Roguekiller results - EAT @ explorer.exe

Need help determining how to resolve these results:

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jim [Admin rights]
Mode : Scan -- Date : 04/08/2014 09:54:29
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] AdwCleaner.exe -- C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\INA1A4ZP\AdwCleaner.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF5D538)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF5A468)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0814C0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE081518)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF5A54C)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE081570)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0815C8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC4EC8)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF88790)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0816AC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE081704)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08175C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC4EA4)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0817B4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08180C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF5BDC0)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF75908)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF661DC)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF1C0A4)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF220D0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE058AD8)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF83A38)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF838E8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF65F10)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC6C40)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC6C1C)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08272C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE086C74)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF88DD4)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF79730)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF8BF40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF8BF40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF8A3A0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08282C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE03FB88)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE03FFB0)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF014E0)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF7DEE0)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF175E0)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFBC750)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE022700)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE022740)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF0550C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF219BC)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF0E8B8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF7C800)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF06478)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF18B60)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF83010)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE082924)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF21E20)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF0EB4C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF7C984)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE082A6C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE082C3C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF187E0)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE082E0C)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE058CE4)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE058D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE082F28)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF87AD8)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D2B4)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE030DE0)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D398)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE030F7C)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D438)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0310E4)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D4D8)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE03124C)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D744)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031424)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02D804)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0315AC)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02DA28)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031740)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02DCB8)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031844)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02DD98)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0318D4)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031A38)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02E118)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031B0C)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02E1B8)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031C68)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE02E26C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE031E88)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE018668)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE083148)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF87614)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF7B780)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0833E4)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08359C)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF6AD80)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF69EE0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0837E4)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE083A4C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF33800)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF2CA20)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF32B80)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0449A4)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF6BF60)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF6C0C0)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF65910)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE045050)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE05CF34)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE027540)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF762DC)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0456A8)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF2AD40)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE028228)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0282D8)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE028330)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF2FA10)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF3F5F0)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC2454)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE045150)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF656EC)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF329DC)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0557A8)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE055D40)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0558F0)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0561E0)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE056720)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0569E0)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF50718)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE061CFC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE061EE0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01C564)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0217DC)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE018E94)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021874)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01C5CC)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D9F0)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01C6D8)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01DB00)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE046138)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF28570)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01CBA0)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF24F18)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062CAC)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062CAC)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFBF440)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01CCB8)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF315C0)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF4C530)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF82020)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01CDE4)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF249F0)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021904)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021904)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0219B0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE046150)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0461B8)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062D64)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE03073C)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE032AAC)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE028388)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF614C4)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF9323C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF02198)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF02198)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF2416C)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC5BF4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC5BF4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF41510)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE047490)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF61494)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0474B4)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF614DC)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0477B8)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01CE80)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01DBF4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE04629C)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0462EC)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF92F8C)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D020)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D020)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01DDB0)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021A5C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021A5C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021AF4)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021B8C)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF1A270)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF6BB30)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF44940)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D138)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01DEAC)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF447B0)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF207E0)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0283E8)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF270B0)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF27660)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF40440)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF76FE0)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF76F48)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0620B8)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062228)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0477D8)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE047800)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE047860)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF4BFD0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE047904)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021C0C)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021C0C)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE021C64)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC707C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF26020)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01E4C0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01E5B4)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF264E0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE046384)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE04641C)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF46708)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF46708)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF8BBBC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D1CC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01D1CC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE01E058)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF77AB0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF77AB0)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFDD138)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC2FD0)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC2FD0)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC2F00)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF6B8A4)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF659B0)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF4A0C4)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE083C80)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC6E24)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE039D50)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062398)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF4D63C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFBC9D4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF64950)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE083DD0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF02A00)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE020CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE083EE0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0840BC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084294)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC5A10)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF02198)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084498)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0845CC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0846CC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0846CC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF48BE0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF59188)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084898)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084A54)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084C44)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084E04)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062398)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062398)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0623B8)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE062550)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084F24)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE084F24)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08505C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF8FBF0)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE08519C)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0852BC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085314)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085360)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF0EC4C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF88B38)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDFC84B0)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF90C38)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0853B8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF7C5D8)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085410)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085468)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0854C8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085520)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE085578)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE0855D8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFDF730B8)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFE05D240)
[Address] EAT @explorer.exe (WlanAllocateMemory) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4858AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48538A0)
[Address] EAT @explorer.exe (WlanConnect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4855558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4856D10)
[Address] EAT @explorer.exe (WlanDisconnect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48557E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4853A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4858394)
[Address] EAT @explorer.exe (WlanFreeMemory) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF485A5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4857F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4855268)
[Address] EAT @explorer.exe (WlanGetProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4856A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4857B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4857404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4858D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF485935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4859418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48599D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48594D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF485A020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4859B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4859A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4859744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4859D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48591EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48592A4)
[Address] EAT @explorer.exe (WlanIhvControl) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4851960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4853EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4858A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4855A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF485A358)
[Address] EAT @explorer.exe (WlanRenameProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4856F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48587D0)
[Address] EAT @explorer.exe (WlanScan) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4853D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4857DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4854470)
[Address] EAT @explorer.exe (WlanSetProfile) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4856760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48578A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4855CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4855F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48571A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4857644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF48581B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF4858B58)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200AAJS-08L7A0 ATA Device +++++
--- User ---
[MBR] 7ad4cc2c73fda4f7141eb9d4db143690
[BSP] 895f4cf863d147b7cedfc82bb5ef008b : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_04082014_095429.txt >>
RKreport[0]_D_04082014_095213.txt;RKreport[0]_S_04082014_094906.txt
LVL 4
Jason JohanknechtIT ManagerAsked:
Who is Participating?
 
Tony GiangrecoConnect With a Mentor Commented:
Hi DataPro, I suggest taking the following steps immediately:

1. Disconnect the infected Pc's from your network to stop any further spread of the infection. I suspect it is a rootkit.

2. Download this rescue disk on a pc you truly believe is clean, create the bootable CD and boot both infected Pc's with it and scan them to find the virus.
http://www.comodo.com/business-security/network-protection/rescue-disk.php

3. If that does not work, I suggest backing up the data, booting from a Windows Install DVDF, Deleting all partitions and performing a Clean Install.

I know this is a painful process, but in my experience, it's always the best process in eliminating spyware and virus's.

Before restoring your data, I suggest booting with that bootable CD and scan the data to make sure it's clean.
http://www.comodo.com/business-security/network-protection/rescue-disk.php
0
 
Tony GiangrecoCommented:
It looks like that system is really infected.

Here is a comprehensive list of items to check:

1. Go to All programs, Administrative Tools, Event Viewer. Check the System and Application sections for errors that may be causing your problems.

2. Open an elevated command prompt and run this to check for corrupted system files.
sfc /scannow

3. Install Process Explorer to find out what runs at startup
http://technet.microsoft.com/en-us/sysinternals/bb896653

4. If you haven't also ready checked for Viruses, update your virus definitions and run a Full Scan, deleting all virus and spyware detected

5. If you don’t have any Anti Virus installed, here are a few free ones to try:
http://www.avg.com
http://www.avast.com/en-us/index
http://windows.microsoft.com/en-us/windows/security-essentials-download
http://www.bitdefender.com/solutions/free.html

6. If spyware is found, download and run these free anti spyware apps
AdwCleaner
http://www.bleepingcomputer.com/download/adwcleaner/

Kaspersky TDSSKiller
http://www.bleepingcomputer.com/download/tdsskiller/

ESET online scanner
http://www.eset.com/us/online-scanner/

Malwarebytes Anti-Rootkit
http://www.bleepingcomputer.com/download/malwarebytes-anti-rootkit/

www.malwarebytes.org
www.superantispyware.com
www.hitmanpro.com

7. Run a Disk Cleanup: Start, All Programs, Accessories, System Tools, Disk Cleanup.
Include Temporary Internet Files and Temp files

8. Run Error Checking: Start, Computer, right click  on C:\, Tools, Error Checking.
Select "Automatically fix file system errors" and click start

9. Check for all programs that start at Boot: Start, Run, type MSCONFIG, on the startup tab, review the programs listed. Uncheck anything that should not run on startup

10. Defrag all hard drives: Click My Computer, right click the C drive, click Tools, Disk Defragmenter, Click Analyze to check the amount of fragmentation or Defrag to run the process. You repeat this per drive.

General Maintenance to keep your pc up to date
1. Run Windows Update and select all Microsoft updates and security patches

2. Update your Pc's System Bios

3. Update your drivers: Motherboard Chipset, Network Adaptor, Video, Audio & Printers

4. Start Adobe reader, click Help and then click Check for updates to get the latest security and application updates.

5. Go to Control Panel, Java, advanced tab, click Check for Updates to get the latest security and application updates.

6. If you get a BSOD and want to verify if it’s related to bad Ram chips, download Memtest and make a bootable CD from the ISO. Boot it and run at least one  complete set of tests to check your memory for fault
http://www.memtest.org/#downiso
0
 
Jason JohanknechtIT ManagerAuthor Commented:
Has Norton 360 (v21) - scan results (Full Scan) = nothing found but tracking cookies.
Malwarebytes (v2.0.1) Full scan (Rootkits also checked) = nothing but items like Conduit and toolbars.
adwCleaner run.
TDSSKiller run = nothing found.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
web_trackerCommented:
I would run a scan with malwarebytes if you have not already done so https://www.malwarebytes.org/?utm_source=cj&utm_medium=aff&utm_content=11125352 &utm_campaign=1807252&tracking=cj . One other effective malware removal tool I use is Emsisoft Emergency kit. There is a lot of updates, and it takes a long time to scan but it is very effective in catching infections. https://www.emsisoft.com/en/software/eek/
0
 
Tony GiangrecoCommented:
Have you resolved this issue?
0
 
Jason JohanknechtIT ManagerAuthor Commented:
I have run anti-rootkit scanners from several companies, as many utilities as I can think of including combofix.  The other night I left Microsoft Safety scanner running on the computer along with malwarebytes anti-rootkit.  When I came back nothing was running.  The trouble computer has been brought back to my office for further testing, and now my computer is showing similar EAT @ explorer roguekiller results (Driver).  I am going to start testing all of the computers here to see if this thing spreads.

I have also tested some of the dll files on virustotal.com and no infections found.
I have not tried bitdefender yet, but is next on my list.  Hitman pro is running this moment.  Probably try Emsisoft and Eset after that.
0
 
Jason JohanknechtIT ManagerAuthor Commented:
One computer found Toniper (MS Safety Scanner), another found Harakit (Norton), the last one all scanners closed overnight.
0
 
Jason JohanknechtIT ManagerAuthor Commented:
This was a good lesson about adding a potential virus to a working network.  Should have continued working on it while disconnected from any and all networks.  Symantec released a definition update that all computers now detect and successfully remove harakit.  Ran adwcleaner again after removal and now everything looks good.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.