API tools faq
paste
Advertisement
Guest User

roguekiller

a guest
Mar 25th, 2014
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.58 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V8.8.13 _x64_ [Mar 25 2014] by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : http://forum.adlice.com
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows 7 (6.1.7600 ) 64 bits version
  8. Started in : Normal mode
  9. User : Layne Donovan [Admin rights]
  10. Mode : Scan -- Date : 03/25/2014 20:51:57
  11. | ARK || FAK || MBR |
  12.  
  13. ¤¤¤ Bad processes : 1 ¤¤¤
  14. [SUSP PATH] BBSetup.exe -- C:\Windows\Temp\IXP000.TMP\BBSetup.exe [-] -> KILLED [TermProc]
  15.  
  16. ¤¤¤ Registry Entries : 4 ¤¤¤
  17. [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
  18. [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
  19. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  20. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  21.  
  22. ¤¤¤ Scheduled tasks : 0 ¤¤¤
  23.  
  24. ¤¤¤ Startup Entries : 0 ¤¤¤
  25.  
  26. ¤¤¤ Web browsers : 0 ¤¤¤
  27.  
  28. ¤¤¤ Browser Addons : 0 ¤¤¤
  29.  
  30. ¤¤¤ Particular Files / Folders: ¤¤¤
  31.  
  32. ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
  33. [Address] EAT @explorer.exe (LdapGetLastError) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1481D8)
  34. [Address] EAT @explorer.exe (LdapMapErrorToWin32) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF122BA4)
  35. [Address] EAT @explorer.exe (LdapUTF8ToUnicode) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147FA0)
  36. [Address] EAT @explorer.exe (LdapUnicodeToUTF8) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1144A8)
  37. [Address] EAT @explorer.exe (ber_alloc_t) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E62C)
  38. [Address] EAT @explorer.exe (ber_bvdup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E54C)
  39. [Address] EAT @explorer.exe (ber_bvecfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E500)
  40. [Address] EAT @explorer.exe (ber_bvfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E4BC)
  41. [Address] EAT @explorer.exe (ber_first_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E73C)
  42. [Address] EAT @explorer.exe (ber_flatten) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E7EC)
  43. [Address] EAT @explorer.exe (ber_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E48C)
  44. [Address] EAT @explorer.exe (ber_init) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E384)
  45. [Address] EAT @explorer.exe (ber_next_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E7B0)
  46. [Address] EAT @explorer.exe (ber_peek_tag) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E700)
  47. [Address] EAT @explorer.exe (ber_printf) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E8D4)
  48. [Address] EAT @explorer.exe (ber_scanf) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13EB48)
  49. [Address] EAT @explorer.exe (ber_skip_tag) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E6C4)
  50. [Address] EAT @explorer.exe (cldap_open) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11E254)
  51. [Address] EAT @explorer.exe (cldap_openA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11E254)
  52. [Address] EAT @explorer.exe (cldap_openW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F19C)
  53. [Address] EAT @explorer.exe (ldap_abandon) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1352C0)
  54. [Address] EAT @explorer.exe (ldap_add) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135BD8)
  55. [Address] EAT @explorer.exe (ldap_addA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135BD8)
  56. [Address] EAT @explorer.exe (ldap_addW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135AF8)
  57. [Address] EAT @explorer.exe (ldap_add_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135D38)
  58. [Address] EAT @explorer.exe (ldap_add_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135D38)
  59. [Address] EAT @explorer.exe (ldap_add_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C48)
  60. [Address] EAT @explorer.exe (ldap_add_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13600C)
  61. [Address] EAT @explorer.exe (ldap_add_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13600C)
  62. [Address] EAT @explorer.exe (ldap_add_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135EA4)
  63. [Address] EAT @explorer.exe (ldap_add_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C28)
  64. [Address] EAT @explorer.exe (ldap_add_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C28)
  65. [Address] EAT @explorer.exe (ldap_add_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C08)
  66. [Address] EAT @explorer.exe (ldap_bind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138034)
  67. [Address] EAT @explorer.exe (ldap_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138034)
  68. [Address] EAT @explorer.exe (ldap_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137F20)
  69. [Address] EAT @explorer.exe (ldap_bind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138050)
  70. [Address] EAT @explorer.exe (ldap_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138050)
  71. [Address] EAT @explorer.exe (ldap_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF119B64)
  72. [Address] EAT @explorer.exe (ldap_check_filterA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146F0C)
  73. [Address] EAT @explorer.exe (ldap_check_filterW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146D08)
  74. [Address] EAT @explorer.exe (ldap_cleanup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C080)
  75. [Address] EAT @explorer.exe (ldap_close_extended_op) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BB9C)
  76. [Address] EAT @explorer.exe (ldap_compare) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C38)
  77. [Address] EAT @explorer.exe (ldap_compareA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C38)
  78. [Address] EAT @explorer.exe (ldap_compareW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138B40)
  79. [Address] EAT @explorer.exe (ldap_compare_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138DD0)
  80. [Address] EAT @explorer.exe (ldap_compare_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138DD0)
  81. [Address] EAT @explorer.exe (ldap_compare_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138CC0)
  82. [Address] EAT @explorer.exe (ldap_compare_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1391B0)
  83. [Address] EAT @explorer.exe (ldap_compare_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1391B0)
  84. [Address] EAT @explorer.exe (ldap_compare_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13902C)
  85. [Address] EAT @explorer.exe (ldap_compare_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C98)
  86. [Address] EAT @explorer.exe (ldap_compare_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C98)
  87. [Address] EAT @explorer.exe (ldap_compare_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C70)
  88. [Address] EAT @explorer.exe (ldap_conn_from_msg) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148208)
  89. [Address] EAT @explorer.exe (ldap_connect) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BF14)
  90. [Address] EAT @explorer.exe (ldap_control_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139800)
  91. [Address] EAT @explorer.exe (ldap_control_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139800)
  92. [Address] EAT @explorer.exe (ldap_control_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139810)
  93. [Address] EAT @explorer.exe (ldap_controls_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
  94. [Address] EAT @explorer.exe (ldap_controls_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
  95. [Address] EAT @explorer.exe (ldap_controls_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FD18)
  96. [Address] EAT @explorer.exe (ldap_count_entries) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D2DC)
  97. [Address] EAT @explorer.exe (ldap_count_references) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147BE8)
  98. [Address] EAT @explorer.exe (ldap_count_values) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442A0)
  99. [Address] EAT @explorer.exe (ldap_count_valuesA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442A0)
  100. [Address] EAT @explorer.exe (ldap_count_valuesW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D270)
  101. [Address] EAT @explorer.exe (ldap_count_values_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D270)
  102. [Address] EAT @explorer.exe (ldap_create_page_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1408D4)
  103. [Address] EAT @explorer.exe (ldap_create_page_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1408D4)
  104. [Address] EAT @explorer.exe (ldap_create_page_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140800)
  105. [Address] EAT @explorer.exe (ldap_create_sort_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465A4)
  106. [Address] EAT @explorer.exe (ldap_create_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465A4)
  107. [Address] EAT @explorer.exe (ldap_create_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465C0)
  108. [Address] EAT @explorer.exe (ldap_create_vlv_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1414A4)
  109. [Address] EAT @explorer.exe (ldap_create_vlv_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141480)
  110. [Address] EAT @explorer.exe (ldap_delete) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA90)
  111. [Address] EAT @explorer.exe (ldap_deleteA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA90)
  112. [Address] EAT @explorer.exe (ldap_deleteW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA60)
  113. [Address] EAT @explorer.exe (ldap_delete_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAF4)
  114. [Address] EAT @explorer.exe (ldap_delete_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAF4)
  115. [Address] EAT @explorer.exe (ldap_delete_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13A978)
  116. [Address] EAT @explorer.exe (ldap_delete_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13ADA0)
  117. [Address] EAT @explorer.exe (ldap_delete_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13ADA0)
  118. [Address] EAT @explorer.exe (ldap_delete_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AC50)
  119. [Address] EAT @explorer.exe (ldap_delete_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAE0)
  120. [Address] EAT @explorer.exe (ldap_delete_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAE0)
  121. [Address] EAT @explorer.exe (ldap_delete_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAC0)
  122. [Address] EAT @explorer.exe (ldap_dn2ufn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DCE4)
  123. [Address] EAT @explorer.exe (ldap_dn2ufnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DCE4)
  124. [Address] EAT @explorer.exe (ldap_dn2ufnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DA38)
  125. [Address] EAT @explorer.exe (ldap_encode_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146C3C)
  126. [Address] EAT @explorer.exe (ldap_encode_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146B74)
  127. [Address] EAT @explorer.exe (ldap_err2string) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112200)
  128. [Address] EAT @explorer.exe (ldap_err2stringA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112200)
  129. [Address] EAT @explorer.exe (ldap_err2stringW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148040)
  130. [Address] EAT @explorer.exe (ldap_escape_filter_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF111588)
  131. [Address] EAT @explorer.exe (ldap_escape_filter_elementA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF111588)
  132. [Address] EAT @explorer.exe (ldap_escape_filter_elementW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146F88)
  133. [Address] EAT @explorer.exe (ldap_explode_dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D968)
  134. [Address] EAT @explorer.exe (ldap_explode_dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D968)
  135. [Address] EAT @explorer.exe (ldap_explode_dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D6DC)
  136. [Address] EAT @explorer.exe (ldap_extended_operation) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B6D4)
  137. [Address] EAT @explorer.exe (ldap_extended_operationA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B6D4)
  138. [Address] EAT @explorer.exe (ldap_extended_operationW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B5E4)
  139. [Address] EAT @explorer.exe (ldap_extended_operation_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B840)
  140. [Address] EAT @explorer.exe (ldap_extended_operation_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BA1C)
  141. [Address] EAT @explorer.exe (ldap_first_attribute) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136DF4)
  142. [Address] EAT @explorer.exe (ldap_first_attributeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136DF4)
  143. [Address] EAT @explorer.exe (ldap_first_attributeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D360)
  144. [Address] EAT @explorer.exe (ldap_first_entry) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF117A68)
  145. [Address] EAT @explorer.exe (ldap_first_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A78)
  146. [Address] EAT @explorer.exe (ldap_free_controls) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
  147. [Address] EAT @explorer.exe (ldap_free_controlsA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
  148. [Address] EAT @explorer.exe (ldap_free_controlsW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
  149. [Address] EAT @explorer.exe (ldap_get_dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442C0)
  150. [Address] EAT @explorer.exe (ldap_get_dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442C0)
  151. [Address] EAT @explorer.exe (ldap_get_dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FDD0)
  152. [Address] EAT @explorer.exe (ldap_get_next_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13FE30)
  153. [Address] EAT @explorer.exe (ldap_get_next_page_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13FFDC)
  154. [Address] EAT @explorer.exe (ldap_get_option) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BC58)
  155. [Address] EAT @explorer.exe (ldap_get_optionA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BC58)
  156. [Address] EAT @explorer.exe (ldap_get_optionW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11CE54)
  157. [Address] EAT @explorer.exe (ldap_get_paged_count) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140248)
  158. [Address] EAT @explorer.exe (ldap_get_values) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14412C)
  159. [Address] EAT @explorer.exe (ldap_get_valuesA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14428C)
  160. [Address] EAT @explorer.exe (ldap_get_valuesW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1185A4)
  161. [Address] EAT @explorer.exe (ldap_get_values_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DC94)
  162. [Address] EAT @explorer.exe (ldap_get_values_lenA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DC94)
  163. [Address] EAT @explorer.exe (ldap_get_values_lenW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11868C)
  164. [Address] EAT @explorer.exe (ldap_init) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F230)
  165. [Address] EAT @explorer.exe (ldap_initA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F230)
  166. [Address] EAT @explorer.exe (ldap_initW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BF94)
  167. [Address] EAT @explorer.exe (ldap_memfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11965C)
  168. [Address] EAT @explorer.exe (ldap_memfreeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11965C)
  169. [Address] EAT @explorer.exe (ldap_memfreeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FEC0)
  170. [Address] EAT @explorer.exe (ldap_modify) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C964)
  171. [Address] EAT @explorer.exe (ldap_modifyA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C964)
  172. [Address] EAT @explorer.exe (ldap_modifyW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C884)
  173. [Address] EAT @explorer.exe (ldap_modify_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CAC4)
  174. [Address] EAT @explorer.exe (ldap_modify_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CAC4)
  175. [Address] EAT @explorer.exe (ldap_modify_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9D4)
  176. [Address] EAT @explorer.exe (ldap_modify_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CD98)
  177. [Address] EAT @explorer.exe (ldap_modify_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CD98)
  178. [Address] EAT @explorer.exe (ldap_modify_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CC30)
  179. [Address] EAT @explorer.exe (ldap_modify_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9B4)
  180. [Address] EAT @explorer.exe (ldap_modify_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9B4)
  181. [Address] EAT @explorer.exe (ldap_modify_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C994)
  182. [Address] EAT @explorer.exe (ldap_modrdn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143468)
  183. [Address] EAT @explorer.exe (ldap_modrdn2) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14303C)
  184. [Address] EAT @explorer.exe (ldap_modrdn2A) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14303C)
  185. [Address] EAT @explorer.exe (ldap_modrdn2W) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142E70)
  186. [Address] EAT @explorer.exe (ldap_modrdn2_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14330C)
  187. [Address] EAT @explorer.exe (ldap_modrdn2_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14330C)
  188. [Address] EAT @explorer.exe (ldap_modrdn2_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1431C4)
  189. [Address] EAT @explorer.exe (ldap_modrdnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143468)
  190. [Address] EAT @explorer.exe (ldap_modrdnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143454)
  191. [Address] EAT @explorer.exe (ldap_modrdn_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143490)
  192. [Address] EAT @explorer.exe (ldap_modrdn_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143490)
  193. [Address] EAT @explorer.exe (ldap_modrdn_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14347C)
  194. [Address] EAT @explorer.exe (ldap_msgfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112980)
  195. [Address] EAT @explorer.exe (ldap_next_attribute) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136EA8)
  196. [Address] EAT @explorer.exe (ldap_next_attributeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136EA8)
  197. [Address] EAT @explorer.exe (ldap_next_attributeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D3E4)
  198. [Address] EAT @explorer.exe (ldap_next_entry) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FBD0)
  199. [Address] EAT @explorer.exe (ldap_next_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147B28)
  200. [Address] EAT @explorer.exe (ldap_open) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F124)
  201. [Address] EAT @explorer.exe (ldap_openA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F124)
  202. [Address] EAT @explorer.exe (ldap_openW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F114)
  203. [Address] EAT @explorer.exe (ldap_parse_extended_resultA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142154)
  204. [Address] EAT @explorer.exe (ldap_parse_extended_resultW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142080)
  205. [Address] EAT @explorer.exe (ldap_parse_page_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140C98)
  206. [Address] EAT @explorer.exe (ldap_parse_page_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140C98)
  207. [Address] EAT @explorer.exe (ldap_parse_page_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140BD0)
  208. [Address] EAT @explorer.exe (ldap_parse_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147D60)
  209. [Address] EAT @explorer.exe (ldap_parse_referenceA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147D60)
  210. [Address] EAT @explorer.exe (ldap_parse_referenceW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147CAC)
  211. [Address] EAT @explorer.exe (ldap_parse_result) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141F80)
  212. [Address] EAT @explorer.exe (ldap_parse_resultA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141F80)
  213. [Address] EAT @explorer.exe (ldap_parse_resultW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141E80)
  214. [Address] EAT @explorer.exe (ldap_parse_sort_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1466F4)
  215. [Address] EAT @explorer.exe (ldap_parse_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1466F4)
  216. [Address] EAT @explorer.exe (ldap_parse_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1467C0)
  217. [Address] EAT @explorer.exe (ldap_parse_vlv_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141A14)
  218. [Address] EAT @explorer.exe (ldap_parse_vlv_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141934)
  219. [Address] EAT @explorer.exe (ldap_perror) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148090)
  220. [Address] EAT @explorer.exe (ldap_rename_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1435B4)
  221. [Address] EAT @explorer.exe (ldap_rename_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1435B4)
  222. [Address] EAT @explorer.exe (ldap_rename_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1434A4)
  223. [Address] EAT @explorer.exe (ldap_rename_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1439BC)
  224. [Address] EAT @explorer.exe (ldap_rename_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1439BC)
  225. [Address] EAT @explorer.exe (ldap_rename_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143844)
  226. [Address] EAT @explorer.exe (ldap_result) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D988)
  227. [Address] EAT @explorer.exe (ldap_result2error) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118BF0)
  228. [Address] EAT @explorer.exe (ldap_sasl_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF145CB0)
  229. [Address] EAT @explorer.exe (ldap_sasl_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF145EC4)
  230. [Address] EAT @explorer.exe (ldap_sasl_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146004)
  231. [Address] EAT @explorer.exe (ldap_sasl_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146208)
  232. [Address] EAT @explorer.exe (ldap_search) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DE04)
  233. [Address] EAT @explorer.exe (ldap_searchA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DE04)
  234. [Address] EAT @explorer.exe (ldap_searchW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144320)
  235. [Address] EAT @explorer.exe (ldap_search_abandon_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140538)
  236. [Address] EAT @explorer.exe (ldap_search_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1446D4)
  237. [Address] EAT @explorer.exe (ldap_search_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1446D4)
  238. [Address] EAT @explorer.exe (ldap_search_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1445B0)
  239. [Address] EAT @explorer.exe (ldap_search_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1448E0)
  240. [Address] EAT @explorer.exe (ldap_search_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1448E0)
  241. [Address] EAT @explorer.exe (ldap_search_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118A10)
  242. [Address] EAT @explorer.exe (ldap_search_init_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F910)
  243. [Address] EAT @explorer.exe (ldap_search_init_pageA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F910)
  244. [Address] EAT @explorer.exe (ldap_search_init_pageW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F7F0)
  245. [Address] EAT @explorer.exe (ldap_search_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14443C)
  246. [Address] EAT @explorer.exe (ldap_search_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14443C)
  247. [Address] EAT @explorer.exe (ldap_search_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D130)
  248. [Address] EAT @explorer.exe (ldap_search_st) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144478)
  249. [Address] EAT @explorer.exe (ldap_search_stA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144478)
  250. [Address] EAT @explorer.exe (ldap_search_stW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D16C)
  251. [Address] EAT @explorer.exe (ldap_set_dbg_flags) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14809C)
  252. [Address] EAT @explorer.exe (ldap_set_dbg_routine) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148090)
  253. [Address] EAT @explorer.exe (ldap_set_option) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BD1C)
  254. [Address] EAT @explorer.exe (ldap_set_optionA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BD1C)
  255. [Address] EAT @explorer.exe (ldap_set_optionW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BE90)
  256. [Address] EAT @explorer.exe (ldap_simple_bind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137FF4)
  257. [Address] EAT @explorer.exe (ldap_simple_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137FF4)
  258. [Address] EAT @explorer.exe (ldap_simple_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137D88)
  259. [Address] EAT @explorer.exe (ldap_simple_bind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138014)
  260. [Address] EAT @explorer.exe (ldap_simple_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138014)
  261. [Address] EAT @explorer.exe (ldap_simple_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137E54)
  262. [Address] EAT @explorer.exe (ldap_sslinit) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F1AC)
  263. [Address] EAT @explorer.exe (ldap_sslinitA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F1AC)
  264. [Address] EAT @explorer.exe (ldap_sslinitW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BFA0)
  265. [Address] EAT @explorer.exe (ldap_start_tls_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A50)
  266. [Address] EAT @explorer.exe (ldap_start_tls_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A2C)
  267. [Address] EAT @explorer.exe (ldap_startup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C034)
  268. [Address] EAT @explorer.exe (ldap_stop_tls_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147690)
  269. [Address] EAT @explorer.exe (ldap_ufn2dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E240)
  270. [Address] EAT @explorer.exe (ldap_ufn2dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E240)
  271. [Address] EAT @explorer.exe (ldap_ufn2dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DD90)
  272. [Address] EAT @explorer.exe (ldap_unbind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118294)
  273. [Address] EAT @explorer.exe (ldap_unbind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D96C)
  274. [Address] EAT @explorer.exe (ldap_value_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116620)
  275. [Address] EAT @explorer.exe (ldap_value_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116620)
  276. [Address] EAT @explorer.exe (ldap_value_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116684)
  277. [Address] EAT @explorer.exe (ldap_value_free_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116684)
  278.  
  279. ¤¤¤ External Hives: ¤¤¤
  280.  
  281. ¤¤¤ Infection : ¤¤¤
  282.  
  283. ¤¤¤ HOSTS File: ¤¤¤
  284. --> %SystemRoot%\System32\drivers\etc\hosts
  285.  
  286.  
  287. 127.0.0.1 localhost
  288.  
  289.  
  290. ¤¤¤ MBR Check: ¤¤¤
  291.  
  292. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 +++++
  293. --- User ---
  294. [MBR] 494f34f8b4da3bc5c7ac2b6742792f4d
  295. [BSP] a79ee6198fe7537d8a5026fea2f6fae8 : Windows 7/8 MBR Code
  296. Partition table:
  297. 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14848 MB
  298. 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30410752 | Size: 100 MB
  299. 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30615552 | Size: 461990 MB
  300. User = LL1 ... OK!
  301. User = LL2 ... OK!
  302.  
  303. +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- Compact Flash USB Device +++++
  304. Error reading User MBR! ([0x15] The device is not ready. )
  305. User = LL1 ... OK!
  306. Error reading LL2 MBR! ([0x32] The request is not supported. )
  307.  
  308. +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Multiple Flash Reader USB Device +++++
  309. Error reading User MBR! ([0x15] The device is not ready. )
  310. User = LL1 ... OK!
  311. Error reading LL2 MBR! ([0x32] The request is not supported. )
  312.  
  313. Finished : << RKreport[0]_S_03252014_205157.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!