Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller V8.8.13 _x64_ [Mar 25 2014] by Adlice Software
- mail : http://www.adlice.com/contact/
- Feedback : http://forum.adlice.com
- Website : http://www.adlice.com/softwares/roguekiller/
- Blog : http://www.adlice.com
- Operating System : Windows 7 (6.1.7600 ) 64 bits version
- Started in : Normal mode
- User : Layne Donovan [Admin rights]
- Mode : Scan -- Date : 03/25/2014 20:51:57
- | ARK || FAK || MBR |
- ¤¤¤ Bad processes : 1 ¤¤¤
- [SUSP PATH] BBSetup.exe -- C:\Windows\Temp\IXP000.TMP\BBSetup.exe [-] -> KILLED [TermProc]
- ¤¤¤ Registry Entries : 4 ¤¤¤
- [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
- [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
- [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
- ¤¤¤ Scheduled tasks : 0 ¤¤¤
- ¤¤¤ Startup Entries : 0 ¤¤¤
- ¤¤¤ Web browsers : 0 ¤¤¤
- ¤¤¤ Browser Addons : 0 ¤¤¤
- ¤¤¤ Particular Files / Folders: ¤¤¤
- ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
- [Address] EAT @explorer.exe (LdapGetLastError) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1481D8)
- [Address] EAT @explorer.exe (LdapMapErrorToWin32) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF122BA4)
- [Address] EAT @explorer.exe (LdapUTF8ToUnicode) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147FA0)
- [Address] EAT @explorer.exe (LdapUnicodeToUTF8) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1144A8)
- [Address] EAT @explorer.exe (ber_alloc_t) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E62C)
- [Address] EAT @explorer.exe (ber_bvdup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E54C)
- [Address] EAT @explorer.exe (ber_bvecfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E500)
- [Address] EAT @explorer.exe (ber_bvfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E4BC)
- [Address] EAT @explorer.exe (ber_first_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E73C)
- [Address] EAT @explorer.exe (ber_flatten) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E7EC)
- [Address] EAT @explorer.exe (ber_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E48C)
- [Address] EAT @explorer.exe (ber_init) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E384)
- [Address] EAT @explorer.exe (ber_next_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E7B0)
- [Address] EAT @explorer.exe (ber_peek_tag) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E700)
- [Address] EAT @explorer.exe (ber_printf) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E8D4)
- [Address] EAT @explorer.exe (ber_scanf) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13EB48)
- [Address] EAT @explorer.exe (ber_skip_tag) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E6C4)
- [Address] EAT @explorer.exe (cldap_open) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11E254)
- [Address] EAT @explorer.exe (cldap_openA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11E254)
- [Address] EAT @explorer.exe (cldap_openW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F19C)
- [Address] EAT @explorer.exe (ldap_abandon) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1352C0)
- [Address] EAT @explorer.exe (ldap_add) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135BD8)
- [Address] EAT @explorer.exe (ldap_addA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135BD8)
- [Address] EAT @explorer.exe (ldap_addW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135AF8)
- [Address] EAT @explorer.exe (ldap_add_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135D38)
- [Address] EAT @explorer.exe (ldap_add_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135D38)
- [Address] EAT @explorer.exe (ldap_add_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C48)
- [Address] EAT @explorer.exe (ldap_add_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13600C)
- [Address] EAT @explorer.exe (ldap_add_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13600C)
- [Address] EAT @explorer.exe (ldap_add_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135EA4)
- [Address] EAT @explorer.exe (ldap_add_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C28)
- [Address] EAT @explorer.exe (ldap_add_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C28)
- [Address] EAT @explorer.exe (ldap_add_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF135C08)
- [Address] EAT @explorer.exe (ldap_bind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138034)
- [Address] EAT @explorer.exe (ldap_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138034)
- [Address] EAT @explorer.exe (ldap_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137F20)
- [Address] EAT @explorer.exe (ldap_bind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138050)
- [Address] EAT @explorer.exe (ldap_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138050)
- [Address] EAT @explorer.exe (ldap_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF119B64)
- [Address] EAT @explorer.exe (ldap_check_filterA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146F0C)
- [Address] EAT @explorer.exe (ldap_check_filterW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146D08)
- [Address] EAT @explorer.exe (ldap_cleanup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C080)
- [Address] EAT @explorer.exe (ldap_close_extended_op) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BB9C)
- [Address] EAT @explorer.exe (ldap_compare) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C38)
- [Address] EAT @explorer.exe (ldap_compareA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C38)
- [Address] EAT @explorer.exe (ldap_compareW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138B40)
- [Address] EAT @explorer.exe (ldap_compare_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138DD0)
- [Address] EAT @explorer.exe (ldap_compare_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138DD0)
- [Address] EAT @explorer.exe (ldap_compare_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138CC0)
- [Address] EAT @explorer.exe (ldap_compare_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1391B0)
- [Address] EAT @explorer.exe (ldap_compare_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1391B0)
- [Address] EAT @explorer.exe (ldap_compare_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13902C)
- [Address] EAT @explorer.exe (ldap_compare_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C98)
- [Address] EAT @explorer.exe (ldap_compare_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C98)
- [Address] EAT @explorer.exe (ldap_compare_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138C70)
- [Address] EAT @explorer.exe (ldap_conn_from_msg) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148208)
- [Address] EAT @explorer.exe (ldap_connect) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BF14)
- [Address] EAT @explorer.exe (ldap_control_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139800)
- [Address] EAT @explorer.exe (ldap_control_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139800)
- [Address] EAT @explorer.exe (ldap_control_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF139810)
- [Address] EAT @explorer.exe (ldap_controls_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
- [Address] EAT @explorer.exe (ldap_controls_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
- [Address] EAT @explorer.exe (ldap_controls_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FD18)
- [Address] EAT @explorer.exe (ldap_count_entries) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D2DC)
- [Address] EAT @explorer.exe (ldap_count_references) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147BE8)
- [Address] EAT @explorer.exe (ldap_count_values) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442A0)
- [Address] EAT @explorer.exe (ldap_count_valuesA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442A0)
- [Address] EAT @explorer.exe (ldap_count_valuesW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D270)
- [Address] EAT @explorer.exe (ldap_count_values_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D270)
- [Address] EAT @explorer.exe (ldap_create_page_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1408D4)
- [Address] EAT @explorer.exe (ldap_create_page_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1408D4)
- [Address] EAT @explorer.exe (ldap_create_page_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140800)
- [Address] EAT @explorer.exe (ldap_create_sort_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465A4)
- [Address] EAT @explorer.exe (ldap_create_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465A4)
- [Address] EAT @explorer.exe (ldap_create_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1465C0)
- [Address] EAT @explorer.exe (ldap_create_vlv_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1414A4)
- [Address] EAT @explorer.exe (ldap_create_vlv_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141480)
- [Address] EAT @explorer.exe (ldap_delete) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA90)
- [Address] EAT @explorer.exe (ldap_deleteA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA90)
- [Address] EAT @explorer.exe (ldap_deleteW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AA60)
- [Address] EAT @explorer.exe (ldap_delete_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAF4)
- [Address] EAT @explorer.exe (ldap_delete_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAF4)
- [Address] EAT @explorer.exe (ldap_delete_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13A978)
- [Address] EAT @explorer.exe (ldap_delete_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13ADA0)
- [Address] EAT @explorer.exe (ldap_delete_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13ADA0)
- [Address] EAT @explorer.exe (ldap_delete_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AC50)
- [Address] EAT @explorer.exe (ldap_delete_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAE0)
- [Address] EAT @explorer.exe (ldap_delete_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAE0)
- [Address] EAT @explorer.exe (ldap_delete_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13AAC0)
- [Address] EAT @explorer.exe (ldap_dn2ufn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DCE4)
- [Address] EAT @explorer.exe (ldap_dn2ufnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DCE4)
- [Address] EAT @explorer.exe (ldap_dn2ufnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DA38)
- [Address] EAT @explorer.exe (ldap_encode_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146C3C)
- [Address] EAT @explorer.exe (ldap_encode_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146B74)
- [Address] EAT @explorer.exe (ldap_err2string) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112200)
- [Address] EAT @explorer.exe (ldap_err2stringA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112200)
- [Address] EAT @explorer.exe (ldap_err2stringW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148040)
- [Address] EAT @explorer.exe (ldap_escape_filter_element) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF111588)
- [Address] EAT @explorer.exe (ldap_escape_filter_elementA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF111588)
- [Address] EAT @explorer.exe (ldap_escape_filter_elementW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146F88)
- [Address] EAT @explorer.exe (ldap_explode_dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D968)
- [Address] EAT @explorer.exe (ldap_explode_dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D968)
- [Address] EAT @explorer.exe (ldap_explode_dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13D6DC)
- [Address] EAT @explorer.exe (ldap_extended_operation) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B6D4)
- [Address] EAT @explorer.exe (ldap_extended_operationA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B6D4)
- [Address] EAT @explorer.exe (ldap_extended_operationW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B5E4)
- [Address] EAT @explorer.exe (ldap_extended_operation_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13B840)
- [Address] EAT @explorer.exe (ldap_extended_operation_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BA1C)
- [Address] EAT @explorer.exe (ldap_first_attribute) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136DF4)
- [Address] EAT @explorer.exe (ldap_first_attributeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136DF4)
- [Address] EAT @explorer.exe (ldap_first_attributeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D360)
- [Address] EAT @explorer.exe (ldap_first_entry) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF117A68)
- [Address] EAT @explorer.exe (ldap_first_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A78)
- [Address] EAT @explorer.exe (ldap_free_controls) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
- [Address] EAT @explorer.exe (ldap_free_controlsA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
- [Address] EAT @explorer.exe (ldap_free_controlsW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1397F4)
- [Address] EAT @explorer.exe (ldap_get_dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442C0)
- [Address] EAT @explorer.exe (ldap_get_dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1442C0)
- [Address] EAT @explorer.exe (ldap_get_dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FDD0)
- [Address] EAT @explorer.exe (ldap_get_next_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13FE30)
- [Address] EAT @explorer.exe (ldap_get_next_page_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13FFDC)
- [Address] EAT @explorer.exe (ldap_get_option) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BC58)
- [Address] EAT @explorer.exe (ldap_get_optionA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BC58)
- [Address] EAT @explorer.exe (ldap_get_optionW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11CE54)
- [Address] EAT @explorer.exe (ldap_get_paged_count) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140248)
- [Address] EAT @explorer.exe (ldap_get_values) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14412C)
- [Address] EAT @explorer.exe (ldap_get_valuesA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14428C)
- [Address] EAT @explorer.exe (ldap_get_valuesW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1185A4)
- [Address] EAT @explorer.exe (ldap_get_values_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DC94)
- [Address] EAT @explorer.exe (ldap_get_values_lenA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DC94)
- [Address] EAT @explorer.exe (ldap_get_values_lenW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11868C)
- [Address] EAT @explorer.exe (ldap_init) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F230)
- [Address] EAT @explorer.exe (ldap_initA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F230)
- [Address] EAT @explorer.exe (ldap_initW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BF94)
- [Address] EAT @explorer.exe (ldap_memfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11965C)
- [Address] EAT @explorer.exe (ldap_memfreeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11965C)
- [Address] EAT @explorer.exe (ldap_memfreeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FEC0)
- [Address] EAT @explorer.exe (ldap_modify) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C964)
- [Address] EAT @explorer.exe (ldap_modifyA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C964)
- [Address] EAT @explorer.exe (ldap_modifyW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C884)
- [Address] EAT @explorer.exe (ldap_modify_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CAC4)
- [Address] EAT @explorer.exe (ldap_modify_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CAC4)
- [Address] EAT @explorer.exe (ldap_modify_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9D4)
- [Address] EAT @explorer.exe (ldap_modify_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CD98)
- [Address] EAT @explorer.exe (ldap_modify_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CD98)
- [Address] EAT @explorer.exe (ldap_modify_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13CC30)
- [Address] EAT @explorer.exe (ldap_modify_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9B4)
- [Address] EAT @explorer.exe (ldap_modify_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C9B4)
- [Address] EAT @explorer.exe (ldap_modify_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C994)
- [Address] EAT @explorer.exe (ldap_modrdn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143468)
- [Address] EAT @explorer.exe (ldap_modrdn2) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14303C)
- [Address] EAT @explorer.exe (ldap_modrdn2A) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14303C)
- [Address] EAT @explorer.exe (ldap_modrdn2W) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142E70)
- [Address] EAT @explorer.exe (ldap_modrdn2_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14330C)
- [Address] EAT @explorer.exe (ldap_modrdn2_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14330C)
- [Address] EAT @explorer.exe (ldap_modrdn2_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1431C4)
- [Address] EAT @explorer.exe (ldap_modrdnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143468)
- [Address] EAT @explorer.exe (ldap_modrdnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143454)
- [Address] EAT @explorer.exe (ldap_modrdn_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143490)
- [Address] EAT @explorer.exe (ldap_modrdn_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143490)
- [Address] EAT @explorer.exe (ldap_modrdn_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14347C)
- [Address] EAT @explorer.exe (ldap_msgfree) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF112980)
- [Address] EAT @explorer.exe (ldap_next_attribute) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136EA8)
- [Address] EAT @explorer.exe (ldap_next_attributeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF136EA8)
- [Address] EAT @explorer.exe (ldap_next_attributeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D3E4)
- [Address] EAT @explorer.exe (ldap_next_entry) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11FBD0)
- [Address] EAT @explorer.exe (ldap_next_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147B28)
- [Address] EAT @explorer.exe (ldap_open) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F124)
- [Address] EAT @explorer.exe (ldap_openA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F124)
- [Address] EAT @explorer.exe (ldap_openW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F114)
- [Address] EAT @explorer.exe (ldap_parse_extended_resultA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142154)
- [Address] EAT @explorer.exe (ldap_parse_extended_resultW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF142080)
- [Address] EAT @explorer.exe (ldap_parse_page_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140C98)
- [Address] EAT @explorer.exe (ldap_parse_page_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140C98)
- [Address] EAT @explorer.exe (ldap_parse_page_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140BD0)
- [Address] EAT @explorer.exe (ldap_parse_reference) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147D60)
- [Address] EAT @explorer.exe (ldap_parse_referenceA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147D60)
- [Address] EAT @explorer.exe (ldap_parse_referenceW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147CAC)
- [Address] EAT @explorer.exe (ldap_parse_result) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141F80)
- [Address] EAT @explorer.exe (ldap_parse_resultA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141F80)
- [Address] EAT @explorer.exe (ldap_parse_resultW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141E80)
- [Address] EAT @explorer.exe (ldap_parse_sort_control) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1466F4)
- [Address] EAT @explorer.exe (ldap_parse_sort_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1466F4)
- [Address] EAT @explorer.exe (ldap_parse_sort_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1467C0)
- [Address] EAT @explorer.exe (ldap_parse_vlv_controlA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141A14)
- [Address] EAT @explorer.exe (ldap_parse_vlv_controlW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF141934)
- [Address] EAT @explorer.exe (ldap_perror) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148090)
- [Address] EAT @explorer.exe (ldap_rename_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1435B4)
- [Address] EAT @explorer.exe (ldap_rename_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1435B4)
- [Address] EAT @explorer.exe (ldap_rename_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1434A4)
- [Address] EAT @explorer.exe (ldap_rename_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1439BC)
- [Address] EAT @explorer.exe (ldap_rename_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1439BC)
- [Address] EAT @explorer.exe (ldap_rename_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF143844)
- [Address] EAT @explorer.exe (ldap_result) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D988)
- [Address] EAT @explorer.exe (ldap_result2error) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118BF0)
- [Address] EAT @explorer.exe (ldap_sasl_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF145CB0)
- [Address] EAT @explorer.exe (ldap_sasl_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF145EC4)
- [Address] EAT @explorer.exe (ldap_sasl_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146004)
- [Address] EAT @explorer.exe (ldap_sasl_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF146208)
- [Address] EAT @explorer.exe (ldap_search) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DE04)
- [Address] EAT @explorer.exe (ldap_searchA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11DE04)
- [Address] EAT @explorer.exe (ldap_searchW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144320)
- [Address] EAT @explorer.exe (ldap_search_abandon_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF140538)
- [Address] EAT @explorer.exe (ldap_search_ext) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1446D4)
- [Address] EAT @explorer.exe (ldap_search_extA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1446D4)
- [Address] EAT @explorer.exe (ldap_search_extW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1445B0)
- [Address] EAT @explorer.exe (ldap_search_ext_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1448E0)
- [Address] EAT @explorer.exe (ldap_search_ext_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF1448E0)
- [Address] EAT @explorer.exe (ldap_search_ext_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118A10)
- [Address] EAT @explorer.exe (ldap_search_init_page) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F910)
- [Address] EAT @explorer.exe (ldap_search_init_pageA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F910)
- [Address] EAT @explorer.exe (ldap_search_init_pageW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F7F0)
- [Address] EAT @explorer.exe (ldap_search_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14443C)
- [Address] EAT @explorer.exe (ldap_search_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14443C)
- [Address] EAT @explorer.exe (ldap_search_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D130)
- [Address] EAT @explorer.exe (ldap_search_st) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144478)
- [Address] EAT @explorer.exe (ldap_search_stA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF144478)
- [Address] EAT @explorer.exe (ldap_search_stW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D16C)
- [Address] EAT @explorer.exe (ldap_set_dbg_flags) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF14809C)
- [Address] EAT @explorer.exe (ldap_set_dbg_routine) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF148090)
- [Address] EAT @explorer.exe (ldap_set_option) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BD1C)
- [Address] EAT @explorer.exe (ldap_set_optionA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13BD1C)
- [Address] EAT @explorer.exe (ldap_set_optionW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BE90)
- [Address] EAT @explorer.exe (ldap_simple_bind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137FF4)
- [Address] EAT @explorer.exe (ldap_simple_bindA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137FF4)
- [Address] EAT @explorer.exe (ldap_simple_bindW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137D88)
- [Address] EAT @explorer.exe (ldap_simple_bind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138014)
- [Address] EAT @explorer.exe (ldap_simple_bind_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF138014)
- [Address] EAT @explorer.exe (ldap_simple_bind_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF137E54)
- [Address] EAT @explorer.exe (ldap_sslinit) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F1AC)
- [Address] EAT @explorer.exe (ldap_sslinitA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13F1AC)
- [Address] EAT @explorer.exe (ldap_sslinitW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11BFA0)
- [Address] EAT @explorer.exe (ldap_start_tls_sA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A50)
- [Address] EAT @explorer.exe (ldap_start_tls_sW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147A2C)
- [Address] EAT @explorer.exe (ldap_startup) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13C034)
- [Address] EAT @explorer.exe (ldap_stop_tls_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF147690)
- [Address] EAT @explorer.exe (ldap_ufn2dn) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E240)
- [Address] EAT @explorer.exe (ldap_ufn2dnA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13E240)
- [Address] EAT @explorer.exe (ldap_ufn2dnW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF13DD90)
- [Address] EAT @explorer.exe (ldap_unbind) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF118294)
- [Address] EAT @explorer.exe (ldap_unbind_s) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF11D96C)
- [Address] EAT @explorer.exe (ldap_value_free) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116620)
- [Address] EAT @explorer.exe (ldap_value_freeA) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116620)
- [Address] EAT @explorer.exe (ldap_value_freeW) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116684)
- [Address] EAT @explorer.exe (ldap_value_free_len) : urlmon.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF116684)
- ¤¤¤ External Hives: ¤¤¤
- ¤¤¤ Infection : ¤¤¤
- ¤¤¤ HOSTS File: ¤¤¤
- --> %SystemRoot%\System32\drivers\etc\hosts
- 127.0.0.1 localhost
- ¤¤¤ MBR Check: ¤¤¤
- +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 +++++
- --- User ---
- [MBR] 494f34f8b4da3bc5c7ac2b6742792f4d
- [BSP] a79ee6198fe7537d8a5026fea2f6fae8 : Windows 7/8 MBR Code
- Partition table:
- 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14848 MB
- 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30410752 | Size: 100 MB
- 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30615552 | Size: 461990 MB
- User = LL1 ... OK!
- User = LL2 ... OK!
- +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- Compact Flash USB Device +++++
- Error reading User MBR! ([0x15] The device is not ready. )
- User = LL1 ... OK!
- Error reading LL2 MBR! ([0x32] The request is not supported. )
- +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Multiple Flash Reader USB Device +++++
- Error reading User MBR! ([0x15] The device is not ready. )
- User = LL1 ... OK!
- Error reading LL2 MBR! ([0x32] The request is not supported. )
- Finished : << RKreport[0]_S_03252014_205157.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement