOpenKeyExA (HKLMSystemCurrentControlSetServicesWinSock2Parameters)
719f7cc4 RegOpenKeyExA (Protocol_Catalog9)
719f737e RegOpenKeyExA (00000009)
719f724d RegOpenKeyExA (Catalog_Entries)
719f78ea RegOpenKeyExA (000000000001)
719f78ea RegOpenKeyExA (000000000002)
719f78ea RegOpenKeyExA (000000000003)
719f78ea RegOpenKeyExA (000000000004)
719f78ea RegOpenKeyExA (000000000005)
719f78ea RegOpenKeyExA (000000000006)
719f78ea RegOpenKeyExA (000000000007)
719f78ea RegOpenKeyExA (000000000008)
719f78ea RegOpenKeyExA (000000000009)
719f78ea RegOpenKeyExA (000000000010)
719f78ea RegOpenKeyExA (000000000011)
719f78ea RegOpenKeyExA (000000000012)
719f78ea RegOpenKeyExA (000000000013)
719f78ea RegOpenKeyExA (000000000014)
719f2623 WaitForSingleObject(790,0)
719f83c6 RegOpenKeyExA (NameSpace_Catalog5)
719f737e RegOpenKeyExA (00000004)
719f7f5b RegOpenKeyExA (Catalog_Entries)
719f80ef RegOpenKeyExA (000000000001)
719f80ef RegOpenKeyExA (000000000002)
719f80ef RegOpenKeyExA (000000000003)
719f2623 WaitForSingleObject(788,0)
719e1afa RegOpenKeyExA (HKLMSystemCurrentControlSetServicesWinsock2Parameters)
719e1996 GlobalAlloc()
7c80b511 ExitThread()
4037bc GetCommandLineA()
74da14d6 GetCurrentProcessId()=380
74da199d GetVersionExA()
405558 LoadLibraryA(riched32.dll)=73230000
405564 LoadLibraryA(riched20.dll)=74da0000
405585 LoadLibraryA(COMCTL32.DLL)=77390000
7ca32d5d LoadLibraryA(ole32.dll)=774a0000
40530c GetVersionExA()
40de00 CreateFileA(C:Documents and SettingsInternet2Mes documentssyfilessyfileszipchast_ppostcards.gif.exe)
40e2c0 ReadFile()
5b0aef89 GetCurrentProcessId()=380
5b09b1ba IsDebuggerPresent()
77393f9f LoadLibraryA(UxTheme.dll)=5b090000
77f48b26 RegOpenKeyExA (HKCUSoftwareMicrosoftwindowsCurrentVersionExplorerAutoComplete)
77f48d24 RegOpenKeyExA (HKLMSoftwareMicrosoftwindowsCurrentVersionExplorerAutoComplete)
77f5b4bc LoadLibraryA(ole32.dll)=774a0000
76f84c52 GetVersionExA()
774ef0f5 LoadLibraryA(CLBCATQ.DLL)=76f80000
774ef8d1 LoadLibraryA(CLBCATQ.DLL)=76f80000
76f866c9 GetVersionExA()
76fbaf0c ReadFile()
774ebd9b GetCurrentProcessId()=380
76c41310 GetVersionExA()
76be1a17 CreateMutex((null))
76f1147f GetVersionExA()
766119a8 GetVersionExA()
76611f28 LoadLibraryA(RichEd20.dll)=74da0000
77737417 GetVersionExA()
7773716f GetVersionExA()
77f44fbd RegOpenKeyExA (HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerPerformance)
777361bb LoadLibraryA(SHELL32.dll)=7c9d0000
777361bb LoadLibraryA(ole32.dll)=774a0000
77f63357 LoadLibraryA(SHELL32.DLL)=7c9d0000
77f6339e RegOpenKeyExA (HKLMSoftwareMicrosoftInternet Explorer)
777361bb LoadLibraryA(WININET.dll)=77aa0000
77dc97ae LoadLibraryA(Secur32.dll)=77fc0000
77aa40ce RegOpenKeyExA (HKLMSoftwareMicrosoftWindowsCurrentVersionInternet SettingsCache)
77aa40ce RegOpenKeyExA (HKLMSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0Cache)
77aa773a RegOpenKeyExA (HKLMSystemSetup)
77aa40ce RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders)
77aa40ce RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0Cache)
77aa40ce RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders)
77aa6289 RegOpenKeyExA (Content)
77aa8055 LoadLibraryA(shell32.dll)=7c9d0000
77f469fd WaitForSingleObject(6b4,0)
76964e03 GlobalAlloc()
7ca32d5d LoadLibraryA(USERENV.dll)=76960000
77aa6289 RegOpenKeyExA (Paths)
77aa6289 RegOpenKeyExA (Path1)
77aa6289 RegOpenKeyExA (Path2)
77aa6289 RegOpenKeyExA (Path3)
77aa6289 RegOpenKeyExA (Path4)
77aa6289 RegOpenKeyExA (Special Paths)
77ac2ecf RegSetValueExA (Directory)
77ac2f34 RegSetValueExA (Paths)
77ac2ecf RegSetValueExA (CachePath)
77ac2f34 RegSetValueExA (CacheLimit)
77aa6289 RegOpenKeyExA (Cookies)
77aa6289 RegOpenKeyExA (History)
77aa3745 WaitForSingleObject(6c0,ffffffff)
77aa6030 CreateFileA(C:Documents and SettingsInternet2Local SettingsTemporary Internet FilesContent.IE5index.dat)
77aa58fe CreateFileA(C:Documents and SettingsInternet2Local SettingsTemporary Internet FilesContent.IE5index.dat)
77aa3745 WaitForSingleObject(6b8,ffffffff)
77aa6030 CreateFileA(C:Documents and SettingsInternet2Cookiesindex.dat)
77aa58fe CreateFileA(C:Documents and SettingsInternet2Cookiesindex.dat)
77aa3745 WaitForSingleObject(6a8,ffffffff)
77aa6030 CreateFileA(C:Documents and SettingsInternet2Local SettingsHistoriqueHistory.IE5index.dat)
77aa58fe CreateFileA(C:Documents and SettingsInternet2Local SettingsHistoriqueHistory.IE5index.dat)
77aa6289 RegOpenKeyExA (Extensible Cache)
77aa791f WaitForSingleObject(6c8,ea60)
77aa6289 RegOpenKeyExA (MSHist012006042520060426)
77aa6289 RegOpenKeyExA (UserData)
77f50e2a RegOpenKeyExA (HKCUSOFTWAREPoliciesMicrosoftWindowsCurrentVersionInternet Settings)
77aa9da1 LoadLibraryA(urlmon.dll)=77170000
77f48b26 RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMap)
77f48b26 RegOpenKeyExA (HKCUSoftwarePoliciesMicrosoftWindowsCurrentVersionInternet SettingsZoneMap)
77f48b70 RegOpenKeyExA (HKLMSoftwarePoliciesMicrosoftWindowsCurrentVersionInternet SettingsZoneMap)
77f512b8 RegOpenKeyExA (Ranges)
77f512b8 RegOpenKeyExA (Range1)
77f512b8 RegOpenKeyExA (Range10)
77f512b8 RegOpenKeyExA (Range11)
77f512b8 RegOpenKeyExA (Range12)
77f512b8 RegOpenKeyExA (Range13)
77f512b8 RegOpenKeyExA (Range14)
77f512b8 RegOpenKeyExA (Range15)
77f512b8 RegOpenKeyExA (Range16)
77f512b8 RegOpenKeyExA (Range17)
77f512b8 RegOpenKeyExA (Range18)
77f512b8 RegOpenKeyExA (Range19)
77f512b8 RegOpenKeyExA (Range2)
77f512b8 RegOpenKeyExA (Range20)
77f512b8 RegOpenKeyExA (Range21)
77f512b8 RegOpenKeyExA (Range22)
77f512b8 RegOpenKeyExA (Range23)
77f512b8 RegOpenKeyExA (Range24)
77f512b8 RegOpenKeyExA (Range25)
77f512b8 RegOpenKeyExA (Range26)
77f512b8 RegOpenKeyExA (Range27)
77f512b8 RegOpenKeyExA (Range28)
77f512b8 RegOpenKeyExA (Range29)
77f512b8 RegOpenKeyExA (Range3)
77f512b8 RegOpenKeyExA (Range30)
77f512b8 RegOpenKeyExA (Range31)
77f512b8 RegOpenKeyExA (Range4)
77f512b8 RegOpenKeyExA (Range5)
77f512b8 RegOpenKeyExA (Range6)
77f512b8 RegOpenKeyExA (Range7)
77f512b8 RegOpenKeyExA (Range8)
77f512b8 RegOpenKeyExA (Range9)
77f48b26 RegOpenKeyExA (HKCUSoftwarePoliciesMicrosoftWindowsCurrentVersionInternet SettingsZones)
77f48b70 RegOpenKeyExA (HKLMSoftwarePoliciesMicrosoftWindowsCurrentVersionInternet SettingsZones)
77f48b26 RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZones)
77f48b26 RegOpenKeyExA (HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZones