API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 2nd, 2014
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.88 KB | None | 0 0
raw download clone embed print report
  1. RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
  2. mail : http://www.adlice.com/contact/
  3. Feedback : http://forum.adlice.com
  4. Website : http://www.adlice.com/softwares/roguekiller/
  5. Blog : http://www.adlice.com
  6.  
  7. Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
  8. Started in : Normal mode
  9. User : dfiore [Admin rights]
  10. Mode : Scan -- Date : 04/02/2014 16:50:39
  11. | ARK || FAK || MBR |
  12.  
  13. ¤¤¤ Bad processes : 0 ¤¤¤
  14.  
  15. ¤¤¤ Registry Entries : 3 ¤¤¤
  16. [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
  17. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
  18. [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
  19.  
  20. ¤¤¤ Scheduled tasks : 0 ¤¤¤
  21.  
  22. ¤¤¤ Startup Entries : 1 ¤¤¤
  23. [ksobczyk][SUSP PATH] Logitech . Product Registration.lnk : C:\Users\ksobczyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk @C:\PROGRA~1\COMMON~1\Logishrd\eReg\SetPoint\eReg.exe /remind /language=ENU /_WFM="." [-][7][-] -> FOUND
  24.  
  25. ¤¤¤ Web browsers : 0 ¤¤¤
  26.  
  27. ¤¤¤ Browser Addons : 0 ¤¤¤
  28.  
  29. ¤¤¤ Particular Files / Folders: ¤¤¤
  30.  
  31. ¤¤¤ Driver : [LOADED] ¤¤¤
  32. [Address] SSDT[13] : NtAlertResumeThread @ 0x82F2ADA3 -> HOOKED (Unknown @ 0x87849580)
  33. [Address] SSDT[14] : NtAlertThread @ 0x82E7DCC7 -> HOOKED (Unknown @ 0x87849618)
  34. [Address] SSDT[19] : NtAllocateVirtualMemory @ 0x82E76CBC -> HOOKED (Unknown @ 0x8784E4D0)
  35. [Address] SSDT[22] : NtAlpcConnectPort @ 0x82EC259E -> HOOKED (Unknown @ 0x8700F2E8)
  36. [Address] SSDT[43] : NtAssignProcessToJobObject @ 0x82E4C0CC -> HOOKED (Unknown @ 0x87853DE8)
  37. [Address] SSDT[74] : NtCreateMutant @ 0x82E5D35A -> HOOKED (Unknown @ 0x878493A8)
  38. [Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x82E4E9D4 -> HOOKED (Unknown @ 0x87853BE0)
  39. [Address] SSDT[87] : NtCreateThread @ 0x82F28FDA -> HOOKED (Unknown @ 0x87854E08)
  40. [Address] SSDT[88] : NtCreateThreadEx @ 0x82EBD4AB -> HOOKED (Unknown @ 0x87853C88)
  41. [Address] SSDT[96] : NtDebugActiveProcess @ 0x82EFAEDA -> HOOKED (Unknown @ 0x87853E80)
  42. [Address] SSDT[111] : NtDuplicateObject @ 0x82E7E761 -> HOOKED (Unknown @ 0x87849120)
  43. [Address] SSDT[131] : NtFreeVirtualMemory @ 0x82D0582C -> HOOKED (Unknown @ 0x8784E360)
  44. [Address] SSDT[145] : NtImpersonateAnonymousToken @ 0x82E42970 -> HOOKED (Unknown @ 0x87849450)
  45. [Address] SSDT[147] : NtImpersonateThread @ 0x82EC6992 -> HOOKED (Unknown @ 0x878494E8)
  46. [Address] SSDT[155] : NtLoadDriver @ 0x82E12C40 -> HOOKED (Unknown @ 0x87078600)
  47. [Address] SSDT[168] : NtMapViewOfSection @ 0x82E935F1 -> HOOKED (Unknown @ 0x87849A30)
  48. [Address] SSDT[177] : NtOpenEvent @ 0x82E5CD56 -> HOOKED (Unknown @ 0x87849310)
  49. [Address] SSDT[190] : NtOpenProcess @ 0x82E5EBA1 -> HOOKED (Unknown @ 0x877BB578)
  50. [Address] SSDT[191] : NtOpenProcessToken @ 0x82EB137F -> HOOKED (Unknown @ 0x87849088)
  51. [Address] SSDT[194] : NtOpenSection @ 0x82EB69FB -> HOOKED (Unknown @ 0x87853FD0)
  52. [Address] SSDT[198] : NtOpenThread @ 0x82EAB102 -> HOOKED (Unknown @ 0x877BB4F0)
  53. [Address] SSDT[215] : NtProtectVirtualMemory @ 0x82E8F651 -> HOOKED (Unknown @ 0x87853D40)
  54. [Address] SSDT[304] : NtResumeThread @ 0x82EBD6D2 -> HOOKED (Unknown @ 0x878496B0)
  55. [Address] SSDT[316] : NtSetContextThread @ 0x82F2A84F -> HOOKED (Unknown @ 0x87849878)
  56. [Address] SSDT[333] : NtSetInformationProcess @ 0x82E85875 -> HOOKED (Unknown @ 0x87849910)
  57. [Address] SSDT[350] : NtSetSystemInformation @ 0x82E9B37A -> HOOKED (Unknown @ 0x87853F18)
  58. [Address] SSDT[366] : NtSuspendProcess @ 0x82F2ACDF -> HOOKED (Unknown @ 0x87849278)
  59. [Address] SSDT[367] : NtSuspendThread @ 0x82EE21CB -> HOOKED (Unknown @ 0x87849748)
  60. [Address] SSDT[370] : NtTerminateProcess @ 0x82EA7D9A -> HOOKED (Unknown @ 0x8784B518)
  61. [Address] SSDT[371] : NtTerminateThread @ 0x82EC56CB -> HOOKED (Unknown @ 0x878497E0)
  62. [Address] SSDT[385] : NtUnmapViewOfSection @ 0x82EB19BA -> HOOKED (Unknown @ 0x878499B8)
  63. [Address] SSDT[399] : NtWriteVirtualMemory @ 0x82EACA97 -> HOOKED (Unknown @ 0x8784E408)
  64. [Address] Shadow SSDT[318] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x86F204B0)
  65. [Address] Shadow SSDT[402] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x86F206C0)
  66. [Address] Shadow SSDT[434] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x86F20648)
  67. [Address] Shadow SSDT[436] : NtUserGetKeyState -> HOOKED (Unknown @ 0x86F248F8)
  68. [Address] Shadow SSDT[448] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x86F18340)
  69. [Address] Shadow SSDT[490] : NtUserMessageCall -> HOOKED (Unknown @ 0x86F24AF0)
  70. [Address] Shadow SSDT[508] : NtUserPostMessage -> HOOKED (Unknown @ 0x86F19DD0)
  71. [Address] Shadow SSDT[509] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x86F24B38)
  72. [Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x88A65E58)
  73. [Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x86F20788)
  74. [Address] EAT @explorer.exe (BeginBufferedAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F09AE)
  75. [Address] EAT @explorer.exe (BeginBufferedPaint) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E49A1)
  76. [Address] EAT @explorer.exe (BeginPanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74210731)
  77. [Address] EAT @explorer.exe (BufferedPaintClear) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E6395)
  78. [Address] EAT @explorer.exe (BufferedPaintInit) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E940E)
  79. [Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F08ED)
  80. [Address] EAT @explorer.exe (BufferedPaintSetAlpha) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741FE6B3)
  81. [Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741FD395)
  82. [Address] EAT @explorer.exe (BufferedPaintUnInit) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E94AB)
  83. [Address] EAT @explorer.exe (CloseThemeData) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E6A18)
  84. [Address] EAT @explorer.exe (DrawThemeBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E3982)
  85. [Address] EAT @explorer.exe (DrawThemeBackgroundEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741FD9DA)
  86. [Address] EAT @explorer.exe (DrawThemeEdge) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74203B52)
  87. [Address] EAT @explorer.exe (DrawThemeIcon) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742135E7)
  88. [Address] EAT @explorer.exe (DrawThemeParentBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E53E5)
  89. [Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E51BF)
  90. [Address] EAT @explorer.exe (DrawThemeText) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E4EA1)
  91. [Address] EAT @explorer.exe (DrawThemeTextEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E63E6)
  92. [Address] EAT @explorer.exe (EnableThemeDialogTexture) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EFCAF)
  93. [Address] EAT @explorer.exe (EnableTheming) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212FEB)
  94. [Address] EAT @explorer.exe (EndBufferedAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E3F9A)
  95. [Address] EAT @explorer.exe (EndBufferedPaint) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E3F9A)
  96. [Address] EAT @explorer.exe (EndPanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742106CC)
  97. [Address] EAT @explorer.exe (GetBufferedPaintBits) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E4BAF)
  98. [Address] EAT @explorer.exe (GetBufferedPaintDC) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F04BC)
  99. [Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F0473)
  100. [Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212E7F)
  101. [Address] EAT @explorer.exe (GetCurrentThemeName) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F05DD)
  102. [Address] EAT @explorer.exe (GetThemeAppProperties) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F0FB1)
  103. [Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741ECD2E)
  104. [Address] EAT @explorer.exe (GetThemeBackgroundExtent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EF8BF)
  105. [Address] EAT @explorer.exe (GetThemeBackgroundRegion) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F165D)
  106. [Address] EAT @explorer.exe (GetThemeBitmap) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EBF93)
  107. [Address] EAT @explorer.exe (GetThemeBool) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E7C1F)
  108. [Address] EAT @explorer.exe (GetThemeColor) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E616C)
  109. [Address] EAT @explorer.exe (GetThemeDocumentationProperty) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212932)
  110. [Address] EAT @explorer.exe (GetThemeEnumValue) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E616C)
  111. [Address] EAT @explorer.exe (GetThemeFilename) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212412)
  112. [Address] EAT @explorer.exe (GetThemeFont) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EFF21)
  113. [Address] EAT @explorer.exe (GetThemeInt) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E616C)
  114. [Address] EAT @explorer.exe (GetThemeIntList) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742123B1)
  115. [Address] EAT @explorer.exe (GetThemeMargins) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E86E9)
  116. [Address] EAT @explorer.exe (GetThemeMetric) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F06E2)
  117. [Address] EAT @explorer.exe (GetThemePartSize) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741ECDB1)
  118. [Address] EAT @explorer.exe (GetThemePosition) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212350)
  119. [Address] EAT @explorer.exe (GetThemePropertyOrigin) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74203FBB)
  120. [Address] EAT @explorer.exe (GetThemeRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F3611)
  121. [Address] EAT @explorer.exe (GetThemeStream) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F39D9)
  122. [Address] EAT @explorer.exe (GetThemeString) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742122E4)
  123. [Address] EAT @explorer.exe (GetThemeSysBool) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74213172)
  124. [Address] EAT @explorer.exe (GetThemeSysColor) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74203274)
  125. [Address] EAT @explorer.exe (GetThemeSysColorBrush) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7421301E)
  126. [Address] EAT @explorer.exe (GetThemeSysFont) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742129C4)
  127. [Address] EAT @explorer.exe (GetThemeSysInt) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212BD3)
  128. [Address] EAT @explorer.exe (GetThemeSysSize) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7421320B)
  129. [Address] EAT @explorer.exe (GetThemeSysString) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74212B3F)
  130. [Address] EAT @explorer.exe (GetThemeTextExtent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E2D57)
  131. [Address] EAT @explorer.exe (GetThemeTextMetrics) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EF992)
  132. [Address] EAT @explorer.exe (GetThemeTransitionDuration) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F1081)
  133. [Address] EAT @explorer.exe (GetWindowTheme) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EDF46)
  134. [Address] EAT @explorer.exe (HitTestThemeBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F3CE3)
  135. [Address] EAT @explorer.exe (IsAppThemed) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EF869)
  136. [Address] EAT @explorer.exe (IsCompositionActive) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E2E9A)
  137. [Address] EAT @explorer.exe (IsThemeActive) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EF785)
  138. [Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E60AB)
  139. [Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7421312B)
  140. [Address] EAT @explorer.exe (IsThemePartDefined) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E85B4)
  141. [Address] EAT @explorer.exe (OpenThemeData) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741E73D2)
  142. [Address] EAT @explorer.exe (OpenThemeDataEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74203D43)
  143. [Address] EAT @explorer.exe (SetThemeAppProperties) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74213296)
  144. [Address] EAT @explorer.exe (SetWindowTheme) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741F0134)
  145. [Address] EAT @explorer.exe (SetWindowThemeAttribute) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741FCFE6)
  146. [Address] EAT @explorer.exe (ThemeInitApiHook) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741EB176)
  147. [Address] EAT @explorer.exe (UpdatePanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7421068D)
  148. [Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7CF9D)
  149. [Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E000)
  150. [Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E029)
  151. [Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E049)
  152. [Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD2A)
  153. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EA9A)
  154. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EABD)
  155. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EAE0)
  156. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E9D3)
  157. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E9F6)
  158. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EA1F)
  159. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EA71)
  160. [Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EA48)
  161. [Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D845)
  162. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E9AA)
  163. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D822)
  164. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D9A2)
  165. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D868)
  166. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D8DA)
  167. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC74)
  168. [Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E9D3)
  169. [Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC05)
  170. [Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DB87)
  171. [Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DB5E)
  172. [Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D9A2)
  173. [Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DB32)
  174. [Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DBDC)
  175. [Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DBB3)
  176. [Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD2A)
  177. [Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D88E)
  178. [Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D8DA)
  179. [Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D8B7)
  180. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D9C5)
  181. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB03)
  182. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DFB7)
  183. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DB06)
  184. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DA17)
  185. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D9E5)
  186. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DADD)
  187. [Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DA71)
  188. [Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7FC)
  189. [Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC25)
  190. [Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DCFE)
  191. [Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D822)
  192. [Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC48)
  193. [Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC25)
  194. [Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7FC)
  195. [Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D91D)
  196. [Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E981)
  197. [Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC74)
  198. [Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC97)
  199. [Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB75)
  200. [Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7AA)
  201. [Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7D3)
  202. [Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E958)
  203. [Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC25)
  204. [Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E9AA)
  205. [Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D88E)
  206. [Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E981)
  207. [Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D8FD)
  208. [Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC25)
  209. [Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DCC7)
  210. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D557)
  211. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D580)
  212. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D6BA)
  213. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D6E6)
  214. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D656)
  215. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D62D)
  216. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D52E)
  217. [Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D68B)
  218. [Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D4D9)
  219. [Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D4A1)
  220. [Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D466)
  221. [Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D42E)
  222. [Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D5D2)
  223. [Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D70C)
  224. [Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxjž¯0šuø"ú) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D732)
  225. [Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D505)
  226. [Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DADD)
  227. [Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D781)
  228. [Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D758)
  229. [Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D5A9)
  230. [Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DC25)
  231. [Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7FC)
  232. [Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DFB7)
  233. [Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D822)
  234. [Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E049)
  235. [Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D7FC)
  236. [Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D8DA)
  237. [Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DFDA)
  238. [Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D96C)
  239. [Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D88E)
  240. [Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D845)
  241. [Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D9A2)
  242. [Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB75)
  243. [Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D943)
  244. [Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D822)
  245. [Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D91D)
  246. [Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB03)
  247. [Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD50)
  248. [Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB26)
  249. [Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD50)
  250. [Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD73)
  251. [Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DDB8)
  252. [Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DF8D)
  253. [Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DE8C)
  254. [Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7EB52)
  255. [Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D02B)
  256. [Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E61D)
  257. [Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D0EC)
  258. [Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D2E0)
  259. [Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7D217)
  260. [Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E072)
  261. [Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7E1B4)
  262. [Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C7DD99)
  263.  
  264. ¤¤¤ External Hives: ¤¤¤
  265.  
  266. ¤¤¤ Infection : ¤¤¤
  267.  
  268. ¤¤¤ HOSTS File: ¤¤¤
  269. --> %SystemRoot%\System32\drivers\etc\hosts
  270.  
  271.  
  272.  
  273.  
  274. ¤¤¤ MBR Check: ¤¤¤
  275.  
  276. +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEKT-75PVMT1 ATA Device +++++
  277. --- User ---
  278. [MBR] f88788294d0fbd1c04db5e6c38e2c6a8
  279. [BSP] 8e1d4840fb5f4035f51b1b80d64798d7 : Windows 7/8 MBR Code
  280. Partition table:
  281. 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
  282. 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 300 MB
  283. 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 696320 | Size: 304904 MB
  284. User = LL1 ... OK!
  285. User = LL2 ... OK!
  286.  
  287. Finished : << RKreport[0]_S_04022014_165039.txt >>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!