Author Topic: Please help me make sense of this - can I delete everything?  (Read 7666 times)

0 Members and 1 Guest are viewing this topic.

May 22, 2014, 11:45:59 AM

nicky noodles

  • Guest
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Nicholas [Admin rights]
Mode : Scan -- Date : 05/22/2014 11:41:10
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126274C)
[Address] EAT @explorer.exe (DllGetClassObject) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1264984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1268180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1262C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1268180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1262A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1263788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1262DC0)
[Address] EAT @explorer.exe (DwmFlush) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE12626C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1261D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1268180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1268180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1261010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1266308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE12611B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1266F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE12669A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1267CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE12610E8)
[Address] EAT @explorer.exe (DwmShowContact) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1263A90)
[Address] EAT @explorer.exe (DwmTetherContact) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1263A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1262320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1265FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1267710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE1263760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE12622E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : igd10umd64.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE126CE70)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD165828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1617E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD161950)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2713D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B97C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD137548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1CBB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2715C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD271618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1640B0)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD186FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14B2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17C888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17E4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD248690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD13322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD133388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14B450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B9E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B9E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD27252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD276A34)



Reply #1May 22, 2014, 11:48:22 AM

nicky noodles

  • Guest
Re: Please help me make sense of this - can I delete everything?
« Reply #1 on: May 22, 2014, 11:48:22 AM »
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD137A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1683B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD145494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD145494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD137B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD27262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD22F270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD22F76C)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD101B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD179CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD175990)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20A544)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2122D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD212310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10A0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17E16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD132CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10BA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD177DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1397E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD177570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17E044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD132F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10BED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD139400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD24889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2488F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1366F0)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D388)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD220D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD220EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2211B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221390)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21D8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221518)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21DAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2216AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21DD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2217B0)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21DE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221840)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2219A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21E1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21E270)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21E324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD221DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD207C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD272F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1362C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10ACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2731F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2733A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17F540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD107824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2735F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD273858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD11BDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD114140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD127A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2345C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1830E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD183240)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD148A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD234C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD24CBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1863C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2352C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD112EE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217D94)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217E44)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD118B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD11A090)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B40D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD234D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD148880)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD127634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD245350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2458DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD245498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD245D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2462C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD246580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1474F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD251ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD251CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20BF9C)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2111E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B7A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20D40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1171F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD16C930)

Reply #2May 22, 2014, 11:50:43 AM

nicky noodles

  • Guest
Re: Please help me make sense of this - can I delete everything?
« Reply #2 on: May 22, 2014, 11:50:43 AM »
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B1BD0)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C6D0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1165EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1430E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD189760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD16BEC8)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211270)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211270)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD21131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2206A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2229E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD146AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD104D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD104D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17EE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B82A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B82A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD15AD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2370B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD146A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2370E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD146B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2373E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20C898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20D500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B7374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20D6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2113D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2113D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211468)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD16C574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1802BC)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD13D55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20CB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20D7B8)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD13D3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD12AB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD217F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD110D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD111220)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD128430)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14DF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14DF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD251E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD251FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD237404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD23742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD23748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD142BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD237530)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD211580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2115D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1BA07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10DF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20DDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20DED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10E3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD235FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD236044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD13E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD13E178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14EF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD20D970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1818FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1818FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1BAD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B4760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B4760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD17FFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD148B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD15BC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD273A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1BA290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD229C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1446B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD234318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14CBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD273BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD179ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD210670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD273CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD273EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2740A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1B80B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD104D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2742A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2743D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2744D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2744D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD141278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD14C1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2746A4)

Reply #3May 22, 2014, 11:51:53 AM

nicky noodles

  • Guest
Re: Please help me make sense of this - can I delete everything?
« Reply #3 on: May 22, 2014, 11:51:53 AM »
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274C10)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD252310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD182364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD274FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2750C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD275120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD27516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD132630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1377A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1BBA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD1889A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2751C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD10A5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD27521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD275274)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2752D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD27532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD275384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD2753E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD188FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0xDD24D000)
[Address] EAT @explorer.exe (OpenAdapter10) : authui.dll -> HOOKED (C:\WINDOWS\SYSTEM32\igd10umd64.dll @ 0xE14D8050)
[Address] EAT @explorer.exe (OpenAdapter10_2) : authui.dll -> HOOKED (C:\WINDOWS\SYSTEM32\igd10umd64.dll @ 0xE14D7FF0)
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files\Internet Explorer\IEShims.dll @ 0xDB361C90)
[Address] IAT @iexplore.exe (SetCurrentProcessExplicitAppUserModelID) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\WINDOWS\SYSTEM32\shcore.dll @ 0xE2336D08)
[Address] IAT @iexplore.exe (CommandLineToArgvW) : api-ms-win-downlevel-shell32-l1-1-0.dll -> HOOKED (C:\WINDOWS\SYSTEM32\shcore.dll @ 0xE23148E8)
[Address] EAT @iexplore.exe (AcroBrwSetCallbacks) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E36F42)
[Address] EAT @iexplore.exe (AcroBrwSubclassWindow) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E3715E)
[Address] EAT @iexplore.exe (DllCanUnloadNow) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E320FA)
[Address] EAT @iexplore.exe (DllGetClassObject) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E34BEC)
[Address] EAT @iexplore.exe (DllRegisterServer) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E31100)
[Address] EAT @iexplore.exe (DllUnregisterServer) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E34F74)
[Address] EAT @iexplore.exe (StubInit) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E35CDE)
[Address] EAT @iexplore.exe (StubOnQuit) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E35D23)
[Address] EAT @iexplore.exe (StubSetSite) : MLANG.dll -> HOOKED (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll @ 0x70E35D07)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS543232A7A384 +++++
--- User ---
[MBR] 16d4d9714c9fe5e37aa2a6deec1011d3
[BSP] ac8a90d37d46ff07688d184799fc8c86 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 305245 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05222014_114109.txt >>
RKreport[0]_D_05222014_113056.txt;RKreport[0]_S_05222014_102322.txt;RKreport[0]_S_05222014_105234.txt





Reply #4May 23, 2014, 11:45:46 AM

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 956
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Please help me make sense of this - can I delete everything?
« Reply #4 on: May 23, 2014, 11:45:46 AM »
Hello
That's false positive, already fixed for next release ;)