potrebujem pomoc, tu je moj post: viewtopic.php?f=47&t=133050 mám problém s reklamami ktoré mi vyskakuju na boku vo windowse, schovajú sa samé po 5 minutach, nejdú dať preč.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:58, on 26. 5. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
FIREFOX: 29.0.1 (cs)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows Portable Devices\Windows_Update.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\Program Files\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Vidalia Bundle\Polipo\polipo.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\SBD\AppData\Local\GC\Runner.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\SBD\AppData\Local\GC\updater.exe
C:\Windows\system32\ntvdm.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Users\SBD\AppData\Local\GC\Clicker.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\SBD\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zive.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MediaWatchV1home2142 - {00dfd4c1-62f8-42f7-b476-9c750c10493f} - C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ie\MediaWatchV1home2142.dll (file missing)
O2 - BHO: MediaBuzzV1mode7083 - {0918ed53-7e6e-4fc1-a010-82a9ae1abcd0} - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ie\MediaBuzzV1mode7083.dll (file missing)
O2 - BHO: BetterSrf - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll
O2 - BHO: MediaViewV1alpha639 - {1b6f3093-bb0d-4916-ab65-ef48027238ad} - C:\Program Files\MediaViewV1\MediaViewV1alpha639\ie\MediaViewV1alpha639.dll (file missing)
O2 - BHO: MediaViewerV1alpha1617 - {3508904b-4fa5-47c0-9bb8-e107f8843eb4} - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ie\MediaViewerV1alpha1617.dll (file missing)
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: MediaViewV1alpha2201 - {5780c550-d494-4509-975c-142d3334b62a} - C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ie\MediaViewV1alpha2201.dll (file missing)
O2 - BHO: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files\BetterSurf\ie\BetterSurf.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
O2 - BHO: BetterSrf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaPlayerV1alpha985 - {9d3a1be7-f342-400f-bc44-a597252e385d} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ie\MediaPlayerV1alpha985.dll (file missing)
O2 - BHO: Kozaka - {a45e3fa8-5048-4372-94ad-c6661671f7fc} - C:\Program Files\Kozaka\KozakaBHO.dll (file missing)
O2 - BHO: WebexpEnhancedV1alpha7095 - {adc61b89-7943-4f69-a4ea-3e0ec98c8011} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ie\WebexpEnhancedV1alpha7095.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
O2 - BHO: VideoPlayerV3beta182 - {e53b54e2-8ede-4e1f-a0f1-a94a2730a971} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ie\VideoPlayerV3beta182.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Cobian Backup 10] "C:\Program Files\Cobian Backup 10\Cobian.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MicrosoftUpdate] C:\Windows Portable Devices\Windows_Update.exe
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\Program Files\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} (Remote200 Control) - http://192.168.1.100/RemoteWeb.cab
O16 - DPF: {5FFDFC21-AE40-4C7C-955C-415A1ACE01C8} (CViewerControl Object) - http://192.168.1.100/VideoViewer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 12036 bytes
prosím o pomoc s nežiadúcou reklamou.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o pomoc s nežiadúcou reklamou.
Platform: Windows 7 -- potom doinstaluj SP1!!
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím o pomoc s nežiadúcou reklamou.
tu to je z adwcleanera:
# AdwCleaner v3.211 - Report created 27/05/2014 at 07:26:21
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : SBD - SBD-PC
# Running from : C:\Users\SBD\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\user.js
File Found : C:\Windows\System32\Tasks\Escolade
File Found : C:\Windows\System32\Tasks\YourFile DownloaderUpdate
Folder Found : C:\Program Files\BetterSurf
Folder Found : C:\Program Files\Better-Surf
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\GreenTree Applications
Folder Found : C:\Program Files\MediaPlayerV1
Folder Found : C:\Program Files\MediaViewerV1
Folder Found : C:\Program Files\MediaViewV1
Folder Found : C:\Program Files\MediaWatchV1
Folder Found : C:\Program Files\MyPC Backup
Folder Found : C:\Program Files\VideoPlayerV3
Folder Found : C:\Program Files\WebexpEnhancedV1
Folder Found : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Found : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Folder Found : C:\Users\SBD\AppData\Roaming\iPumper
Folder Found : C:\Users\SBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPumper
Folder Found : C:\Users\SBD\AppData\Roaming\pdfforge
Folder Found : C:\Users\SBD\AppData\Roaming\YourFileDownloader
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\Software\MediaPlayerV1
Key Found : HKLM\Software\MediaViewerV1
Key Found : HKLM\Software\MediaViewV1
Key Found : HKLM\Software\MediaWatchV1
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881983A1-1244-4E0F-B263-AA91A49634D0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881983A1-1244-4E0F-B263-AA91A49634D0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Speedchecker Limited
Key Found : HKLM\Software\YourFileDownloader
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16671
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.facemoods.com/?a=ddrnw&f=2
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : dedmngkbaffkenlfdcbganndoghblmap
Found [Extension] : poheodfamflhhhdcmjfeggbgigeefaco
*************************
AdwCleaner[R0].txt - [11820 octets] - [27/05/2014 07:26:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11881 octets] ##########
# AdwCleaner v3.211 - Report created 27/05/2014 at 07:26:21
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : SBD - SBD-PC
# Running from : C:\Users\SBD\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\user.js
File Found : C:\Windows\System32\Tasks\Escolade
File Found : C:\Windows\System32\Tasks\YourFile DownloaderUpdate
Folder Found : C:\Program Files\BetterSurf
Folder Found : C:\Program Files\Better-Surf
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\GreenTree Applications
Folder Found : C:\Program Files\MediaPlayerV1
Folder Found : C:\Program Files\MediaViewerV1
Folder Found : C:\Program Files\MediaViewV1
Folder Found : C:\Program Files\MediaWatchV1
Folder Found : C:\Program Files\MyPC Backup
Folder Found : C:\Program Files\VideoPlayerV3
Folder Found : C:\Program Files\WebexpEnhancedV1
Folder Found : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Found : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Folder Found : C:\Users\SBD\AppData\Roaming\iPumper
Folder Found : C:\Users\SBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPumper
Folder Found : C:\Users\SBD\AppData\Roaming\pdfforge
Folder Found : C:\Users\SBD\AppData\Roaming\YourFileDownloader
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\Software\MediaPlayerV1
Key Found : HKLM\Software\MediaViewerV1
Key Found : HKLM\Software\MediaViewV1
Key Found : HKLM\Software\MediaWatchV1
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881983A1-1244-4E0F-B263-AA91A49634D0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881983A1-1244-4E0F-B263-AA91A49634D0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Speedchecker Limited
Key Found : HKLM\Software\YourFileDownloader
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16671
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.facemoods.com/?a=ddrnw&f=2
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : dedmngkbaffkenlfdcbganndoghblmap
Found [Extension] : poheodfamflhhhdcmjfeggbgigeefaco
*************************
AdwCleaner[R0].txt - [11820 octets] - [27/05/2014 07:26:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11881 octets] ##########
Re: prosím o pomoc s nežiadúcou reklamou.
log z malware:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 27. 5. 2014
Scan Time: 7:38:31
Logfile: malware.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.27.04
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: SBD
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239245
Time Elapsed: 6 min, 28 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, 3908, , [df8197bffa8153e332a05aca77894eb2]
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, 2720, , [ed73ce8882f90e286cf257d9649f53ad]
Modules: 0
(No malicious items detected)
Registry Keys: 119
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{DD3A66B9-8A7C-4C3C-8D60-DB225A60D69C}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{881E49A1-8325-4B19-AE6F-B889A40D073A}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}\INPROCSERVER32, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{0113A098-06EA-4776-A011-D75590778F1E}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{462862BE-9A5C-49A5-9CBD-A649EAC63645}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}\INPROCSERVER32, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{BEAA0C04-ED15-4C17-800B-28716025A4E4}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{65B07D06-95A1-409D-93FF-8CB14E1EC86A}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}\INPROCSERVER32, , [dc84ababf586af8739e3350b2bd6ec14],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{0113A098-06EA-4776-A011-D75590778F1E}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{462862BE-9A5C-49A5-9CBD-A649EAC63645}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}\INPROCSERVER32, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}\INPROCSERVER32, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{BEAA0C04-ED15-4C17-800B-28716025A4E4}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65B07D06-95A1-409D-93FF-8CB14E1EC86A}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\CLSID\{a45e3fa8-5048-4372-94ad-c6661671f7fc}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7357a44b-d09f-40da-9b0b-639c741a471d}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C5C68B66-D3BF-4EF2-9AAD-8C15B10039FF}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, , [411f63f3ee8d1a1ceaf38aa39b67fd03],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [0a569fb713683afce0fb4ce1e220946c],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [0a569fb713683afce0fb4ce1e220946c],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [d68af1652a514ee887550429a9595ba5],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [d68af1652a514ee887550429a9595ba5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1, , [1b45b99d4d2ea78f3c5a781aae54c937],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1mode7083, , [90d0b2a44338c76f9105a8eae81a5ba5],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MediaPlayerV1alpha985, , [b9a7aaacc3b837ffafa25d479e641de3],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MediaViewerV1alpha1617, , [bba5a3b3186355e1e7c4940b9a68738d],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha2201, , [164a99bd3f3c300616e7fda132d0d52b],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha639, , [78e869edcfac54e25f9e821cc73b53ad],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MediaWatchV1home2142, , [afb1f6609be0dd596600a235689b669a],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dedmngkbaffkenlfdcbganndoghblmap, , [c99766f0c6b5a09645ec523d2bd731cf],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\poheodfamflhhhdcmjfeggbgigeefaco, , [07598bcba2d9b284928b227943bf619f],
PUP.Optional.Webexp, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webexp Enhanced, , [19473c1a67140e284dc55552ee14fe02],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [3927dc7a0b701026c4e2b4e19171956b],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Better Surf Plus, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{DD3A66B9-8A7C-4C3C-8D60-DB225A60D69C}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{881E49A1-8325-4B19-AE6F-B889A40D073A}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}\INPROCSERVER32, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaPlayerV1alpha985, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewerV1alpha1617, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha2201, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha639, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaWatchV1home2142, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Video Player, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00dfd4c1-62f8-42f7-b476-9c750c10493f}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\CLSID\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{22da53e2-2abe-47a3-bfa5-f6b0d5e83a95}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9573339B-2476-4100-8886-395295DA139F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0918ed53-7e6e-4fc1-a010-82a9ae1abcd0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6f29ad3d-d066-4959-84d9-2e2b91c5e460}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C2868F-FE0E-4B37-8C8C-07C855AE9B5E}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1b6f3093-bb0d-4916-ab65-ef48027238ad}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e37a3d81-f8f6-4520-a700-66666c6f83eb}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{580672F5-AA00-415F-A22E-B1C1B52AF8FD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3508904b-4fa5-47c0-9bb8-e107f8843eb4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\CLSID\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93aee8d2-6444-4af7-a8d0-90a7915831bd}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B8DBE3D-0777-41D0-8597-8474EAD7C233}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5780c550-d494-4509-975c-142d3334b62a}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0ff97d0d-1ecc-491a-9a45-e5fe3dfdea8c}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BD28A8B-7469-4429-BA8C-FB128D503EA2}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9d3a1be7-f342-400f-bc44-a597252e385d}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\CLSID\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5491987a-b715-4f60-9ce6-a861277c60e7}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65ABE3B6-EAFF-4079-9C8A-E446B9333EEF}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{adc61b89-7943-4f69-a4ea-3e0ec98c8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\CLSID\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4f10c754-19e7-4e0d-b0ec-e1a8865b12b8}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F269A329-0882-4943-BC87-DD549276AE8B}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{e53b54e2-8ede-4e1f-a0f1-a94a2730a971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\CLSID\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{11405bba-73eb-4abc-a601-57289f88042b}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D09D541-D2C5-4730-AD01-A16976C51CD8}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
Registry Values: 11
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.facemoods.com/?a=ddrnw&f=2, , [afb1c1957308ae888abb1c7d6f9301ff]
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftUpdate, C:\Windows Portable Devices\Windows_Update.exe, , [ed73ce8882f90e286cf257d9649f53ad]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@bettersurfplus.com, C:\Program Files\BetterSurf\BetterSurfPlus\ff, , [3c248cca95e6152198dbc9d6f50d1fe1]
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha7095.net, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, , [80e0272fdaa1a492995febb89a68d927]
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta182.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, , [8dd34b0b0d6ed06648071585d62ced13]
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaPlayerV1alpha985.net, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, , [560a1046205be452f062bbe9758d9868]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewerV1alpha1617.net, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, , [3c24104690eb072f1c909f00976bfa06]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha2201.net, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, , [d18fbd997a0158de52ac712dc141ce32]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha639.net, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, , [5f013c1a245739fd49b5336b689ae11f]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home2142.net, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, , [2f31282e8cef1521c4a3c21509fac23e]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode7083.net, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, , [d789c69058233ff78b0cd4bee41ea65a]
Registry Data: 1
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4, Good: (www.google.com), Bad: (http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4),,[b6aa2d29de9dd363dd53c990e81cb34d]
Folders: 93
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ch, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\default, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ch, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ie, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ch, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ie, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ch, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\default, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ie, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ch, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\default, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ie, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ch, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\default, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ie, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ch, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\default, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ie, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ch, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\default, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ie, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ch, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\default, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ie, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ch, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\default, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ie, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ie, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0, , [a6ba5bfb0f6c54e2484f364fb949fb05],
Files: 126
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, , [df8197bffa8153e332a05aca77894eb2],
Adware.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, C:\Program Files\BetterSurf\ie\BetterSurf.dll, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, C:\Program Files\Better-Surf\ie\BetterSrf.dll, , [dc84ababf586af8739e3350b2bd6ec14],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ie\BetterSurf.dll, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf.A, C:\Program Files\Better-Surf\ie\BetterSrf.dll, , [61ff34223942e94dc7212a04808210f0],
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, , [ed73ce8882f90e286cf257d9649f53ad],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\uninstall.exe, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome.manifest, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\install.rdf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\better-surf.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\firefox.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\overlay.xul, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\Thumbs.db, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\default\star1_32.png, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amiextension.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amihelper.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amilocal.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\chaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\chback.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\ffaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\hostutils.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\ieaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ch\Chrome.crx, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\BetterSurf.xpi, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\build.cmd, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome.manifest, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\install.rdf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\firefox.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\inject.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\overlay.xul, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ch\Chrome.crx, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\Better-Surf.xpi, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\build.cmd, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome.manifest, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\install.rdf, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\better-surf.js, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\firefox.js, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\overlay.xul, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\uninstall.exe, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ch\WebexpEnhancedV1alpha7095.crx, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome.manifest, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\install.rdf, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\ffWebexpEnhancedV1alpha7095.js, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\ffWebexpEnhancedV1alpha7095ffaction.js, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\overlay.xul, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\Thumbs.db, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\default\WebexpEnhancedV1alpha7095_32.png, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\uninstall.exe, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ch\MediaPlayerV1alpha985.crx, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome.manifest, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\install.rdf, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\ffMediaPlayerV1alpha985.js, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\ffMediaPlayerV1alpha985ffaction.js, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\overlay.xul, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\Thumbs.db, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\default\MediaPlayerV1alpha985_32.png, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\uninstall.exe, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ch\MediaViewerV1alpha1617.crx, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome.manifest, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\install.rdf, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\ffMediaViewerV1alpha1617.js, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\ffMediaViewerV1alpha1617ffaction.js, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\overlay.xul, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\Thumbs.db, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\default\MediaViewerV1alpha1617_32.png, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\uninstall.exe, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ch\MediaViewV1alpha2201.crx, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome.manifest, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\install.rdf, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\ffMediaViewV1alpha2201.js, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\ffMediaViewV1alpha2201ffaction.js, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\overlay.xul, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\Thumbs.db, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\default\MediaViewV1alpha2201_32.png, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\uninstall.exe, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ch\MediaViewV1alpha639.crx, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome.manifest, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\install.rdf, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\ffMediaViewV1alpha639.js, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\ffMediaViewV1alpha639ffaction.js, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\overlay.xul, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\Thumbs.db, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\default\MediaViewV1alpha639_32.png, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\BetterSrf.js, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\icon.ico, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\manifest.json, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\uninstall.exe, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ch\MediaWatchV1home2142.crx, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome.manifest, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\install.rdf, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\ffMediaWatchV1home2142.js, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\ffMediaWatchV1home2142ffaction.js, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\overlay.xul, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\Thumbs.db, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\default\MediaWatchV1home2142_32.png, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\uninstall.exe, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ch\VideoPlayerV3beta182.crx, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome.manifest, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\install.rdf, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\ffVideoPlayerV3beta182.js, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\ffVideoPlayerV3beta182ffaction.js, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\overlay.xul, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\Thumbs.db, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\default\VideoPlayerV3beta182_32.png, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\BetterSrf.js, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\icon.ico, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\manifest.json, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_128.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_16.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_48.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star_64.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\Thumbs.db, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch\MediaBuzzV1mode7083.crx, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome.manifest, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\install.rdf, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083.js, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083ffaction.js, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\overlay.xul, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\Thumbs.db, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default\MediaBuzzV1mode7083_32.png, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\icon.ico, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\inject.js, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\manifest.json, , [a6ba5bfb0f6c54e2484f364fb949fb05],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 27. 5. 2014
Scan Time: 7:38:31
Logfile: malware.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.27.04
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: SBD
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239245
Time Elapsed: 6 min, 28 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, 3908, , [df8197bffa8153e332a05aca77894eb2]
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, 2720, , [ed73ce8882f90e286cf257d9649f53ad]
Modules: 0
(No malicious items detected)
Registry Keys: 119
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{DD3A66B9-8A7C-4C3C-8D60-DB225A60D69C}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{881E49A1-8325-4B19-AE6F-B889A40D073A}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}\INPROCSERVER32, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{0113A098-06EA-4776-A011-D75590778F1E}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{462862BE-9A5C-49A5-9CBD-A649EAC63645}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}\INPROCSERVER32, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{BEAA0C04-ED15-4C17-800B-28716025A4E4}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{65B07D06-95A1-409D-93FF-8CB14E1EC86A}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [dc84ababf586af8739e3350b2bd6ec14],
Adware.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}\INPROCSERVER32, , [dc84ababf586af8739e3350b2bd6ec14],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{0113A098-06EA-4776-A011-D75590778F1E}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{462862BE-9A5C-49A5-9CBD-A649EAC63645}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}\INPROCSERVER32, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}\INPROCSERVER32, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{BEAA0C04-ED15-4C17-800B-28716025A4E4}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65B07D06-95A1-409D-93FF-8CB14E1EC86A}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.BetterSurf.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}, , [61ff34223942e94dc7212a04808210f0],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\CLSID\{a45e3fa8-5048-4372-94ad-c6661671f7fc}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7357a44b-d09f-40da-9b0b-639c741a471d}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C5C68B66-D3BF-4EF2-9AAD-8C15B10039FF}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.Kozaka.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A45E3FA8-5048-4372-94AD-C6661671F7FC}, , [57094a0c81fa68ce3fc20d24788a867a],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, , [411f63f3ee8d1a1ceaf38aa39b67fd03],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [0a569fb713683afce0fb4ce1e220946c],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [0a569fb713683afce0fb4ce1e220946c],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [d68af1652a514ee887550429a9595ba5],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [d68af1652a514ee887550429a9595ba5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1, , [1b45b99d4d2ea78f3c5a781aae54c937],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1mode7083, , [90d0b2a44338c76f9105a8eae81a5ba5],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MediaPlayerV1alpha985, , [b9a7aaacc3b837ffafa25d479e641de3],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MediaViewerV1alpha1617, , [bba5a3b3186355e1e7c4940b9a68738d],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha2201, , [164a99bd3f3c300616e7fda132d0d52b],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha639, , [78e869edcfac54e25f9e821cc73b53ad],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MediaWatchV1home2142, , [afb1f6609be0dd596600a235689b669a],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dedmngkbaffkenlfdcbganndoghblmap, , [c99766f0c6b5a09645ec523d2bd731cf],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\poheodfamflhhhdcmjfeggbgigeefaco, , [07598bcba2d9b284928b227943bf619f],
PUP.Optional.Webexp, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webexp Enhanced, , [19473c1a67140e284dc55552ee14fe02],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [3927dc7a0b701026c4e2b4e19171956b],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Better Surf Plus, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\TYPELIB\{DD3A66B9-8A7C-4C3C-8D60-DB225A60D69C}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\INTERFACE\{881E49A1-8325-4B19-AE6F-B889A40D073A}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1824FF90-C98E-48A6-838F-E3B6572B0C77}, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, HKLM\SOFTWARE\CLASSES\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}\INPROCSERVER32, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaPlayerV1alpha985, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewerV1alpha1617, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha2201, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha639, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaWatchV1home2142, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Video Player, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00dfd4c1-62f8-42f7-b476-9c750c10493f}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\CLSID\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{22da53e2-2abe-47a3-bfa5-f6b0d5e83a95}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9573339B-2476-4100-8886-395295DA139F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, , [6bf577dfa6d52214f581e9735da71ae6],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0918ed53-7e6e-4fc1-a010-82a9ae1abcd0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6f29ad3d-d066-4959-84d9-2e2b91c5e460}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C2868F-FE0E-4B37-8C8C-07C855AE9B5E}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, , [253bc88e7dfe1d19aa47570522e24bb5],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1b6f3093-bb0d-4916-ab65-ef48027238ad}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e37a3d81-f8f6-4520-a700-66666c6f83eb}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{580672F5-AA00-415F-A22E-B1C1B52AF8FD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, , [88d8d482ea9143f36dc9d587c83ccc34],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3508904b-4fa5-47c0-9bb8-e107f8843eb4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\CLSID\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93aee8d2-6444-4af7-a8d0-90a7915831bd}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B8DBE3D-0777-41D0-8597-8474EAD7C233}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, , [74ec80d6afcc2f0749e9aeae798b07f9],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5780c550-d494-4509-975c-142d3334b62a}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0ff97d0d-1ecc-491a-9a45-e5fe3dfdea8c}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BD28A8B-7469-4429-BA8C-FB128D503EA2}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5780C550-D494-4509-975C-142D3334B62A}, , [134d3b1b87f4e94d49ed05574bb94fb1],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9d3a1be7-f342-400f-bc44-a597252e385d}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\CLSID\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5491987a-b715-4f60-9ce6-a861277c60e7}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65ABE3B6-EAFF-4079-9C8A-E446B9333EEF}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, , [fd636cea156696a0e82f92caf311b34d],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{adc61b89-7943-4f69-a4ea-3e0ec98c8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\CLSID\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4f10c754-19e7-4e0d-b0ec-e1a8865b12b8}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F269A329-0882-4943-BC87-DD549276AE8B}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, , [6cf4b99d6d0e45f1f92599c358ac02fe],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{e53b54e2-8ede-4e1f-a0f1-a94a2730a971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\CLSID\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{11405bba-73eb-4abc-a601-57289f88042b}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D09D541-D2C5-4730-AD01-A16976C51CD8}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, , [204035214437d0665128a7b58e7608f8],
Registry Values: 11
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.facemoods.com/?a=ddrnw&f=2, , [afb1c1957308ae888abb1c7d6f9301ff]
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftUpdate, C:\Windows Portable Devices\Windows_Update.exe, , [ed73ce8882f90e286cf257d9649f53ad]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@bettersurfplus.com, C:\Program Files\BetterSurf\BetterSurfPlus\ff, , [3c248cca95e6152198dbc9d6f50d1fe1]
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha7095.net, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, , [80e0272fdaa1a492995febb89a68d927]
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta182.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, , [8dd34b0b0d6ed06648071585d62ced13]
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaPlayerV1alpha985.net, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, , [560a1046205be452f062bbe9758d9868]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewerV1alpha1617.net, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, , [3c24104690eb072f1c909f00976bfa06]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha2201.net, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, , [d18fbd997a0158de52ac712dc141ce32]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha639.net, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, , [5f013c1a245739fd49b5336b689ae11f]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home2142.net, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, , [2f31282e8cef1521c4a3c21509fac23e]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode7083.net, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, , [d789c69058233ff78b0cd4bee41ea65a]
Registry Data: 1
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4, Good: (www.google.com), Bad: (http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4),,[b6aa2d29de9dd363dd53c990e81cb34d]
Folders: 93
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ch, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\default, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ch, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ie, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ch, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ie, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ch, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\default, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ie, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ch, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\default, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ie, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ch, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\default, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ie, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ch, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\default, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ie, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ch, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\default, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ie, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ch, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\default, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ie, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ch, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\default, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ie, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ie, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0, , [a6ba5bfb0f6c54e2484f364fb949fb05],
Files: 126
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, , [df8197bffa8153e332a05aca77894eb2],
Adware.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll, , [332d371f8fecd1653ce0dc647c85867a],
Adware.BetterSurf, C:\Program Files\BetterSurf\ie\BetterSurf.dll, , [1e42c39390eb3600528956ea58a9f20e],
Adware.BetterSurf, C:\Program Files\Better-Surf\ie\BetterSrf.dll, , [dc84ababf586af8739e3350b2bd6ec14],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ie\BetterSurf.dll, , [80e0cc8a3b4056e0e8fd0d23a26054ac],
PUP.Optional.BetterSurf.A, C:\Program Files\Better-Surf\ie\BetterSrf.dll, , [61ff34223942e94dc7212a04808210f0],
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, , [ed73ce8882f90e286cf257d9649f53ad],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\uninstall.exe, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome.manifest, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\install.rdf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\better-surf.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\firefox.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\overlay.xul, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\Thumbs.db, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\icons\default\star1_32.png, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amiextension.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amihelper.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\amilocal.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\chaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\chback.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\ffaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\hostutils.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ff\chrome\content\utils\ieaddon.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ch\Chrome.crx, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\BetterSurf.xpi, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\build.cmd, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome.manifest, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\install.rdf, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\firefox.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\inject.js, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\BetterSurf\ff\chrome\content\overlay.xul, , [90d0da7cd0ab0333d6a6cfa94cb6c13f],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ch\Chrome.crx, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\Better-Surf.xpi, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\build.cmd, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome.manifest, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\install.rdf, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\better-surf.js, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\firefox.js, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.BetterSurf, C:\Program Files\Better-Surf\ff\chrome\content\overlay.xul, , [6bf5b4a20f6ccb6b0db4e593709251af],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\uninstall.exe, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ch\WebexpEnhancedV1alpha7095.crx, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome.manifest, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\install.rdf, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\ffWebexpEnhancedV1alpha7095.js, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\ffWebexpEnhancedV1alpha7095ffaction.js, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\overlay.xul, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\Thumbs.db, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.Webexp, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff\chrome\content\icons\default\WebexpEnhancedV1alpha7095_32.png, , [bfa1ee686714b4824cc03049af53867a],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\uninstall.exe, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ch\MediaPlayerV1alpha985.crx, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome.manifest, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\install.rdf, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\ffMediaPlayerV1alpha985.js, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\ffMediaPlayerV1alpha985ffaction.js, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\overlay.xul, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\Thumbs.db, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaPlayerAlpha.A, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff\chrome\content\icons\default\MediaPlayerV1alpha985_32.png, , [0e52ca8c9fdc54e2593a19608a78d32d],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\uninstall.exe, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ch\MediaViewerV1alpha1617.crx, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome.manifest, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\install.rdf, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\ffMediaViewerV1alpha1617.js, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\ffMediaViewerV1alpha1617ffaction.js, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\overlay.xul, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\Thumbs.db, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaViewer.A, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff\chrome\content\icons\default\MediaViewerV1alpha1617_32.png, , [84dc66f0f88338fecea75625a55d34cc],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\uninstall.exe, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ch\MediaViewV1alpha2201.crx, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome.manifest, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\install.rdf, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\ffMediaViewV1alpha2201.js, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\ffMediaViewV1alpha2201ffaction.js, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\overlay.xul, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\Thumbs.db, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff\chrome\content\icons\default\MediaViewV1alpha2201_32.png, , [5d035ff7e3983cfae3c117640200619f],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\uninstall.exe, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ch\MediaViewV1alpha639.crx, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome.manifest, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\install.rdf, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\ffMediaViewV1alpha639.js, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\ffMediaViewV1alpha639ffaction.js, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\overlay.xul, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\Thumbs.db, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.MediaView.A, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff\chrome\content\icons\default\MediaViewV1alpha639_32.png, , [4c1463f3a8d31224bde7f586f60c5fa1],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\BetterSrf.js, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\icon.ico, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\manifest.json, , [c59b8ec886f53ef81165bac3b74b669a],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\uninstall.exe, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ch\MediaWatchV1home2142.crx, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome.manifest, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\install.rdf, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\ffMediaWatchV1home2142.js, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\ffMediaWatchV1home2142ffaction.js, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\overlay.xul, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\Thumbs.db, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.MediaWatch.A, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff\chrome\content\icons\default\MediaWatchV1home2142_32.png, , [f967a4b2c0bb3600b137ef8e9c66ef11],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\uninstall.exe, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ch\VideoPlayerV3beta182.crx, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome.manifest, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\install.rdf, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\ffVideoPlayerV3beta182.js, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\ffVideoPlayerV3beta182ffaction.js, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\overlay.xul, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\Thumbs.db, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff\chrome\content\icons\default\VideoPlayerV3beta182_32.png, , [b4acf5618bf03afc0de56c11b84a649c],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\BetterSrf.js, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\icon.ico, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\manifest.json, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_128.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_16.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_48.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star_64.png, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\Thumbs.db, , [89d796c0601b1e18c5329ce6c53d7e82],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch\MediaBuzzV1mode7083.crx, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome.manifest, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\install.rdf, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083.js, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083ffaction.js, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\overlay.xul, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\Thumbs.db, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default\MediaBuzzV1mode7083_32.png, , [e37d71e5aecd91a5ba33fd861ae89e62],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\icon.ico, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\inject.js, , [a6ba5bfb0f6c54e2484f364fb949fb05],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0\manifest.json, , [a6ba5bfb0f6c54e2484f364fb949fb05],
Physical Sectors: 0
(No malicious items detected)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o pomoc s nežiadúcou reklamou.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím o pomoc s nežiadúcou reklamou.
adwcleaner log po clean:
# AdwCleaner v3.211 - Report created 27/05/2014 at 10:03:56
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : SBD - SBD-PC
# Running from : C:\Users\SBD\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\BetterSurf
Folder Deleted : C:\Program Files\Better-Surf
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\MediaPlayerV1
Folder Deleted : C:\Program Files\MediaViewerV1
Folder Deleted : C:\Program Files\MediaViewV1
Folder Deleted : C:\Program Files\MediaWatchV1
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\VideoPlayerV3
Folder Deleted : C:\Program Files\WebexpEnhancedV1
Folder Deleted : C:\Users\SBD\AppData\Roaming\iPumper
Folder Deleted : C:\Users\SBD\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\SBD\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\SBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPumper
Folder Deleted : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Deleted : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
File Deleted : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\user.js
File Deleted : C:\Windows\System32\Tasks\Escolade
File Deleted : C:\Windows\System32\Tasks\YourFile DownloaderUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881983A1-1244-4E0F-B263-AA91A49634D0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881983A1-1244-4E0F-B263-AA91A49634D0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\MediaPlayerV1
Key Deleted : HKLM\Software\MediaViewerV1
Key Deleted : HKLM\Software\MediaViewV1
Key Deleted : HKLM\Software\MediaWatchV1
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16671
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : dedmngkbaffkenlfdcbganndoghblmap
Deleted [Extension] : poheodfamflhhhdcmjfeggbgigeefaco
*************************
AdwCleaner[R0].txt - [11962 octets] - [27/05/2014 07:26:21]
AdwCleaner[R1].txt - [12023 octets] - [27/05/2014 10:01:45]
AdwCleaner[S0].txt - [12131 octets] - [27/05/2014 10:03:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12192 octets] ##########
# AdwCleaner v3.211 - Report created 27/05/2014 at 10:03:56
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : SBD - SBD-PC
# Running from : C:\Users\SBD\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\BetterSurf
Folder Deleted : C:\Program Files\Better-Surf
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\MediaPlayerV1
Folder Deleted : C:\Program Files\MediaViewerV1
Folder Deleted : C:\Program Files\MediaViewV1
Folder Deleted : C:\Program Files\MediaWatchV1
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\VideoPlayerV3
Folder Deleted : C:\Program Files\WebexpEnhancedV1
Folder Deleted : C:\Users\SBD\AppData\Roaming\iPumper
Folder Deleted : C:\Users\SBD\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\SBD\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\SBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPumper
Folder Deleted : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Deleted : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
File Deleted : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\user.js
File Deleted : C:\Windows\System32\Tasks\Escolade
File Deleted : C:\Windows\System32\Tasks\YourFile DownloaderUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881983A1-1244-4E0F-B263-AA91A49634D0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881983A1-1244-4E0F-B263-AA91A49634D0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B13838B-8F21-4E41-9E40-96AF93F9CCDA}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-development-kit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\MediaPlayerV1
Key Deleted : HKLM\Software\MediaViewerV1
Key Deleted : HKLM\Software\MediaViewV1
Key Deleted : HKLM\Software\MediaWatchV1
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16671
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\SBD\AppData\Roaming\Mozilla\Firefox\Profiles\aufht3gd.default-1360164732272\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : dedmngkbaffkenlfdcbganndoghblmap
Deleted [Extension] : poheodfamflhhhdcmjfeggbgigeefaco
*************************
AdwCleaner[R0].txt - [11962 octets] - [27/05/2014 07:26:21]
AdwCleaner[R1].txt - [12023 octets] - [27/05/2014 10:01:45]
AdwCleaner[S0].txt - [12131 octets] - [27/05/2014 10:03:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12192 octets] ##########
Re: prosím o pomoc s nežiadúcou reklamou.
JRT log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by SBD on ut 27. 05. 2014 at 10:12:47,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
~~~ FireFox
Emptied folder: C:\Users\SBD\AppData\Roaming\mozilla\firefox\profiles\aufht3gd.default-1360164732272\minidumps [183 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\SBD\appdata\local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 27. 05. 2014 at 10:14:52,25
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by SBD on ut 27. 05. 2014 at 10:12:47,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
~~~ FireFox
Emptied folder: C:\Users\SBD\AppData\Roaming\mozilla\firefox\profiles\aufht3gd.default-1360164732272\minidumps [183 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\SBD\appdata\local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 27. 05. 2014 at 10:14:52,25
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosím o pomoc s nežiadúcou reklamou.
malwarebytes log po uložení do karanteny:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 27. 5. 2014
Scan Time: 10:18:05
Logfile: malware2.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.27.04
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: SBD
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239211
Time Elapsed: 6 min, 9 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, 2176, Delete-on-Reboot, [1d431c3a0b704cea0ac843e1f709ff01]
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, 2636, Delete-on-Reboot, [c19fdd798fec4ee865f9210f996a9a66]
Modules: 0
(No malicious items detected)
Registry Keys: 56
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1, Quarantined, [83dd5600b9c2c670a1f5bed4bc460af6],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1mode7083, Quarantined, [b2aee1752e4dc86e6432880a27dbed13],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MediaPlayerV1alpha985, Quarantined, [17497dd93e3d5adc3918554f837fdc24],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MediaViewerV1alpha1617, Quarantined, [60001c3a9ae177bfbcefb6e9af536997],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha2201, Quarantined, [68f895c11269171fa954eeb01de5c13f],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha639, Quarantined, [71ef70e63744ad89bf3ea9f536cc7d83],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MediaWatchV1home2142, Quarantined, [68f82a2c0b70e2544b1b9e39709321df],
PUP.Optional.Webexp, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webexp Enhanced, Quarantined, [83dd1e381c5f979f0210891e0af88a76],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00dfd4c1-62f8-42f7-b476-9c750c10493f}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\CLSID\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{22da53e2-2abe-47a3-bfa5-f6b0d5e83a95}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9573339B-2476-4100-8886-395295DA139F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0918ed53-7e6e-4fc1-a010-82a9ae1abcd0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6f29ad3d-d066-4959-84d9-2e2b91c5e460}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C2868F-FE0E-4B37-8C8C-07C855AE9B5E}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1b6f3093-bb0d-4916-ab65-ef48027238ad}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e37a3d81-f8f6-4520-a700-66666c6f83eb}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{580672F5-AA00-415F-A22E-B1C1B52AF8FD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3508904b-4fa5-47c0-9bb8-e107f8843eb4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\CLSID\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93aee8d2-6444-4af7-a8d0-90a7915831bd}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B8DBE3D-0777-41D0-8597-8474EAD7C233}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5780c550-d494-4509-975c-142d3334b62a}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0ff97d0d-1ecc-491a-9a45-e5fe3dfdea8c}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BD28A8B-7469-4429-BA8C-FB128D503EA2}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9d3a1be7-f342-400f-bc44-a597252e385d}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\CLSID\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5491987a-b715-4f60-9ce6-a861277c60e7}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65ABE3B6-EAFF-4079-9C8A-E446B9333EEF}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{adc61b89-7943-4f69-a4ea-3e0ec98c8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\CLSID\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4f10c754-19e7-4e0d-b0ec-e1a8865b12b8}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F269A329-0882-4943-BC87-DD549276AE8B}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{e53b54e2-8ede-4e1f-a0f1-a94a2730a971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\CLSID\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{11405bba-73eb-4abc-a601-57289f88042b}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D09D541-D2C5-4730-AD01-A16976C51CD8}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
Registry Values: 9
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftUpdate, C:\Windows Portable Devices\Windows_Update.exe, Quarantined, [c19fdd798fec4ee865f9210f996a9a66]
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha7095.net, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, Quarantined, [8fd1ef6782f977bf9f597132ba483dc3]
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta182.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, Quarantined, [e977c3936e0df442f05f8515a161cb35]
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaPlayerV1alpha985.net, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, Quarantined, [93cdbb9bb8c3dd59aba75c48d1312ed2]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewerV1alpha1617.net, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, Quarantined, [cd93282ee4974fe7ac001887bc46b24e]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha2201.net, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, Quarantined, [b7a9480ef685cf67e31b85196b977c84]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha639.net, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, Quarantined, [ed7323332457f244b549f6a811f1af51]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home2142.net, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, Quarantined, [421e3521354685b1c5a2a4339073cb35]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode7083.net, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, Quarantined, [75eb381e83f896a03e591280bf430cf4]
Registry Data: 0
(No malicious items detected)
Folders: 12
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco, Quarantined, [0c541d39a0db76c06214e29b778b8d73],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ie, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
Files: 18
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, Delete-on-Reboot, [1d431c3a0b704cea0ac843e1f709ff01],
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, Delete-on-Reboot, [c19fdd798fec4ee865f9210f996a9a66],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\BetterSrf.js, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\icon.ico, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\manifest.json, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_128.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_16.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_48.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star_64.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\Thumbs.db, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch\MediaBuzzV1mode7083.crx, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome.manifest, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\install.rdf, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083.js, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083ffaction.js, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\overlay.xul, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\Thumbs.db, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default\MediaBuzzV1mode7083_32.png, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 27. 5. 2014
Scan Time: 10:18:05
Logfile: malware2.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.27.04
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: SBD
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239211
Time Elapsed: 6 min, 9 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, 2176, Delete-on-Reboot, [1d431c3a0b704cea0ac843e1f709ff01]
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, 2636, Delete-on-Reboot, [c19fdd798fec4ee865f9210f996a9a66]
Modules: 0
(No malicious items detected)
Registry Keys: 56
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1, Quarantined, [83dd5600b9c2c670a1f5bed4bc460af6],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MediaBuzzV1mode7083, Quarantined, [b2aee1752e4dc86e6432880a27dbed13],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MediaPlayerV1alpha985, Quarantined, [17497dd93e3d5adc3918554f837fdc24],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MediaViewerV1alpha1617, Quarantined, [60001c3a9ae177bfbcefb6e9af536997],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha2201, Quarantined, [68f895c11269171fa954eeb01de5c13f],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MediaViewV1alpha639, Quarantined, [71ef70e63744ad89bf3ea9f536cc7d83],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MediaWatchV1home2142, Quarantined, [68f82a2c0b70e2544b1b9e39709321df],
PUP.Optional.Webexp, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webexp Enhanced, Quarantined, [83dd1e381c5f979f0210891e0af88a76],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00dfd4c1-62f8-42f7-b476-9c750c10493f}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\CLSID\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{22da53e2-2abe-47a3-bfa5-f6b0d5e83a95}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9573339B-2476-4100-8886-395295DA139F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00DFD4C1-62F8-42F7-B476-9C750C10493F}, Quarantined, [bea2dd79abd0cd69e98db6a63acaf20e],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0918ed53-7e6e-4fc1-a010-82a9ae1abcd0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6f29ad3d-d066-4959-84d9-2e2b91c5e460}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C2868F-FE0E-4B37-8C8C-07C855AE9B5E}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaBuzz.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0918ED53-7E6E-4FC1-A010-82A9AE1ABCD0}, Quarantined, [1b45f85e7704b48203eef765cd37e31d],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1b6f3093-bb0d-4916-ab65-ef48027238ad}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e37a3d81-f8f6-4520-a700-66666c6f83eb}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{580672F5-AA00-415F-A22E-B1C1B52AF8FD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1B6F3093-BB0D-4916-AB65-EF48027238AD}, Quarantined, [c89889cdaecd989ede58df7da06458a8],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3508904b-4fa5-47c0-9bb8-e107f8843eb4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\CLSID\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93aee8d2-6444-4af7-a8d0-90a7915831bd}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B8DBE3D-0777-41D0-8597-8474EAD7C233}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaViewer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3508904B-4FA5-47C0-9BB8-E107F8843EB4}, Quarantined, [4a162a2c4e2d39fd58da203c6c98f808],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5780c550-d494-4509-975c-142d3334b62a}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0ff97d0d-1ecc-491a-9a45-e5fe3dfdea8c}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BD28A8B-7469-4429-BA8C-FB128D503EA2}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaView.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5780C550-D494-4509-975C-142D3334B62A}, Quarantined, [411f2a2c473479bdfb3b47156a9a7f81],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9d3a1be7-f342-400f-bc44-a597252e385d}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\CLSID\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5491987a-b715-4f60-9ce6-a861277c60e7}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{65ABE3B6-EAFF-4079-9C8A-E446B9333EEF}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.MediaPlayerAlpha.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D3A1BE7-F342-400F-BC44-A597252E385D}, Quarantined, [9cc4480e3c3f0d2975a274e834d0758b],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{adc61b89-7943-4f69-a4ea-3e0ec98c8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\CLSID\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4f10c754-19e7-4e0d-b0ec-e1a8865b12b8}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F269A329-0882-4943-BC87-DD549276AE8B}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.WebExpEnhanced.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ADC61B89-7943-4F69-A4EA-3E0EC98C8011}, Quarantined, [e7793c1ac6b5b97d8b937fddc63edf21],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{e53b54e2-8ede-4e1f-a0f1-a94a2730a971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\CLSID\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{11405bba-73eb-4abc-a601-57289f88042b}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D09D541-D2C5-4730-AD01-A16976C51CD8}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
PUP.Optional.VideoPlayer.A, HKU\S-1-5-21-3608668340-674315015-3161293799-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E53B54E2-8EDE-4E1F-A0F1-A94A2730A971}, Quarantined, [7fe1b1a5a8d3072f95e4f4685ca8c13f],
Registry Values: 9
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftUpdate, C:\Windows Portable Devices\Windows_Update.exe, Quarantined, [c19fdd798fec4ee865f9210f996a9a66]
PUP.Optional.WebExpEnhanced.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@WebexpEnhancedV1alpha7095.net, C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha7095\ff, Quarantined, [8fd1ef6782f977bf9f597132ba483dc3]
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta182.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta182\ff, Quarantined, [e977c3936e0df442f05f8515a161cb35]
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaPlayerV1alpha985.net, C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha985\ff, Quarantined, [93cdbb9bb8c3dd59aba75c48d1312ed2]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewerV1alpha1617.net, C:\Program Files\MediaViewerV1\MediaViewerV1alpha1617\ff, Quarantined, [cd93282ee4974fe7ac001887bc46b24e]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha2201.net, C:\Program Files\MediaViewV1\MediaViewV1alpha2201\ff, Quarantined, [b7a9480ef685cf67e31b85196b977c84]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha639.net, C:\Program Files\MediaViewV1\MediaViewV1alpha639\ff, Quarantined, [ed7323332457f244b549f6a811f1af51]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home2142.net, C:\Program Files\MediaWatchV1\MediaWatchV1home2142\ff, Quarantined, [421e3521354685b1c5a2a4339073cb35]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode7083.net, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, Quarantined, [75eb381e83f896a03e591280bf430cf4]
Registry Data: 0
(No malicious items detected)
Folders: 12
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco, Quarantined, [0c541d39a0db76c06214e29b778b8d73],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ie, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
Files: 18
Trojan.Clicker, C:\Users\SBD\AppData\Local\GC\Clicker.exe, Delete-on-Reboot, [1d431c3a0b704cea0ac843e1f709ff01],
Trojan.Agent, C:\Windows Portable Devices\Windows_Update.exe, Delete-on-Reboot, [c19fdd798fec4ee865f9210f996a9a66],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\BetterSrf.js, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\icon.ico, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\manifest.json, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_128.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_16.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star1_48.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\star_64.png, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.BetterSurf.A, C:\Users\SBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\images\Thumbs.db, Quarantined, [1848fa5c304b85b15a9dc6bcf60c7a86],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ch\MediaBuzzV1mode7083.crx, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome.manifest, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\install.rdf, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083.js, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\ffMediaBuzzV1mode7083ffaction.js, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\overlay.xul, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\Thumbs.db, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
PUP.Optional.MediaBuzz.A, C:\Program Files\MediaBuzzV1\MediaBuzzV1mode7083\ff\chrome\content\icons\default\MediaBuzzV1mode7083_32.png, Quarantined, [2838bf9729527eb8da130e75b54d45bb],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: prosím o pomoc s nežiadúcou reklamou.
RK log časť 1:
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operačný systém : Windows 7 (6.1.7600 ) 32 bits version
Spustené v : Normálny režim
Užívateľ : SBD [Práva Správcu]
Režim : Kontrola -- Dátum : 05/27/2014 10:34:08
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ naplánované úlohy : 6 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{2BD91A83-262A-464B-90AE-B947F304839C}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{EA94F672-5DF4-4FC0-A911-2E12F3431CA5}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{2BD91A83-262A-464B-90AE-B947F304839C}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{EA94F672-5DF4-4FC0-A911-2E12F3431CA5}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] GC_Scheduler : "%LOCALAPPDATA%\GC\Runner.exe" [-] -> NÁJDENÉ
[V2][SUSP PATH] UP_Scheduler : "%LOCALAPPDATA%\GC\updater.exe" [-] -> NÁJDENÉ
¤¤¤ spustenie položky : 0 ¤¤¤
¤¤¤ webové prehliadače : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤
[Address] EAT @explorer.exe (GdipAddPathArc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402748F)
[Address] EAT @explorer.exe (GdipAddPathArcI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027562)
[Address] EAT @explorer.exe (GdipAddPathBezier) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740275D8)
[Address] EAT @explorer.exe (GdipAddPathBezierI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740276BD)
[Address] EAT @explorer.exe (GdipAddPathBeziers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027741)
[Address] EAT @explorer.exe (GdipAddPathBeziersI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027801)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027EDE)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740280A7)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402816E)
[Address] EAT @explorer.exe (GdipAddPathClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027F9E)
[Address] EAT @explorer.exe (GdipAddPathCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402790A)
[Address] EAT @explorer.exe (GdipAddPathCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027AF6)
[Address] EAT @explorer.exe (GdipAddPathCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027BC4)
[Address] EAT @explorer.exe (GdipAddPathCurve3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027CF7)
[Address] EAT @explorer.exe (GdipAddPathCurve3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027DC8)
[Address] EAT @explorer.exe (GdipAddPathCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740279CA)
[Address] EAT @explorer.exe (GdipAddPathEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028571)
[Address] EAT @explorer.exe (GdipAddPathEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028630)
[Address] EAT @explorer.exe (GdipAddPathLine) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402719D)
[Address] EAT @explorer.exe (GdipAddPathLine2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740272C6)
[Address] EAT @explorer.exe (GdipAddPathLine2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027386)
[Address] EAT @explorer.exe (GdipAddPathLineI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402725E)
[Address] EAT @explorer.exe (GdipAddPathPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740289AA)
[Address] EAT @explorer.exe (GdipAddPathPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028698)
[Address] EAT @explorer.exe (GdipAddPathPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402876B)
[Address] EAT @explorer.exe (GdipAddPathPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740287E1)
[Address] EAT @explorer.exe (GdipAddPathPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740288A1)
[Address] EAT @explorer.exe (GdipAddPathRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402827E)
[Address] EAT @explorer.exe (GdipAddPathRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402833F)
[Address] EAT @explorer.exe (GdipAddPathRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740283A7)
[Address] EAT @explorer.exe (GdipAddPathRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028467)
[Address] EAT @explorer.exe (GdipAddPathString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028A53)
[Address] EAT @explorer.exe (GdipAddPathStringI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028BCC)
[Address] EAT @explorer.exe (GdipAlloc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042494)
[Address] EAT @explorer.exe (GdipBeginContainer) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040E27)
[Address] EAT @explorer.exe (GdipBeginContainer2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040F28)
[Address] EAT @explorer.exe (GdipBeginContainerI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040FEC)
[Address] EAT @explorer.exe (GdipBitmapApplyEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740372D0)
[Address] EAT @explorer.exe (GdipBitmapConvertFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037065)
[Address] EAT @explorer.exe (GdipBitmapCreateApplyEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037233)
[Address] EAT @explorer.exe (GdipBitmapGetHistogram) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037384)
[Address] EAT @explorer.exe (GdipBitmapGetHistogramSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037459)
[Address] EAT @explorer.exe (GdipBitmapGetPixel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036CC3)
[Address] EAT @explorer.exe (GdipBitmapLockBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036B4C)
[Address] EAT @explorer.exe (GdipBitmapSetPixel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036D89)
[Address] EAT @explorer.exe (GdipBitmapSetResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740375F8)
[Address] EAT @explorer.exe (GdipBitmapUnlockBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036C0C)
[Address] EAT @explorer.exe (GdipClearPathMarkers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026F9D)
[Address] EAT @explorer.exe (GdipCloneBitmapArea) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046BFC)
[Address] EAT @explorer.exe (GdipCloneBitmapAreaI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036A58)
[Address] EAT @explorer.exe (GdipCloneBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D847)
[Address] EAT @explorer.exe (GdipCloneCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032E7E)
[Address] EAT @explorer.exe (GdipCloneFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043013)
[Address] EAT @explorer.exe (GdipCloneFontFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740429E4)
[Address] EAT @explorer.exe (GdipCloneImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034C59)
[Address] EAT @explorer.exe (GdipCloneImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403777A)
[Address] EAT @explorer.exe (GdipCloneMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AA02)
[Address] EAT @explorer.exe (GdipClonePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740264E3)
[Address] EAT @explorer.exe (GdipClonePen) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030B1D)
[Address] EAT @explorer.exe (GdipCloneRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BE90)
[Address] EAT @explorer.exe (GdipCloneStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043FF2)
[Address] EAT @explorer.exe (GdipClosePathFigure) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026DB4)
[Address] EAT @explorer.exe (GdipClosePathFigures) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026E57)
[Address] EAT @explorer.exe (GdipCombineRegionPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C2D9)
[Address] EAT @explorer.exe (GdipCombineRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C185)
[Address] EAT @explorer.exe (GdipCombineRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C25C)
[Address] EAT @explorer.exe (GdipCombineRegionRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C407)
[Address] EAT @explorer.exe (GdipComment) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740432C3)
[Address] EAT @explorer.exe (GdipConvertToEmfPlus) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044ED8)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044FB8)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740450AC)
[Address] EAT @explorer.exe (GdipCreateAdjustableArrowCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046B37)
[Address] EAT @explorer.exe (GdipCreateBitmapFromDirectDrawSurface) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740364E1)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035E7E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFileICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403611A)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGdiDib) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740365CE)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403638E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHBITMAP) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740366D0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHICON) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403684E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromResource) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740368E0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromScan0) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036269)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035D31)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStreamICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035FCC)
[Address] EAT @explorer.exe (GdipCreateCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044A4A)
[Address] EAT @explorer.exe (GdipCreateCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032C94)
[Address] EAT @explorer.exe (GdipCreateEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036E32)
[Address] EAT @explorer.exe (GdipCreateFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042793)
[Address] EAT @explorer.exe (GdipCreateFontFamilyFromName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042559)
[Address] EAT @explorer.exe (GdipCreateFontFromDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404369D)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043797)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontW) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404389A)
[Address] EAT @explorer.exe (GdipCreateFromHDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740382CA)
[Address] EAT @explorer.exe (GdipCreateFromHDC2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038374)
[Address] EAT @explorer.exe (GdipCreateFromHWND) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403841F)
[Address] EAT @explorer.exe (GdipCreateFromHWNDICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740384C9)
[Address] EAT @explorer.exe (GdipCreateHBITMAPFromBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036765)
[Address] EAT @explorer.exe (GdipCreateHICONFromBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036975)
[Address] EAT @explorer.exe (GdipCreateHalftonePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044D55)
[Address] EAT @explorer.exe (GdipCreateHatchBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404629C)
[Address] EAT @explorer.exe (GdipCreateImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740376A7)
[Address] EAT @explorer.exe (GdipCreateLineBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E20A)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E3CF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E4BF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E587)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E67E)
[Address] EAT @explorer.exe (GdipCreateLineBrushI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E300)
[Address] EAT @explorer.exe (GdipCreateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A657)
[Address] EAT @explorer.exe (GdipCreateMatrix2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A70D)
[Address] EAT @explorer.exe (GdipCreateMatrix3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A84D)
[Address] EAT @explorer.exe (GdipCreateMatrix3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A915)
[Address] EAT @explorer.exe (GdipCreateMetafileFromEmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041505)
[Address] EAT @explorer.exe (GdipCreateMetafileFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740415DD)
[Address] EAT @explorer.exe (GdipCreateMetafileFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404178C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041428)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmfFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740416B4)
[Address] EAT @explorer.exe (GdipCreatePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740461AB)
[Address] EAT @explorer.exe (GdipCreatePath2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026247)
[Address] EAT @explorer.exe (GdipCreatePath2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026318)
[Address] EAT @explorer.exe (GdipCreatePathGradient) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046865)
[Address] EAT @explorer.exe (GdipCreatePathGradientFromPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046A79)
[Address] EAT @explorer.exe (GdipCreatePathGradientI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046927)
[Address] EAT @explorer.exe (GdipCreatePathIter) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029A80)
[Address] EAT @explorer.exe (GdipCreatePen1) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030899)
[Address] EAT @explorer.exe (GdipCreatePen2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740309CA)
[Address] EAT @explorer.exe (GdipCreateRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B997)
[Address] EAT @explorer.exe (GdipCreateRegionHrgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BDC1)
[Address] EAT @explorer.exe (GdipCreateRegionPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BBBD)
[Address] EAT @explorer.exe (GdipCreateRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BA50)
[Address] EAT @explorer.exe (GdipCreateRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BB12)
[Address] EAT @explorer.exe (GdipCreateRegionRgnData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BCDF)
[Address] EAT @explorer.exe (GdipCreateSolidFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74047051)
[Address] EAT @explorer.exe (GdipCreateStreamOnFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402586D)
[Address] EAT @explorer.exe (GdipCreateStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043E28)
[Address] EAT @explorer.exe (GdipCreateTexture) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404637D)
[Address] EAT @explorer.exe (GdipCreateTexture2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404649F)
[Address] EAT @explorer.exe (GdipCreateTexture2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404678B)
[Address] EAT @explorer.exe (GdipCreateTextureIA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740465E1)
[Address] EAT @explorer.exe (GdipCreateTextureIAI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404682B)
[Address] EAT @explorer.exe (GdipDeleteBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D921)
[Address] EAT @explorer.exe (GdipDeleteCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044BB5)
[Address] EAT @explorer.exe (GdipDeleteCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033032)
[Address] EAT @explorer.exe (GdipDeleteEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036EC3)
[Address] EAT @explorer.exe (GdipDeleteFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740430CC)
[Address] EAT @explorer.exe (GdipDeleteFontFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740428EB)
[Address] EAT @explorer.exe (GdipDeleteGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038573)
[Address] EAT @explorer.exe (GdipDeleteMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AAD7)
[Address] EAT @explorer.exe (GdipDeletePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740265B7)
[Address] EAT @explorer.exe (GdipDeletePathIter) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029B39)
[Address] EAT @explorer.exe (GdipDeletePen) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030BF4)
[Address] EAT @explorer.exe (GdipDeletePrivateFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043AE4)
[Address] EAT @explorer.exe (GdipDeleteRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BFAF)
[Address] EAT @explorer.exe (GdipDeleteStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404409D)
[Address] EAT @explorer.exe (GdipDisposeImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034D27)
[Address] EAT @explorer.exe (GdipDisposeImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037848)
[Address] EAT @explorer.exe (GdipDrawArc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A46E)
[Address] EAT @explorer.exe (GdipDrawArcI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A5A8)
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operačný systém : Windows 7 (6.1.7600 ) 32 bits version
Spustené v : Normálny režim
Užívateľ : SBD [Práva Správcu]
Režim : Kontrola -- Dátum : 05/27/2014 10:34:08
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ naplánované úlohy : 6 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{2BD91A83-262A-464B-90AE-B947F304839C}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{EA94F672-5DF4-4FC0-A911-2E12F3431CA5}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{2BD91A83-262A-464B-90AE-B947F304839C}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{EA94F672-5DF4-4FC0-A911-2E12F3431CA5}.exe - --uninstall=1 [x] -> NÁJDENÉ
[V2][SUSP PATH] GC_Scheduler : "%LOCALAPPDATA%\GC\Runner.exe" [-] -> NÁJDENÉ
[V2][SUSP PATH] UP_Scheduler : "%LOCALAPPDATA%\GC\updater.exe" [-] -> NÁJDENÉ
¤¤¤ spustenie položky : 0 ¤¤¤
¤¤¤ webové prehliadače : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤
[Address] EAT @explorer.exe (GdipAddPathArc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402748F)
[Address] EAT @explorer.exe (GdipAddPathArcI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027562)
[Address] EAT @explorer.exe (GdipAddPathBezier) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740275D8)
[Address] EAT @explorer.exe (GdipAddPathBezierI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740276BD)
[Address] EAT @explorer.exe (GdipAddPathBeziers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027741)
[Address] EAT @explorer.exe (GdipAddPathBeziersI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027801)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027EDE)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740280A7)
[Address] EAT @explorer.exe (GdipAddPathClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402816E)
[Address] EAT @explorer.exe (GdipAddPathClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027F9E)
[Address] EAT @explorer.exe (GdipAddPathCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402790A)
[Address] EAT @explorer.exe (GdipAddPathCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027AF6)
[Address] EAT @explorer.exe (GdipAddPathCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027BC4)
[Address] EAT @explorer.exe (GdipAddPathCurve3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027CF7)
[Address] EAT @explorer.exe (GdipAddPathCurve3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027DC8)
[Address] EAT @explorer.exe (GdipAddPathCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740279CA)
[Address] EAT @explorer.exe (GdipAddPathEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028571)
[Address] EAT @explorer.exe (GdipAddPathEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028630)
[Address] EAT @explorer.exe (GdipAddPathLine) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402719D)
[Address] EAT @explorer.exe (GdipAddPathLine2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740272C6)
[Address] EAT @explorer.exe (GdipAddPathLine2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027386)
[Address] EAT @explorer.exe (GdipAddPathLineI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402725E)
[Address] EAT @explorer.exe (GdipAddPathPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740289AA)
[Address] EAT @explorer.exe (GdipAddPathPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028698)
[Address] EAT @explorer.exe (GdipAddPathPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402876B)
[Address] EAT @explorer.exe (GdipAddPathPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740287E1)
[Address] EAT @explorer.exe (GdipAddPathPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740288A1)
[Address] EAT @explorer.exe (GdipAddPathRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402827E)
[Address] EAT @explorer.exe (GdipAddPathRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402833F)
[Address] EAT @explorer.exe (GdipAddPathRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740283A7)
[Address] EAT @explorer.exe (GdipAddPathRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028467)
[Address] EAT @explorer.exe (GdipAddPathString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028A53)
[Address] EAT @explorer.exe (GdipAddPathStringI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028BCC)
[Address] EAT @explorer.exe (GdipAlloc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042494)
[Address] EAT @explorer.exe (GdipBeginContainer) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040E27)
[Address] EAT @explorer.exe (GdipBeginContainer2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040F28)
[Address] EAT @explorer.exe (GdipBeginContainerI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040FEC)
[Address] EAT @explorer.exe (GdipBitmapApplyEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740372D0)
[Address] EAT @explorer.exe (GdipBitmapConvertFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037065)
[Address] EAT @explorer.exe (GdipBitmapCreateApplyEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037233)
[Address] EAT @explorer.exe (GdipBitmapGetHistogram) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037384)
[Address] EAT @explorer.exe (GdipBitmapGetHistogramSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037459)
[Address] EAT @explorer.exe (GdipBitmapGetPixel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036CC3)
[Address] EAT @explorer.exe (GdipBitmapLockBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036B4C)
[Address] EAT @explorer.exe (GdipBitmapSetPixel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036D89)
[Address] EAT @explorer.exe (GdipBitmapSetResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740375F8)
[Address] EAT @explorer.exe (GdipBitmapUnlockBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036C0C)
[Address] EAT @explorer.exe (GdipClearPathMarkers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026F9D)
[Address] EAT @explorer.exe (GdipCloneBitmapArea) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046BFC)
[Address] EAT @explorer.exe (GdipCloneBitmapAreaI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036A58)
[Address] EAT @explorer.exe (GdipCloneBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D847)
[Address] EAT @explorer.exe (GdipCloneCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032E7E)
[Address] EAT @explorer.exe (GdipCloneFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043013)
[Address] EAT @explorer.exe (GdipCloneFontFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740429E4)
[Address] EAT @explorer.exe (GdipCloneImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034C59)
[Address] EAT @explorer.exe (GdipCloneImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403777A)
[Address] EAT @explorer.exe (GdipCloneMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AA02)
[Address] EAT @explorer.exe (GdipClonePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740264E3)
[Address] EAT @explorer.exe (GdipClonePen) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030B1D)
[Address] EAT @explorer.exe (GdipCloneRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BE90)
[Address] EAT @explorer.exe (GdipCloneStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043FF2)
[Address] EAT @explorer.exe (GdipClosePathFigure) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026DB4)
[Address] EAT @explorer.exe (GdipClosePathFigures) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026E57)
[Address] EAT @explorer.exe (GdipCombineRegionPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C2D9)
[Address] EAT @explorer.exe (GdipCombineRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C185)
[Address] EAT @explorer.exe (GdipCombineRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C25C)
[Address] EAT @explorer.exe (GdipCombineRegionRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C407)
[Address] EAT @explorer.exe (GdipComment) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740432C3)
[Address] EAT @explorer.exe (GdipConvertToEmfPlus) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044ED8)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044FB8)
[Address] EAT @explorer.exe (GdipConvertToEmfPlusToStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740450AC)
[Address] EAT @explorer.exe (GdipCreateAdjustableArrowCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046B37)
[Address] EAT @explorer.exe (GdipCreateBitmapFromDirectDrawSurface) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740364E1)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035E7E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromFileICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403611A)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGdiDib) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740365CE)
[Address] EAT @explorer.exe (GdipCreateBitmapFromGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403638E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHBITMAP) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740366D0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromHICON) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403684E)
[Address] EAT @explorer.exe (GdipCreateBitmapFromResource) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740368E0)
[Address] EAT @explorer.exe (GdipCreateBitmapFromScan0) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036269)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035D31)
[Address] EAT @explorer.exe (GdipCreateBitmapFromStreamICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035FCC)
[Address] EAT @explorer.exe (GdipCreateCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044A4A)
[Address] EAT @explorer.exe (GdipCreateCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032C94)
[Address] EAT @explorer.exe (GdipCreateEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036E32)
[Address] EAT @explorer.exe (GdipCreateFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042793)
[Address] EAT @explorer.exe (GdipCreateFontFamilyFromName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042559)
[Address] EAT @explorer.exe (GdipCreateFontFromDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404369D)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043797)
[Address] EAT @explorer.exe (GdipCreateFontFromLogfontW) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404389A)
[Address] EAT @explorer.exe (GdipCreateFromHDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740382CA)
[Address] EAT @explorer.exe (GdipCreateFromHDC2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038374)
[Address] EAT @explorer.exe (GdipCreateFromHWND) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403841F)
[Address] EAT @explorer.exe (GdipCreateFromHWNDICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740384C9)
[Address] EAT @explorer.exe (GdipCreateHBITMAPFromBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036765)
[Address] EAT @explorer.exe (GdipCreateHICONFromBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036975)
[Address] EAT @explorer.exe (GdipCreateHalftonePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044D55)
[Address] EAT @explorer.exe (GdipCreateHatchBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404629C)
[Address] EAT @explorer.exe (GdipCreateImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740376A7)
[Address] EAT @explorer.exe (GdipCreateLineBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E20A)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E3CF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E4BF)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E587)
[Address] EAT @explorer.exe (GdipCreateLineBrushFromRectWithAngleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E67E)
[Address] EAT @explorer.exe (GdipCreateLineBrushI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E300)
[Address] EAT @explorer.exe (GdipCreateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A657)
[Address] EAT @explorer.exe (GdipCreateMatrix2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A70D)
[Address] EAT @explorer.exe (GdipCreateMatrix3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A84D)
[Address] EAT @explorer.exe (GdipCreateMatrix3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A915)
[Address] EAT @explorer.exe (GdipCreateMetafileFromEmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041505)
[Address] EAT @explorer.exe (GdipCreateMetafileFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740415DD)
[Address] EAT @explorer.exe (GdipCreateMetafileFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404178C)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041428)
[Address] EAT @explorer.exe (GdipCreateMetafileFromWmfFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740416B4)
[Address] EAT @explorer.exe (GdipCreatePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740461AB)
[Address] EAT @explorer.exe (GdipCreatePath2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026247)
[Address] EAT @explorer.exe (GdipCreatePath2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026318)
[Address] EAT @explorer.exe (GdipCreatePathGradient) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046865)
[Address] EAT @explorer.exe (GdipCreatePathGradientFromPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046A79)
[Address] EAT @explorer.exe (GdipCreatePathGradientI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046927)
[Address] EAT @explorer.exe (GdipCreatePathIter) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029A80)
[Address] EAT @explorer.exe (GdipCreatePen1) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030899)
[Address] EAT @explorer.exe (GdipCreatePen2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740309CA)
[Address] EAT @explorer.exe (GdipCreateRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B997)
[Address] EAT @explorer.exe (GdipCreateRegionHrgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BDC1)
[Address] EAT @explorer.exe (GdipCreateRegionPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BBBD)
[Address] EAT @explorer.exe (GdipCreateRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BA50)
[Address] EAT @explorer.exe (GdipCreateRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BB12)
[Address] EAT @explorer.exe (GdipCreateRegionRgnData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BCDF)
[Address] EAT @explorer.exe (GdipCreateSolidFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74047051)
[Address] EAT @explorer.exe (GdipCreateStreamOnFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402586D)
[Address] EAT @explorer.exe (GdipCreateStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043E28)
[Address] EAT @explorer.exe (GdipCreateTexture) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404637D)
[Address] EAT @explorer.exe (GdipCreateTexture2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404649F)
[Address] EAT @explorer.exe (GdipCreateTexture2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404678B)
[Address] EAT @explorer.exe (GdipCreateTextureIA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740465E1)
[Address] EAT @explorer.exe (GdipCreateTextureIAI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404682B)
[Address] EAT @explorer.exe (GdipDeleteBrush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D921)
[Address] EAT @explorer.exe (GdipDeleteCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044BB5)
[Address] EAT @explorer.exe (GdipDeleteCustomLineCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033032)
[Address] EAT @explorer.exe (GdipDeleteEffect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036EC3)
[Address] EAT @explorer.exe (GdipDeleteFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740430CC)
[Address] EAT @explorer.exe (GdipDeleteFontFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740428EB)
[Address] EAT @explorer.exe (GdipDeleteGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038573)
[Address] EAT @explorer.exe (GdipDeleteMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AAD7)
[Address] EAT @explorer.exe (GdipDeletePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740265B7)
[Address] EAT @explorer.exe (GdipDeletePathIter) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029B39)
[Address] EAT @explorer.exe (GdipDeletePen) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030BF4)
[Address] EAT @explorer.exe (GdipDeletePrivateFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043AE4)
[Address] EAT @explorer.exe (GdipDeleteRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402BFAF)
[Address] EAT @explorer.exe (GdipDeleteStringFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404409D)
[Address] EAT @explorer.exe (GdipDisposeImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034D27)
[Address] EAT @explorer.exe (GdipDisposeImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037848)
[Address] EAT @explorer.exe (GdipDrawArc) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A46E)
[Address] EAT @explorer.exe (GdipDrawArcI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A5A8)
Re: prosím o pomoc s nežiadúcou reklamou.
RK log časť 2:
[Address] EAT @explorer.exe (GdipDrawBezier) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A621)
[Address] EAT @explorer.exe (GdipDrawBezierI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A769)
[Address] EAT @explorer.exe (GdipDrawBeziers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A7F0)
[Address] EAT @explorer.exe (GdipDrawBeziersI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A91A)
[Address] EAT @explorer.exe (GdipDrawCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044C4F)
[Address] EAT @explorer.exe (GdipDrawClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BC42)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BE85)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BFB6)
[Address] EAT @explorer.exe (GdipDrawClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BD6C)
[Address] EAT @explorer.exe (GdipDrawCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B54A)
[Address] EAT @explorer.exe (GdipDrawCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B78D)
[Address] EAT @explorer.exe (GdipDrawCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B8C5)
[Address] EAT @explorer.exe (GdipDrawCurve3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B9E5)
[Address] EAT @explorer.exe (GdipDrawCurve3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BB1C)
[Address] EAT @explorer.exe (GdipDrawCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B674)
[Address] EAT @explorer.exe (GdipDrawDriverString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D9E3)
[Address] EAT @explorer.exe (GdipDrawEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AE4B)
[Address] EAT @explorer.exe (GdipDrawEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AF6F)
[Address] EAT @explorer.exe (GdipDrawImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DEE7)
[Address] EAT @explorer.exe (GdipDrawImageFX) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EB42)
[Address] EAT @explorer.exe (GdipDrawImageI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E062)
[Address] EAT @explorer.exe (GdipDrawImagePointRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E51C)
[Address] EAT @explorer.exe (GdipDrawImagePointRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E6B8)
[Address] EAT @explorer.exe (GdipDrawImagePoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E288)
[Address] EAT @explorer.exe (GdipDrawImagePointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E3E0)
[Address] EAT @explorer.exe (GdipDrawImagePointsRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E754)
[Address] EAT @explorer.exe (GdipDrawImagePointsRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E9B3)
[Address] EAT @explorer.exe (GdipDrawImageRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E0BE)
[Address] EAT @explorer.exe (GdipDrawImageRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E21D)
[Address] EAT @explorer.exe (GdipDrawImageRectRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046C80)
[Address] EAT @explorer.exe (GdipDrawImageRectRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046ED6)
[Address] EAT @explorer.exe (GdipDrawLine) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A09A)
[Address] EAT @explorer.exe (GdipDrawLineI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A1BE)
[Address] EAT @explorer.exe (GdipDrawLines) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A229)
[Address] EAT @explorer.exe (GdipDrawLinesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A355)
[Address] EAT @explorer.exe (GdipDrawPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B3D0)
[Address] EAT @explorer.exe (GdipDrawPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AFDA)
[Address] EAT @explorer.exe (GdipDrawPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B114)
[Address] EAT @explorer.exe (GdipDrawPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B18D)
[Address] EAT @explorer.exe (GdipDrawPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B2B7)
[Address] EAT @explorer.exe (GdipDrawRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AA56)
[Address] EAT @explorer.exe (GdipDrawRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AB7A)
[Address] EAT @explorer.exe (GdipDrawRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403ABE5)
[Address] EAT @explorer.exe (GdipDrawRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AD0F)
[Address] EAT @explorer.exe (GdipDrawString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D4DB)
[Address] EAT @explorer.exe (GdipEmfToWmfBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044E82)
[Address] EAT @explorer.exe (GdipEndContainer) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041099)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EC83)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EE34)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F0C1)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F275)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EE9C)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F04D)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F3E0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F5C0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F8BE)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FAA1)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F649)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F829)
[Address] EAT @explorer.exe (GdipFillClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CEB5)
[Address] EAT @explorer.exe (GdipFillClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D107)
[Address] EAT @explorer.exe (GdipFillClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D23E)
[Address] EAT @explorer.exe (GdipFillClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CFEE)
[Address] EAT @explorer.exe (GdipFillEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C9EC)
[Address] EAT @explorer.exe (GdipFillEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CB17)
[Address] EAT @explorer.exe (GdipFillPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CD38)
[Address] EAT @explorer.exe (GdipFillPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CB82)
[Address] EAT @explorer.exe (GdipFillPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CCBF)
[Address] EAT @explorer.exe (GdipFillPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C55A)
[Address] EAT @explorer.exe (GdipFillPolygon2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C7A6)
[Address] EAT @explorer.exe (GdipFillPolygon2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C8D3)
[Address] EAT @explorer.exe (GdipFillPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C68A)
[Address] EAT @explorer.exe (GdipFillRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C17E)
[Address] EAT @explorer.exe (GdipFillRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C2A9)
[Address] EAT @explorer.exe (GdipFillRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C314)
[Address] EAT @explorer.exe (GdipFillRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C441)
[Address] EAT @explorer.exe (GdipFillRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D361)
[Address] EAT @explorer.exe (GdipFindFirstImageItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035A83)
[Address] EAT @explorer.exe (GdipFindNextImageItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035B29)
[Address] EAT @explorer.exe (GdipFlattenPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028C5C)
[Address] EAT @explorer.exe (GdipFlush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403860E)
[Address] EAT @explorer.exe (GdipFree) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404250F)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapFillState) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033C6D)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033860)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapMiddleInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033B16)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740339BB)
[Address] EAT @explorer.exe (GdipGetAllPropertyItems) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034A7C)
[Address] EAT @explorer.exe (GdipGetBrushType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D9BE)
[Address] EAT @explorer.exe (GdipGetCellAscent) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740434BD)
[Address] EAT @explorer.exe (GdipGetCellDescent) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404355D)
[Address] EAT @explorer.exe (GdipGetClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040495)
[Address] EAT @explorer.exe (GdipGetClipBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404058D)
[Address] EAT @explorer.exe (GdipGetClipBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040640)
[Address] EAT @explorer.exe (GdipGetCompositingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740388B8)
[Address] EAT @explorer.exe (GdipGetCompositingQuality) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038A08)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403344E)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740335A5)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeCaps) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033172)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740332EE)
[Address] EAT @explorer.exe (GdipGetCustomLineCapType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032F7B)
[Address] EAT @explorer.exe (GdipGetCustomLineCapWidthScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740336FC)
[Address] EAT @explorer.exe (GdipGetDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043144)
[Address] EAT @explorer.exe (GdipGetDpiX) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039BAC)
[Address] EAT @explorer.exe (GdipGetDpiY) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039C5D)
[Address] EAT @explorer.exe (GdipGetEffectParameterSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036F97)
[Address] EAT @explorer.exe (GdipGetEffectParameters) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036FFC)
[Address] EAT @explorer.exe (GdipGetEmHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404341D)
[Address] EAT @explorer.exe (GdipGetEncoderParameterList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403410E)
[Address] EAT @explorer.exe (GdipGetEncoderParameterListSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403406D)
[Address] EAT @explorer.exe (GdipGetFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042A84)
[Address] EAT @explorer.exe (GdipGetFamilyName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DE5A)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043B98)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043C34)
[Address] EAT @explorer.exe (GdipGetFontHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042E62)
[Address] EAT @explorer.exe (GdipGetFontHeightGivenDPI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042F6A)
[Address] EAT @explorer.exe (GdipGetFontSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042D26)
[Address] EAT @explorer.exe (GdipGetFontStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404424D)
[Address] EAT @explorer.exe (GdipGetFontUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042DC4)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilyMonospace) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404271A)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySansSerif) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042628)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySerif) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740426A1)
[Address] EAT @explorer.exe (GdipGetHatchBackgroundColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DBDD)
[Address] EAT @explorer.exe (GdipGetHatchForegroundColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DB27)
[Address] EAT @explorer.exe (GdipGetHatchStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DA71)
[Address] EAT @explorer.exe (GdipGetHemfFromMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404136D)
[Address] EAT @explorer.exe (GdipGetImageAttributesAdjustedPalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740381E2)
[Address] EAT @explorer.exe (GdipGetImageBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034F3C)
[Address] EAT @explorer.exe (GdipGetImageDecoders) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740420B5)
[Address] EAT @explorer.exe (GdipGetImageDecodersSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404202C)
[Address] EAT @explorer.exe (GdipGetImageDimension) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035011)
[Address] EAT @explorer.exe (GdipGetImageEncoders) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740422E9)
[Address] EAT @explorer.exe (GdipGetImageEncodersSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042260)
[Address] EAT @explorer.exe (GdipGetImageFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035422)
[Address] EAT @explorer.exe (GdipGetImageGraphicsContext) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034E65)
[Address] EAT @explorer.exe (GdipGetImageHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740351A3)
[Address] EAT @explorer.exe (GdipGetImageHorizontalResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035278)
[Address] EAT @explorer.exe (GdipGetImageItemData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035BCF)
[Address] EAT @explorer.exe (GdipGetImagePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740356A5)
[Address] EAT @explorer.exe (GdipGetImagePaletteSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403582D)
[Address] EAT @explorer.exe (GdipGetImagePixelFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740355D0)
[Address] EAT @explorer.exe (GdipGetImageRawFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740354F7)
[Address] EAT @explorer.exe (GdipGetImageThumbnail) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740359AC)
[Address] EAT @explorer.exe (GdipGetImageType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740358FC)
[Address] EAT @explorer.exe (GdipGetImageVerticalResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403534D)
[Address] EAT @explorer.exe (GdipGetImageWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740350CE)
[Address] EAT @explorer.exe (GdipGetInterpolationMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403915E)
[Address] EAT @explorer.exe (GdipGetLineBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EA2F)
[Address] EAT @explorer.exe (GdipGetLineBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E979)
[Address] EAT @explorer.exe (GdipGetLineColors) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E802)
[Address] EAT @explorer.exe (GdipGetLineGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740257E2)
[Address] EAT @explorer.exe (GdipGetLinePresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EBBD)
[Address] EAT @explorer.exe (GdipGetLinePresetBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EB03)
[Address] EAT @explorer.exe (GdipGetLineRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FBC2)
[Address] EAT @explorer.exe (GdipGetLineRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E8C1)
[Address] EAT @explorer.exe (GdipGetLineSpacing) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740435FD)
[Address] EAT @explorer.exe (GdipGetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetLineWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetLogFontA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042B22)
[Address] EAT @explorer.exe (GdipGetLogFontW) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042C24)
[Address] EAT @explorer.exe (GdipGetMatrixElements) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B647)
[Address] EAT @explorer.exe (GdipGetMetafileDownLevelRasterizationLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041F14)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromEmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740411A2)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041205)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740412C9)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041266)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromWmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041138)
[Address] EAT @explorer.exe (GdipGetNearestColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039FE3)
[Address] EAT @explorer.exe (GdipGetPageScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039A56)
[Address] EAT @explorer.exe (GdipGetPageUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740398E7)
[Address] EAT @explorer.exe (GdipGetPathData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026C6D)
[Address] EAT @explorer.exe (GdipGetPathFillMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026B13)
[Address] EAT @explorer.exe (GdipGetPathGradientBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FDC7)
[Address] EAT @explorer.exe (GdipGetPathGradientBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E979)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F346)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F7DF)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F899)
[Address] EAT @explorer.exe (GdipGetPathGradientFocusScales) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403070D)
[Address] EAT @explorer.exe (GdipGetPathGradientGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FD14)
[Address] EAT @explorer.exe (GdipGetPathGradientPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F79C)
[Address] EAT @explorer.exe (GdipGetPathGradientPointCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FA55)
[Address] EAT @explorer.exe (GdipDrawBezier) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A621)
[Address] EAT @explorer.exe (GdipDrawBezierI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A769)
[Address] EAT @explorer.exe (GdipDrawBeziers) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A7F0)
[Address] EAT @explorer.exe (GdipDrawBeziersI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A91A)
[Address] EAT @explorer.exe (GdipDrawCachedBitmap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044C4F)
[Address] EAT @explorer.exe (GdipDrawClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BC42)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BE85)
[Address] EAT @explorer.exe (GdipDrawClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BFB6)
[Address] EAT @explorer.exe (GdipDrawClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BD6C)
[Address] EAT @explorer.exe (GdipDrawCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B54A)
[Address] EAT @explorer.exe (GdipDrawCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B78D)
[Address] EAT @explorer.exe (GdipDrawCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B8C5)
[Address] EAT @explorer.exe (GdipDrawCurve3) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B9E5)
[Address] EAT @explorer.exe (GdipDrawCurve3I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403BB1C)
[Address] EAT @explorer.exe (GdipDrawCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B674)
[Address] EAT @explorer.exe (GdipDrawDriverString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D9E3)
[Address] EAT @explorer.exe (GdipDrawEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AE4B)
[Address] EAT @explorer.exe (GdipDrawEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AF6F)
[Address] EAT @explorer.exe (GdipDrawImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DEE7)
[Address] EAT @explorer.exe (GdipDrawImageFX) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EB42)
[Address] EAT @explorer.exe (GdipDrawImageI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E062)
[Address] EAT @explorer.exe (GdipDrawImagePointRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E51C)
[Address] EAT @explorer.exe (GdipDrawImagePointRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E6B8)
[Address] EAT @explorer.exe (GdipDrawImagePoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E288)
[Address] EAT @explorer.exe (GdipDrawImagePointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E3E0)
[Address] EAT @explorer.exe (GdipDrawImagePointsRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E754)
[Address] EAT @explorer.exe (GdipDrawImagePointsRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E9B3)
[Address] EAT @explorer.exe (GdipDrawImageRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E0BE)
[Address] EAT @explorer.exe (GdipDrawImageRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403E21D)
[Address] EAT @explorer.exe (GdipDrawImageRectRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046C80)
[Address] EAT @explorer.exe (GdipDrawImageRectRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74046ED6)
[Address] EAT @explorer.exe (GdipDrawLine) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A09A)
[Address] EAT @explorer.exe (GdipDrawLineI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A1BE)
[Address] EAT @explorer.exe (GdipDrawLines) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A229)
[Address] EAT @explorer.exe (GdipDrawLinesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403A355)
[Address] EAT @explorer.exe (GdipDrawPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B3D0)
[Address] EAT @explorer.exe (GdipDrawPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AFDA)
[Address] EAT @explorer.exe (GdipDrawPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B114)
[Address] EAT @explorer.exe (GdipDrawPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B18D)
[Address] EAT @explorer.exe (GdipDrawPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403B2B7)
[Address] EAT @explorer.exe (GdipDrawRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AA56)
[Address] EAT @explorer.exe (GdipDrawRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AB7A)
[Address] EAT @explorer.exe (GdipDrawRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403ABE5)
[Address] EAT @explorer.exe (GdipDrawRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403AD0F)
[Address] EAT @explorer.exe (GdipDrawString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D4DB)
[Address] EAT @explorer.exe (GdipEmfToWmfBits) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044E82)
[Address] EAT @explorer.exe (GdipEndContainer) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041099)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EC83)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EE34)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F0C1)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F275)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403EE9C)
[Address] EAT @explorer.exe (GdipEnumerateMetafileDestRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F04D)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F3E0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F5C0)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F8BE)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FAA1)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F649)
[Address] EAT @explorer.exe (GdipEnumerateMetafileSrcRectDestRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403F829)
[Address] EAT @explorer.exe (GdipFillClosedCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CEB5)
[Address] EAT @explorer.exe (GdipFillClosedCurve2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D107)
[Address] EAT @explorer.exe (GdipFillClosedCurve2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D23E)
[Address] EAT @explorer.exe (GdipFillClosedCurveI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CFEE)
[Address] EAT @explorer.exe (GdipFillEllipse) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C9EC)
[Address] EAT @explorer.exe (GdipFillEllipseI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CB17)
[Address] EAT @explorer.exe (GdipFillPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CD38)
[Address] EAT @explorer.exe (GdipFillPie) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CB82)
[Address] EAT @explorer.exe (GdipFillPieI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403CCBF)
[Address] EAT @explorer.exe (GdipFillPolygon) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C55A)
[Address] EAT @explorer.exe (GdipFillPolygon2) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C7A6)
[Address] EAT @explorer.exe (GdipFillPolygon2I) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C8D3)
[Address] EAT @explorer.exe (GdipFillPolygonI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C68A)
[Address] EAT @explorer.exe (GdipFillRectangle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C17E)
[Address] EAT @explorer.exe (GdipFillRectangleI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C2A9)
[Address] EAT @explorer.exe (GdipFillRectangles) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C314)
[Address] EAT @explorer.exe (GdipFillRectanglesI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C441)
[Address] EAT @explorer.exe (GdipFillRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D361)
[Address] EAT @explorer.exe (GdipFindFirstImageItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035A83)
[Address] EAT @explorer.exe (GdipFindNextImageItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035B29)
[Address] EAT @explorer.exe (GdipFlattenPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028C5C)
[Address] EAT @explorer.exe (GdipFlush) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403860E)
[Address] EAT @explorer.exe (GdipFree) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404250F)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapFillState) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033C6D)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033860)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapMiddleInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033B16)
[Address] EAT @explorer.exe (GdipGetAdjustableArrowCapWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740339BB)
[Address] EAT @explorer.exe (GdipGetAllPropertyItems) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034A7C)
[Address] EAT @explorer.exe (GdipGetBrushType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D9BE)
[Address] EAT @explorer.exe (GdipGetCellAscent) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740434BD)
[Address] EAT @explorer.exe (GdipGetCellDescent) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404355D)
[Address] EAT @explorer.exe (GdipGetClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040495)
[Address] EAT @explorer.exe (GdipGetClipBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404058D)
[Address] EAT @explorer.exe (GdipGetClipBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040640)
[Address] EAT @explorer.exe (GdipGetCompositingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740388B8)
[Address] EAT @explorer.exe (GdipGetCompositingQuality) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038A08)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403344E)
[Address] EAT @explorer.exe (GdipGetCustomLineCapBaseInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740335A5)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeCaps) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033172)
[Address] EAT @explorer.exe (GdipGetCustomLineCapStrokeJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740332EE)
[Address] EAT @explorer.exe (GdipGetCustomLineCapType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032F7B)
[Address] EAT @explorer.exe (GdipGetCustomLineCapWidthScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740336FC)
[Address] EAT @explorer.exe (GdipGetDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043144)
[Address] EAT @explorer.exe (GdipGetDpiX) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039BAC)
[Address] EAT @explorer.exe (GdipGetDpiY) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039C5D)
[Address] EAT @explorer.exe (GdipGetEffectParameterSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036F97)
[Address] EAT @explorer.exe (GdipGetEffectParameters) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036FFC)
[Address] EAT @explorer.exe (GdipGetEmHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404341D)
[Address] EAT @explorer.exe (GdipGetEncoderParameterList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403410E)
[Address] EAT @explorer.exe (GdipGetEncoderParameterListSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403406D)
[Address] EAT @explorer.exe (GdipGetFamily) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042A84)
[Address] EAT @explorer.exe (GdipGetFamilyName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DE5A)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043B98)
[Address] EAT @explorer.exe (GdipGetFontCollectionFamilyList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043C34)
[Address] EAT @explorer.exe (GdipGetFontHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042E62)
[Address] EAT @explorer.exe (GdipGetFontHeightGivenDPI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042F6A)
[Address] EAT @explorer.exe (GdipGetFontSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042D26)
[Address] EAT @explorer.exe (GdipGetFontStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404424D)
[Address] EAT @explorer.exe (GdipGetFontUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042DC4)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilyMonospace) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404271A)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySansSerif) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042628)
[Address] EAT @explorer.exe (GdipGetGenericFontFamilySerif) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740426A1)
[Address] EAT @explorer.exe (GdipGetHatchBackgroundColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DBDD)
[Address] EAT @explorer.exe (GdipGetHatchForegroundColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DB27)
[Address] EAT @explorer.exe (GdipGetHatchStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DA71)
[Address] EAT @explorer.exe (GdipGetHemfFromMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404136D)
[Address] EAT @explorer.exe (GdipGetImageAttributesAdjustedPalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740381E2)
[Address] EAT @explorer.exe (GdipGetImageBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034F3C)
[Address] EAT @explorer.exe (GdipGetImageDecoders) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740420B5)
[Address] EAT @explorer.exe (GdipGetImageDecodersSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404202C)
[Address] EAT @explorer.exe (GdipGetImageDimension) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035011)
[Address] EAT @explorer.exe (GdipGetImageEncoders) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740422E9)
[Address] EAT @explorer.exe (GdipGetImageEncodersSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042260)
[Address] EAT @explorer.exe (GdipGetImageFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035422)
[Address] EAT @explorer.exe (GdipGetImageGraphicsContext) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034E65)
[Address] EAT @explorer.exe (GdipGetImageHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740351A3)
[Address] EAT @explorer.exe (GdipGetImageHorizontalResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035278)
[Address] EAT @explorer.exe (GdipGetImageItemData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035BCF)
[Address] EAT @explorer.exe (GdipGetImagePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740356A5)
[Address] EAT @explorer.exe (GdipGetImagePaletteSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403582D)
[Address] EAT @explorer.exe (GdipGetImagePixelFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740355D0)
[Address] EAT @explorer.exe (GdipGetImageRawFormat) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740354F7)
[Address] EAT @explorer.exe (GdipGetImageThumbnail) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740359AC)
[Address] EAT @explorer.exe (GdipGetImageType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740358FC)
[Address] EAT @explorer.exe (GdipGetImageVerticalResolution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403534D)
[Address] EAT @explorer.exe (GdipGetImageWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740350CE)
[Address] EAT @explorer.exe (GdipGetInterpolationMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403915E)
[Address] EAT @explorer.exe (GdipGetLineBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EA2F)
[Address] EAT @explorer.exe (GdipGetLineBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E979)
[Address] EAT @explorer.exe (GdipGetLineColors) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E802)
[Address] EAT @explorer.exe (GdipGetLineGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740257E2)
[Address] EAT @explorer.exe (GdipGetLinePresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EBBD)
[Address] EAT @explorer.exe (GdipGetLinePresetBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EB03)
[Address] EAT @explorer.exe (GdipGetLineRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FBC2)
[Address] EAT @explorer.exe (GdipGetLineRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E8C1)
[Address] EAT @explorer.exe (GdipGetLineSpacing) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740435FD)
[Address] EAT @explorer.exe (GdipGetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetLineWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetLogFontA) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042B22)
[Address] EAT @explorer.exe (GdipGetLogFontW) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042C24)
[Address] EAT @explorer.exe (GdipGetMatrixElements) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B647)
[Address] EAT @explorer.exe (GdipGetMetafileDownLevelRasterizationLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041F14)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromEmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740411A2)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041205)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740412C9)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041266)
[Address] EAT @explorer.exe (GdipGetMetafileHeaderFromWmf) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041138)
[Address] EAT @explorer.exe (GdipGetNearestColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039FE3)
[Address] EAT @explorer.exe (GdipGetPageScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039A56)
[Address] EAT @explorer.exe (GdipGetPageUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740398E7)
[Address] EAT @explorer.exe (GdipGetPathData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026C6D)
[Address] EAT @explorer.exe (GdipGetPathFillMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026B13)
[Address] EAT @explorer.exe (GdipGetPathGradientBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FDC7)
[Address] EAT @explorer.exe (GdipGetPathGradientBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E979)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F346)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F7DF)
[Address] EAT @explorer.exe (GdipGetPathGradientCenterPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F899)
[Address] EAT @explorer.exe (GdipGetPathGradientFocusScales) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403070D)
[Address] EAT @explorer.exe (GdipGetPathGradientGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FD14)
[Address] EAT @explorer.exe (GdipGetPathGradientPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F79C)
[Address] EAT @explorer.exe (GdipGetPathGradientPointCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FA55)
Re: prosím o pomoc s nežiadúcou reklamou.
RK log časť 3:
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FF6F)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EB03)
[Address] EAT @explorer.exe (GdipGetPathGradientRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FBC2)
[Address] EAT @explorer.exe (GdipGetPathGradientRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E8C1)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FB08)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorsWithCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F4B2)
[Address] EAT @explorer.exe (GdipGetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetPathGradientWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetPathLastPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740270E3)
[Address] EAT @explorer.exe (GdipGetPathPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740268C3)
[Address] EAT @explorer.exe (GdipGetPathPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740269CF)
[Address] EAT @explorer.exe (GdipGetPathTypes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740267BA)
[Address] EAT @explorer.exe (GdipGetPathWorldBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029278)
[Address] EAT @explorer.exe (GdipGetPathWorldBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029444)
[Address] EAT @explorer.exe (GdipGetPenBrushFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403242B)
[Address] EAT @explorer.exe (GdipGetPenColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032260)
[Address] EAT @explorer.exe (GdipGetPenCompoundArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032BDA)
[Address] EAT @explorer.exe (GdipGetPenCompoundCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032A70)
[Address] EAT @explorer.exe (GdipGetPenCustomEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403181F)
[Address] EAT @explorer.exe (GdipGetPenCustomStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031660)
[Address] EAT @explorer.exe (GdipGetPenDashArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740329B6)
[Address] EAT @explorer.exe (GdipGetPenDashCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031353)
[Address] EAT @explorer.exe (GdipGetPenDashCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403284C)
[Address] EAT @explorer.exe (GdipGetPenDashOffset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740326FE)
[Address] EAT @explorer.exe (GdipGetPenDashStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740325AD)
[Address] EAT @explorer.exe (GdipGetPenEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740312A3)
[Address] EAT @explorer.exe (GdipGetPenFillType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740324F0)
[Address] EAT @explorer.exe (GdipGetPenLineJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740314A8)
[Address] EAT @explorer.exe (GdipGetPenMiterLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403197B)
[Address] EAT @explorer.exe (GdipGetPenMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031ACE)
[Address] EAT @explorer.exe (GdipGetPenStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740311F3)
[Address] EAT @explorer.exe (GdipGetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031C84)
[Address] EAT @explorer.exe (GdipGetPenUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030EB9)
[Address] EAT @explorer.exe (GdipGetPenWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030D4A)
[Address] EAT @explorer.exe (GdipGetPixelOffsetMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038D07)
[Address] EAT @explorer.exe (GdipGetPointCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026707)
[Address] EAT @explorer.exe (GdipGetPropertyCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034766)
[Address] EAT @explorer.exe (GdipGetPropertyIdList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034801)
[Address] EAT @explorer.exe (GdipGetPropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403493D)
[Address] EAT @explorer.exe (GdipGetPropertyItemSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403489F)
[Address] EAT @explorer.exe (GdipGetPropertySize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740349DE)
[Address] EAT @explorer.exe (GdipGetRegionBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C71D)
[Address] EAT @explorer.exe (GdipGetRegionBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C83F)
[Address] EAT @explorer.exe (GdipGetRegionData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D02B)
[Address] EAT @explorer.exe (GdipGetRegionDataSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CF52)
[Address] EAT @explorer.exe (GdipGetRegionHRgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C9BA)
[Address] EAT @explorer.exe (GdipGetRegionScans) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D5F5)
[Address] EAT @explorer.exe (GdipGetRegionScansCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D4CD)
[Address] EAT @explorer.exe (GdipGetRegionScansI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D71E)
[Address] EAT @explorer.exe (GdipGetRenderingOrigin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038746)
[Address] EAT @explorer.exe (GdipGetSmoothingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038B78)
[Address] EAT @explorer.exe (GdipGetSolidFillColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E154)
[Address] EAT @explorer.exe (GdipGetStringFormatAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404424D)
[Address] EAT @explorer.exe (GdipGetStringFormatDigitSubstitution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044878)
[Address] EAT @explorer.exe (GdipGetStringFormatFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042A84)
[Address] EAT @explorer.exe (GdipGetStringFormatHotkeyPrefix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044432)
[Address] EAT @explorer.exe (GdipGetStringFormatLineAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042DC4)
[Address] EAT @explorer.exe (GdipGetStringFormatMeasurableCharacterRangeCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740446CD)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStopCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044580)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStops) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044622)
[Address] EAT @explorer.exe (GdipGetStringFormatTrimming) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740449A8)
[Address] EAT @explorer.exe (GdipGetTextContrast) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038F18)
[Address] EAT @explorer.exe (GdipGetTextRenderingHint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038FC9)
[Address] EAT @explorer.exe (GdipGetTextureImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DF7E)
[Address] EAT @explorer.exe (GdipGetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetTextureWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetVisibleClipBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040800)
[Address] EAT @explorer.exe (GdipGetVisibleClipBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740408B3)
[Address] EAT @explorer.exe (GdipGetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403974B)
[Address] EAT @explorer.exe (GdipGraphicsClear) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C0D6)
[Address] EAT @explorer.exe (GdipGraphicsSetAbort) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037559)
[Address] EAT @explorer.exe (GdipImageForceValidation) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035C75)
[Address] EAT @explorer.exe (GdipImageGetFrameCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403457E)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403444B)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740344E3)
[Address] EAT @explorer.exe (GdipImageRotateFlip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740346CE)
[Address] EAT @explorer.exe (GdipImageSelectActiveFrame) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034619)
[Address] EAT @explorer.exe (GdipImageSetAbort) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740374B3)
[Address] EAT @explorer.exe (GdipInitializePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037155)
[Address] EAT @explorer.exe (GdipInvertMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B0BD)
[Address] EAT @explorer.exe (GdipIsClipEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404074B)
[Address] EAT @explorer.exe (GdipIsEmptyRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CAFE)
[Address] EAT @explorer.exe (GdipIsEqualRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CD8E)
[Address] EAT @explorer.exe (GdipIsInfiniteRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CC46)
[Address] EAT @explorer.exe (GdipIsMatrixEqual) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B862)
[Address] EAT @explorer.exe (GdipIsMatrixIdentity) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B7AF)
[Address] EAT @explorer.exe (GdipIsMatrixInvertible) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B6FA)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740297F6)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029A1E)
[Address] EAT @explorer.exe (GdipIsStyleAvailable) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404337E)
[Address] EAT @explorer.exe (GdipIsVisibleClipEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740409BE)
[Address] EAT @explorer.exe (GdipIsVisiblePathPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029610)
[Address] EAT @explorer.exe (GdipIsVisiblePathPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029797)
[Address] EAT @explorer.exe (GdipIsVisiblePoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040A73)
[Address] EAT @explorer.exe (GdipIsVisiblePointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040B38)
[Address] EAT @explorer.exe (GdipIsVisibleRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040B94)
[Address] EAT @explorer.exe (GdipIsVisibleRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040C68)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D11E)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D289)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D2E8)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D45F)
[Address] EAT @explorer.exe (GdipLoadImageFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033DF4)
[Address] EAT @explorer.exe (GdipLoadImageFromFileICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033F9A)
[Address] EAT @explorer.exe (GdipLoadImageFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033D21)
[Address] EAT @explorer.exe (GdipLoadImageFromStreamICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033EC7)
[Address] EAT @explorer.exe (GdipMeasureCharacterRanges) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D85F)
[Address] EAT @explorer.exe (GdipMeasureDriverString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DC56)
[Address] EAT @explorer.exe (GdipMeasureString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D6C4)
[Address] EAT @explorer.exe (GdipMultiplyLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AC46)
[Address] EAT @explorer.exe (GdipMultiplyPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031E2A)
[Address] EAT @explorer.exe (GdipMultiplyTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403939D)
[Address] EAT @explorer.exe (GdipNewInstalledFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404399D)
[Address] EAT @explorer.exe (GdipNewPrivateFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043A20)
[Address] EAT @explorer.exe (GdipPathIterCopyData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A54F)
[Address] EAT @explorer.exe (GdipPathIterEnumerate) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A44A)
[Address] EAT @explorer.exe (GdipPathIterGetCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A0B3)
[Address] EAT @explorer.exe (GdipPathIterGetSubpathCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A170)
[Address] EAT @explorer.exe (GdipPathIterHasCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A2EA)
[Address] EAT @explorer.exe (GdipPathIterIsValid) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A22D)
[Address] EAT @explorer.exe (GdipPathIterNextMarker) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029EF4)
[Address] EAT @explorer.exe (GdipPathIterNextMarkerPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029FF3)
[Address] EAT @explorer.exe (GdipPathIterNextPathType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029DD6)
[Address] EAT @explorer.exe (GdipPathIterNextSubpath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029BD3)
[Address] EAT @explorer.exe (GdipPathIterNextSubpathPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029CF1)
[Address] EAT @explorer.exe (GdipPathIterRewind) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A39B)
[Address] EAT @explorer.exe (GdipPlayMetafileRecord) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FC3F)
[Address] EAT @explorer.exe (GdipPlayTSClientRecord) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740451A0)
[Address] EAT @explorer.exe (GdipPrivateAddFontFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043CE9)
[Address] EAT @explorer.exe (GdipPrivateAddMemoryFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043D87)
[Address] EAT @explorer.exe (GdipRecordMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041861)
[Address] EAT @explorer.exe (GdipRecordMetafileFileName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041A36)
[Address] EAT @explorer.exe (GdipRecordMetafileFileNameI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041B6E)
[Address] EAT @explorer.exe (GdipRecordMetafileI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041980)
[Address] EAT @explorer.exe (GdipRecordMetafileStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041C27)
[Address] EAT @explorer.exe (GdipRecordMetafileStreamI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041D5F)
[Address] EAT @explorer.exe (GdipReleaseDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404320B)
[Address] EAT @explorer.exe (GdipRemovePropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034B1D)
[Address] EAT @explorer.exe (GdipResetClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740402F1)
[Address] EAT @explorer.exe (GdipResetImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403799E)
[Address] EAT @explorer.exe (GdipResetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetPageTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039841)
[Address] EAT @explorer.exe (GdipResetPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026664)
[Address] EAT @explorer.exe (GdipResetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031D8A)
[Address] EAT @explorer.exe (GdipResetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740392FF)
[Address] EAT @explorer.exe (GdipRestoreGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040D88)
[Address] EAT @explorer.exe (GdipReversePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027040)
[Address] EAT @explorer.exe (GdipRotateLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AF25)
[Address] EAT @explorer.exe (GdipRotatePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotatePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740320EC)
[Address] EAT @explorer.exe (GdipRotateTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotateWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039683)
[Address] EAT @explorer.exe (GdipSaveAdd) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034306)
[Address] EAT @explorer.exe (GdipSaveAddImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740343A4)
[Address] EAT @explorer.exe (GdipSaveGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040CD3)
[Address] EAT @explorer.exe (GdipSaveImageToFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403425C)
[Address] EAT @explorer.exe (GdipSaveImageToStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740341B2)
[Address] EAT @explorer.exe (GdipScaleLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScaleMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AE53)
[Address] EAT @explorer.exe (GdipScalePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScalePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032016)
[Address] EAT @explorer.exe (GdipScaleTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScaleWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740395AF)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapFillState) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033BCA)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740337B9)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapMiddleInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033A6F)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033914)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FF6F)
[Address] EAT @explorer.exe (GdipGetPathGradientPresetBlendCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EB03)
[Address] EAT @explorer.exe (GdipGetPathGradientRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FBC2)
[Address] EAT @explorer.exe (GdipGetPathGradientRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E8C1)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FB08)
[Address] EAT @explorer.exe (GdipGetPathGradientSurroundColorsWithCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F4B2)
[Address] EAT @explorer.exe (GdipGetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetPathGradientWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetPathLastPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740270E3)
[Address] EAT @explorer.exe (GdipGetPathPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740268C3)
[Address] EAT @explorer.exe (GdipGetPathPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740269CF)
[Address] EAT @explorer.exe (GdipGetPathTypes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740267BA)
[Address] EAT @explorer.exe (GdipGetPathWorldBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029278)
[Address] EAT @explorer.exe (GdipGetPathWorldBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029444)
[Address] EAT @explorer.exe (GdipGetPenBrushFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403242B)
[Address] EAT @explorer.exe (GdipGetPenColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032260)
[Address] EAT @explorer.exe (GdipGetPenCompoundArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032BDA)
[Address] EAT @explorer.exe (GdipGetPenCompoundCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032A70)
[Address] EAT @explorer.exe (GdipGetPenCustomEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403181F)
[Address] EAT @explorer.exe (GdipGetPenCustomStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031660)
[Address] EAT @explorer.exe (GdipGetPenDashArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740329B6)
[Address] EAT @explorer.exe (GdipGetPenDashCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031353)
[Address] EAT @explorer.exe (GdipGetPenDashCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403284C)
[Address] EAT @explorer.exe (GdipGetPenDashOffset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740326FE)
[Address] EAT @explorer.exe (GdipGetPenDashStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740325AD)
[Address] EAT @explorer.exe (GdipGetPenEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740312A3)
[Address] EAT @explorer.exe (GdipGetPenFillType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740324F0)
[Address] EAT @explorer.exe (GdipGetPenLineJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740314A8)
[Address] EAT @explorer.exe (GdipGetPenMiterLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403197B)
[Address] EAT @explorer.exe (GdipGetPenMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031ACE)
[Address] EAT @explorer.exe (GdipGetPenStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740311F3)
[Address] EAT @explorer.exe (GdipGetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031C84)
[Address] EAT @explorer.exe (GdipGetPenUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030EB9)
[Address] EAT @explorer.exe (GdipGetPenWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030D4A)
[Address] EAT @explorer.exe (GdipGetPixelOffsetMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038D07)
[Address] EAT @explorer.exe (GdipGetPointCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026707)
[Address] EAT @explorer.exe (GdipGetPropertyCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034766)
[Address] EAT @explorer.exe (GdipGetPropertyIdList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034801)
[Address] EAT @explorer.exe (GdipGetPropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403493D)
[Address] EAT @explorer.exe (GdipGetPropertyItemSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403489F)
[Address] EAT @explorer.exe (GdipGetPropertySize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740349DE)
[Address] EAT @explorer.exe (GdipGetRegionBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C71D)
[Address] EAT @explorer.exe (GdipGetRegionBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C83F)
[Address] EAT @explorer.exe (GdipGetRegionData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D02B)
[Address] EAT @explorer.exe (GdipGetRegionDataSize) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CF52)
[Address] EAT @explorer.exe (GdipGetRegionHRgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C9BA)
[Address] EAT @explorer.exe (GdipGetRegionScans) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D5F5)
[Address] EAT @explorer.exe (GdipGetRegionScansCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D4CD)
[Address] EAT @explorer.exe (GdipGetRegionScansI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D71E)
[Address] EAT @explorer.exe (GdipGetRenderingOrigin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038746)
[Address] EAT @explorer.exe (GdipGetSmoothingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038B78)
[Address] EAT @explorer.exe (GdipGetSolidFillColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E154)
[Address] EAT @explorer.exe (GdipGetStringFormatAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404424D)
[Address] EAT @explorer.exe (GdipGetStringFormatDigitSubstitution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044878)
[Address] EAT @explorer.exe (GdipGetStringFormatFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042A84)
[Address] EAT @explorer.exe (GdipGetStringFormatHotkeyPrefix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044432)
[Address] EAT @explorer.exe (GdipGetStringFormatLineAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74042DC4)
[Address] EAT @explorer.exe (GdipGetStringFormatMeasurableCharacterRangeCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740446CD)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStopCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044580)
[Address] EAT @explorer.exe (GdipGetStringFormatTabStops) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044622)
[Address] EAT @explorer.exe (GdipGetStringFormatTrimming) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740449A8)
[Address] EAT @explorer.exe (GdipGetTextContrast) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038F18)
[Address] EAT @explorer.exe (GdipGetTextRenderingHint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038FC9)
[Address] EAT @explorer.exe (GdipGetTextureImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DF7E)
[Address] EAT @explorer.exe (GdipGetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DD9C)
[Address] EAT @explorer.exe (GdipGetTextureWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030410)
[Address] EAT @explorer.exe (GdipGetVisibleClipBounds) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040800)
[Address] EAT @explorer.exe (GdipGetVisibleClipBoundsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740408B3)
[Address] EAT @explorer.exe (GdipGetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403974B)
[Address] EAT @explorer.exe (GdipGraphicsClear) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403C0D6)
[Address] EAT @explorer.exe (GdipGraphicsSetAbort) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037559)
[Address] EAT @explorer.exe (GdipImageForceValidation) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74035C75)
[Address] EAT @explorer.exe (GdipImageGetFrameCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403457E)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403444B)
[Address] EAT @explorer.exe (GdipImageGetFrameDimensionsList) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740344E3)
[Address] EAT @explorer.exe (GdipImageRotateFlip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740346CE)
[Address] EAT @explorer.exe (GdipImageSelectActiveFrame) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034619)
[Address] EAT @explorer.exe (GdipImageSetAbort) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740374B3)
[Address] EAT @explorer.exe (GdipInitializePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037155)
[Address] EAT @explorer.exe (GdipInvertMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B0BD)
[Address] EAT @explorer.exe (GdipIsClipEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404074B)
[Address] EAT @explorer.exe (GdipIsEmptyRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CAFE)
[Address] EAT @explorer.exe (GdipIsEqualRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CD8E)
[Address] EAT @explorer.exe (GdipIsInfiniteRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402CC46)
[Address] EAT @explorer.exe (GdipIsMatrixEqual) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B862)
[Address] EAT @explorer.exe (GdipIsMatrixIdentity) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B7AF)
[Address] EAT @explorer.exe (GdipIsMatrixInvertible) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B6FA)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740297F6)
[Address] EAT @explorer.exe (GdipIsOutlineVisiblePathPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029A1E)
[Address] EAT @explorer.exe (GdipIsStyleAvailable) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404337E)
[Address] EAT @explorer.exe (GdipIsVisibleClipEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740409BE)
[Address] EAT @explorer.exe (GdipIsVisiblePathPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029610)
[Address] EAT @explorer.exe (GdipIsVisiblePathPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029797)
[Address] EAT @explorer.exe (GdipIsVisiblePoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040A73)
[Address] EAT @explorer.exe (GdipIsVisiblePointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040B38)
[Address] EAT @explorer.exe (GdipIsVisibleRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040B94)
[Address] EAT @explorer.exe (GdipIsVisibleRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040C68)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D11E)
[Address] EAT @explorer.exe (GdipIsVisibleRegionPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D289)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D2E8)
[Address] EAT @explorer.exe (GdipIsVisibleRegionRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402D45F)
[Address] EAT @explorer.exe (GdipLoadImageFromFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033DF4)
[Address] EAT @explorer.exe (GdipLoadImageFromFileICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033F9A)
[Address] EAT @explorer.exe (GdipLoadImageFromStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033D21)
[Address] EAT @explorer.exe (GdipLoadImageFromStreamICM) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033EC7)
[Address] EAT @explorer.exe (GdipMeasureCharacterRanges) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D85F)
[Address] EAT @explorer.exe (GdipMeasureDriverString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403DC56)
[Address] EAT @explorer.exe (GdipMeasureString) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403D6C4)
[Address] EAT @explorer.exe (GdipMultiplyLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AC46)
[Address] EAT @explorer.exe (GdipMultiplyPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031E2A)
[Address] EAT @explorer.exe (GdipMultiplyTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F22D)
[Address] EAT @explorer.exe (GdipMultiplyWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403939D)
[Address] EAT @explorer.exe (GdipNewInstalledFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404399D)
[Address] EAT @explorer.exe (GdipNewPrivateFontCollection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043A20)
[Address] EAT @explorer.exe (GdipPathIterCopyData) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A54F)
[Address] EAT @explorer.exe (GdipPathIterEnumerate) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A44A)
[Address] EAT @explorer.exe (GdipPathIterGetCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A0B3)
[Address] EAT @explorer.exe (GdipPathIterGetSubpathCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A170)
[Address] EAT @explorer.exe (GdipPathIterHasCurve) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A2EA)
[Address] EAT @explorer.exe (GdipPathIterIsValid) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A22D)
[Address] EAT @explorer.exe (GdipPathIterNextMarker) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029EF4)
[Address] EAT @explorer.exe (GdipPathIterNextMarkerPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029FF3)
[Address] EAT @explorer.exe (GdipPathIterNextPathType) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029DD6)
[Address] EAT @explorer.exe (GdipPathIterNextSubpath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029BD3)
[Address] EAT @explorer.exe (GdipPathIterNextSubpathPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029CF1)
[Address] EAT @explorer.exe (GdipPathIterRewind) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402A39B)
[Address] EAT @explorer.exe (GdipPlayMetafileRecord) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FC3F)
[Address] EAT @explorer.exe (GdipPlayTSClientRecord) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740451A0)
[Address] EAT @explorer.exe (GdipPrivateAddFontFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043CE9)
[Address] EAT @explorer.exe (GdipPrivateAddMemoryFont) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043D87)
[Address] EAT @explorer.exe (GdipRecordMetafile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041861)
[Address] EAT @explorer.exe (GdipRecordMetafileFileName) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041A36)
[Address] EAT @explorer.exe (GdipRecordMetafileFileNameI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041B6E)
[Address] EAT @explorer.exe (GdipRecordMetafileI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041980)
[Address] EAT @explorer.exe (GdipRecordMetafileStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041C27)
[Address] EAT @explorer.exe (GdipRecordMetafileStreamI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041D5F)
[Address] EAT @explorer.exe (GdipReleaseDC) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404320B)
[Address] EAT @explorer.exe (GdipRemovePropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034B1D)
[Address] EAT @explorer.exe (GdipResetClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740402F1)
[Address] EAT @explorer.exe (GdipResetImageAttributes) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403799E)
[Address] EAT @explorer.exe (GdipResetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetPageTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039841)
[Address] EAT @explorer.exe (GdipResetPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026664)
[Address] EAT @explorer.exe (GdipResetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031D8A)
[Address] EAT @explorer.exe (GdipResetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F18A)
[Address] EAT @explorer.exe (GdipResetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740392FF)
[Address] EAT @explorer.exe (GdipRestoreGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040D88)
[Address] EAT @explorer.exe (GdipReversePath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74027040)
[Address] EAT @explorer.exe (GdipRotateLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AF25)
[Address] EAT @explorer.exe (GdipRotatePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotatePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740320EC)
[Address] EAT @explorer.exe (GdipRotateTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030640)
[Address] EAT @explorer.exe (GdipRotateWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039683)
[Address] EAT @explorer.exe (GdipSaveAdd) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034306)
[Address] EAT @explorer.exe (GdipSaveAddImage) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740343A4)
[Address] EAT @explorer.exe (GdipSaveGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040CD3)
[Address] EAT @explorer.exe (GdipSaveImageToFile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403425C)
[Address] EAT @explorer.exe (GdipSaveImageToStream) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740341B2)
[Address] EAT @explorer.exe (GdipScaleLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScaleMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AE53)
[Address] EAT @explorer.exe (GdipScalePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScalePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032016)
[Address] EAT @explorer.exe (GdipScaleTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030567)
[Address] EAT @explorer.exe (GdipScaleWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740395AF)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapFillState) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033BCA)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapHeight) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740337B9)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapMiddleInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033A6F)
[Address] EAT @explorer.exe (GdipSetAdjustableArrowCapWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033914)
Re: prosím o pomoc s nežiadúcou reklamou.
RK log časť 4:
[Address] EAT @explorer.exe (GdipSetClipGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FD2D)
[Address] EAT @explorer.exe (GdipSetClipHrgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040204)
[Address] EAT @explorer.exe (GdipSetClipPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FFA3)
[Address] EAT @explorer.exe (GdipSetClipRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FE59)
[Address] EAT @explorer.exe (GdipSetClipRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FF38)
[Address] EAT @explorer.exe (GdipSetClipRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740400D6)
[Address] EAT @explorer.exe (GdipSetCompositingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038819)
[Address] EAT @explorer.exe (GdipSetCompositingQuality) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038969)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740333AB)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403350B)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeCaps) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740330CC)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033254)
[Address] EAT @explorer.exe (GdipSetCustomLineCapWidthScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033662)
[Address] EAT @explorer.exe (GdipSetEffectParameters) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036F2E)
[Address] EAT @explorer.exe (GdipSetEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C0E7)
[Address] EAT @explorer.exe (GdipSetImageAttributesCachedBackground) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038096)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorKeys) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037D72)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037A5B)
[Address] EAT @explorer.exe (GdipSetImageAttributesGamma) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037BEB)
[Address] EAT @explorer.exe (GdipSetImageAttributesNoOp) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037CB2)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037E4A)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannelColorProfile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037F0D)
[Address] EAT @explorer.exe (GdipSetImageAttributesRemapTable) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037FD0)
[Address] EAT @explorer.exe (GdipSetImageAttributesThreshold) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037B24)
[Address] EAT @explorer.exe (GdipSetImageAttributesToIdentity) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740378E1)
[Address] EAT @explorer.exe (GdipSetImageAttributesWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038139)
[Address] EAT @explorer.exe (GdipSetImagePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403575F)
[Address] EAT @explorer.exe (GdipSetInfinite) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C049)
[Address] EAT @explorer.exe (GdipSetInterpolationMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403907A)
[Address] EAT @explorer.exe (GdipSetLineBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FE9B)
[Address] EAT @explorer.exe (GdipSetLineColors) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E74D)
[Address] EAT @explorer.exe (GdipSetLineGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74025789)
[Address] EAT @explorer.exe (GdipSetLineLinearBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F026)
[Address] EAT @explorer.exe (GdipSetLinePresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EDD2)
[Address] EAT @explorer.exe (GdipSetLineSigmaBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403035E)
[Address] EAT @explorer.exe (GdipSetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetLineWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F0D8)
[Address] EAT @explorer.exe (GdipSetMatrixElements) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AB82)
[Address] EAT @explorer.exe (GdipSetMetafileDownLevelRasterizationLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041E18)
[Address] EAT @explorer.exe (GdipSetPageScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039B07)
[Address] EAT @explorer.exe (GdipSetPageUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039998)
[Address] EAT @explorer.exe (GdipSetPathFillMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026BC9)
[Address] EAT @explorer.exe (GdipSetPathGradientBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FE9B)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F40E)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F92D)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F9E7)
[Address] EAT @explorer.exe (GdipSetPathGradientFocusScales) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740307F2)
[Address] EAT @explorer.exe (GdipSetPathGradientGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FC77)
[Address] EAT @explorer.exe (GdipSetPathGradientLinearBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F026)
[Address] EAT @explorer.exe (GdipSetPathGradientPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F79C)
[Address] EAT @explorer.exe (GdipSetPathGradientPresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403011B)
[Address] EAT @explorer.exe (GdipSetPathGradientSigmaBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403035E)
[Address] EAT @explorer.exe (GdipSetPathGradientSurroundColorsWithCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F5E0)
[Address] EAT @explorer.exe (GdipSetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetPathGradientWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740304C3)
[Address] EAT @explorer.exe (GdipSetPathMarker) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026EFA)
[Address] EAT @explorer.exe (GdipSetPenBrushFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032320)
[Address] EAT @explorer.exe (GdipSetPenColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740321B6)
[Address] EAT @explorer.exe (GdipSetPenCompoundArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032B20)
[Address] EAT @explorer.exe (GdipSetPenCustomEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031717)
[Address] EAT @explorer.exe (GdipSetPenCustomStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031558)
[Address] EAT @explorer.exe (GdipSetPenDashArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740328FC)
[Address] EAT @explorer.exe (GdipSetPenDashCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031152)
[Address] EAT @explorer.exe (GdipSetPenDashOffset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740327AE)
[Address] EAT @explorer.exe (GdipSetPenDashStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403265D)
[Address] EAT @explorer.exe (GdipSetPenEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740310B1)
[Address] EAT @explorer.exe (GdipSetPenLineCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030F69)
[Address] EAT @explorer.exe (GdipSetPenLineJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403140A)
[Address] EAT @explorer.exe (GdipSetPenMiterLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740318D6)
[Address] EAT @explorer.exe (GdipSetPenMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031A2B)
[Address] EAT @explorer.exe (GdipSetPenStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031010)
[Address] EAT @explorer.exe (GdipSetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031B7E)
[Address] EAT @explorer.exe (GdipSetPenUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030DFA)
[Address] EAT @explorer.exe (GdipSetPenWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030CAC)
[Address] EAT @explorer.exe (GdipSetPixelOffsetMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038C4E)
[Address] EAT @explorer.exe (GdipSetPropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034BB8)
[Address] EAT @explorer.exe (GdipSetRenderingOrigin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740386A4)
[Address] EAT @explorer.exe (GdipSetSmoothingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038AB9)
[Address] EAT @explorer.exe (GdipSetSolidFillColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E0B1)
[Address] EAT @explorer.exe (GdipSetStringFormatAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740441A7)
[Address] EAT @explorer.exe (GdipSetStringFormatDigitSubstitution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740447E7)
[Address] EAT @explorer.exe (GdipSetStringFormatFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404411B)
[Address] EAT @explorer.exe (GdipSetStringFormatHotkeyPrefix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044391)
[Address] EAT @explorer.exe (GdipSetStringFormatLineAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740442EB)
[Address] EAT @explorer.exe (GdipSetStringFormatMeasurableCharacterRanges) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404474F)
[Address] EAT @explorer.exe (GdipSetStringFormatTabStops) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740444D4)
[Address] EAT @explorer.exe (GdipSetStringFormatTrimming) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044909)
[Address] EAT @explorer.exe (GdipSetTextContrast) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038E77)
[Address] EAT @explorer.exe (GdipSetTextRenderingHint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038DB8)
[Address] EAT @explorer.exe (GdipSetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetTextureWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740304C3)
[Address] EAT @explorer.exe (GdipSetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740391FB)
[Address] EAT @explorer.exe (GdipShearMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AFEB)
[Address] EAT @explorer.exe (GdipStartPathFigure) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026D13)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericDefault) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043EF8)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericTypographic) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043F7B)
[Address] EAT @explorer.exe (GdipTestControl) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044E0B)
[Address] EAT @explorer.exe (GdipTransformMatrixPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B15B)
[Address] EAT @explorer.exe (GdipTransformMatrixPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B214)
[Address] EAT @explorer.exe (GdipTransformPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029171)
[Address] EAT @explorer.exe (GdipTransformPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039D0E)
[Address] EAT @explorer.exe (GdipTransformPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039DCF)
[Address] EAT @explorer.exe (GdipTransformRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C617)
[Address] EAT @explorer.exe (GdipTranslateClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404038F)
[Address] EAT @explorer.exe (GdipTranslateClipI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404043C)
[Address] EAT @explorer.exe (GdipTranslateLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AD81)
[Address] EAT @explorer.exe (GdipTranslatePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslatePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031F40)
[Address] EAT @explorer.exe (GdipTranslateRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C537)
[Address] EAT @explorer.exe (GdipTranslateRegionI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C5BE)
[Address] EAT @explorer.exe (GdipTranslateTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslateWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740394DB)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B38A)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B443)
[Address] EAT @explorer.exe (GdipWarpPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029011)
[Address] EAT @explorer.exe (GdipWidenPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028E8E)
[Address] EAT @explorer.exe (GdipWindingModeOutline) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028D74)
[Address] EAT @explorer.exe (GdiplusNotificationHook) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026152)
[Address] EAT @explorer.exe (GdiplusNotificationUnhook) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740261CE)
[Address] EAT @explorer.exe (GdiplusShutdown) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740256E2)
[Address] EAT @explorer.exe (GdiplusStartup) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74025624)
¤¤¤ Vonkajšie Hives: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS723232L9A360 ATA Device +++++
--- User ---
[MBR] edd39e6b94e31d2b9733bd8161cc8cba
[BSP] 9c3bf6411b0836460ac1b7e8cb931224 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29362176 | Size: 100 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29566976 | Size: 290807 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[0]_S_05272014_103408.txt >>
[Address] EAT @explorer.exe (GdipSetClipGraphics) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FD2D)
[Address] EAT @explorer.exe (GdipSetClipHrgn) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74040204)
[Address] EAT @explorer.exe (GdipSetClipPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FFA3)
[Address] EAT @explorer.exe (GdipSetClipRect) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FE59)
[Address] EAT @explorer.exe (GdipSetClipRectI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403FF38)
[Address] EAT @explorer.exe (GdipSetClipRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740400D6)
[Address] EAT @explorer.exe (GdipSetCompositingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038819)
[Address] EAT @explorer.exe (GdipSetCompositingQuality) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038969)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740333AB)
[Address] EAT @explorer.exe (GdipSetCustomLineCapBaseInset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403350B)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeCaps) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740330CC)
[Address] EAT @explorer.exe (GdipSetCustomLineCapStrokeJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033254)
[Address] EAT @explorer.exe (GdipSetCustomLineCapWidthScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74033662)
[Address] EAT @explorer.exe (GdipSetEffectParameters) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74036F2E)
[Address] EAT @explorer.exe (GdipSetEmpty) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C0E7)
[Address] EAT @explorer.exe (GdipSetImageAttributesCachedBackground) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038096)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorKeys) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037D72)
[Address] EAT @explorer.exe (GdipSetImageAttributesColorMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037A5B)
[Address] EAT @explorer.exe (GdipSetImageAttributesGamma) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037BEB)
[Address] EAT @explorer.exe (GdipSetImageAttributesNoOp) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037CB2)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannel) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037E4A)
[Address] EAT @explorer.exe (GdipSetImageAttributesOutputChannelColorProfile) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037F0D)
[Address] EAT @explorer.exe (GdipSetImageAttributesRemapTable) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037FD0)
[Address] EAT @explorer.exe (GdipSetImageAttributesThreshold) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74037B24)
[Address] EAT @explorer.exe (GdipSetImageAttributesToIdentity) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740378E1)
[Address] EAT @explorer.exe (GdipSetImageAttributesWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038139)
[Address] EAT @explorer.exe (GdipSetImagePalette) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403575F)
[Address] EAT @explorer.exe (GdipSetInfinite) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C049)
[Address] EAT @explorer.exe (GdipSetInterpolationMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403907A)
[Address] EAT @explorer.exe (GdipSetLineBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FE9B)
[Address] EAT @explorer.exe (GdipSetLineColors) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E74D)
[Address] EAT @explorer.exe (GdipSetLineGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74025789)
[Address] EAT @explorer.exe (GdipSetLineLinearBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F026)
[Address] EAT @explorer.exe (GdipSetLinePresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402EDD2)
[Address] EAT @explorer.exe (GdipSetLineSigmaBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403035E)
[Address] EAT @explorer.exe (GdipSetLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetLineWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F0D8)
[Address] EAT @explorer.exe (GdipSetMatrixElements) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AB82)
[Address] EAT @explorer.exe (GdipSetMetafileDownLevelRasterizationLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74041E18)
[Address] EAT @explorer.exe (GdipSetPageScale) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039B07)
[Address] EAT @explorer.exe (GdipSetPageUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039998)
[Address] EAT @explorer.exe (GdipSetPathFillMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026BC9)
[Address] EAT @explorer.exe (GdipSetPathGradientBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FE9B)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F40E)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPoint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F92D)
[Address] EAT @explorer.exe (GdipSetPathGradientCenterPointI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F9E7)
[Address] EAT @explorer.exe (GdipSetPathGradientFocusScales) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740307F2)
[Address] EAT @explorer.exe (GdipSetPathGradientGammaCorrection) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402FC77)
[Address] EAT @explorer.exe (GdipSetPathGradientLinearBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F026)
[Address] EAT @explorer.exe (GdipSetPathGradientPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F79C)
[Address] EAT @explorer.exe (GdipSetPathGradientPresetBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403011B)
[Address] EAT @explorer.exe (GdipSetPathGradientSigmaBlend) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403035E)
[Address] EAT @explorer.exe (GdipSetPathGradientSurroundColorsWithCount) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402F5E0)
[Address] EAT @explorer.exe (GdipSetPathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetPathGradientWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740304C3)
[Address] EAT @explorer.exe (GdipSetPathMarker) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026EFA)
[Address] EAT @explorer.exe (GdipSetPenBrushFill) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032320)
[Address] EAT @explorer.exe (GdipSetPenColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740321B6)
[Address] EAT @explorer.exe (GdipSetPenCompoundArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74032B20)
[Address] EAT @explorer.exe (GdipSetPenCustomEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031717)
[Address] EAT @explorer.exe (GdipSetPenCustomStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031558)
[Address] EAT @explorer.exe (GdipSetPenDashArray) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740328FC)
[Address] EAT @explorer.exe (GdipSetPenDashCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031152)
[Address] EAT @explorer.exe (GdipSetPenDashOffset) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740327AE)
[Address] EAT @explorer.exe (GdipSetPenDashStyle) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403265D)
[Address] EAT @explorer.exe (GdipSetPenEndCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740310B1)
[Address] EAT @explorer.exe (GdipSetPenLineCap197819) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030F69)
[Address] EAT @explorer.exe (GdipSetPenLineJoin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7403140A)
[Address] EAT @explorer.exe (GdipSetPenMiterLimit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740318D6)
[Address] EAT @explorer.exe (GdipSetPenMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031A2B)
[Address] EAT @explorer.exe (GdipSetPenStartCap) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031010)
[Address] EAT @explorer.exe (GdipSetPenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031B7E)
[Address] EAT @explorer.exe (GdipSetPenUnit) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030DFA)
[Address] EAT @explorer.exe (GdipSetPenWidth) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74030CAC)
[Address] EAT @explorer.exe (GdipSetPixelOffsetMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038C4E)
[Address] EAT @explorer.exe (GdipSetPropertyItem) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74034BB8)
[Address] EAT @explorer.exe (GdipSetRenderingOrigin) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740386A4)
[Address] EAT @explorer.exe (GdipSetSmoothingMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038AB9)
[Address] EAT @explorer.exe (GdipSetSolidFillColor) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402E0B1)
[Address] EAT @explorer.exe (GdipSetStringFormatAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740441A7)
[Address] EAT @explorer.exe (GdipSetStringFormatDigitSubstitution) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740447E7)
[Address] EAT @explorer.exe (GdipSetStringFormatFlags) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404411B)
[Address] EAT @explorer.exe (GdipSetStringFormatHotkeyPrefix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044391)
[Address] EAT @explorer.exe (GdipSetStringFormatLineAlign) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740442EB)
[Address] EAT @explorer.exe (GdipSetStringFormatMeasurableCharacterRanges) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404474F)
[Address] EAT @explorer.exe (GdipSetStringFormatTabStops) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740444D4)
[Address] EAT @explorer.exe (GdipSetStringFormatTrimming) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044909)
[Address] EAT @explorer.exe (GdipSetTextContrast) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038E77)
[Address] EAT @explorer.exe (GdipSetTextRenderingHint) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74038DB8)
[Address] EAT @explorer.exe (GdipSetTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DC93)
[Address] EAT @explorer.exe (GdipSetTextureWrapMode) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740304C3)
[Address] EAT @explorer.exe (GdipSetWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740391FB)
[Address] EAT @explorer.exe (GdipShearMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AFEB)
[Address] EAT @explorer.exe (GdipStartPathFigure) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026D13)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericDefault) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043EF8)
[Address] EAT @explorer.exe (GdipStringFormatGetGenericTypographic) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74043F7B)
[Address] EAT @explorer.exe (GdipTestControl) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74044E0B)
[Address] EAT @explorer.exe (GdipTransformMatrixPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B15B)
[Address] EAT @explorer.exe (GdipTransformMatrixPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B214)
[Address] EAT @explorer.exe (GdipTransformPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029171)
[Address] EAT @explorer.exe (GdipTransformPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039D0E)
[Address] EAT @explorer.exe (GdipTransformPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74039DCF)
[Address] EAT @explorer.exe (GdipTransformRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C617)
[Address] EAT @explorer.exe (GdipTranslateClip) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404038F)
[Address] EAT @explorer.exe (GdipTranslateClipI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7404043C)
[Address] EAT @explorer.exe (GdipTranslateLineTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslateMatrix) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402AD81)
[Address] EAT @explorer.exe (GdipTranslatePathGradientTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslatePenTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74031F40)
[Address] EAT @explorer.exe (GdipTranslateRegion) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C537)
[Address] EAT @explorer.exe (GdipTranslateRegionI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402C5BE)
[Address] EAT @explorer.exe (GdipTranslateTextureTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402DEA5)
[Address] EAT @explorer.exe (GdipTranslateWorldTransform) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740394DB)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPoints) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B38A)
[Address] EAT @explorer.exe (GdipVectorTransformMatrixPointsI) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x7402B443)
[Address] EAT @explorer.exe (GdipWarpPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74029011)
[Address] EAT @explorer.exe (GdipWidenPath) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028E8E)
[Address] EAT @explorer.exe (GdipWindingModeOutline) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74028D74)
[Address] EAT @explorer.exe (GdiplusNotificationHook) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74026152)
[Address] EAT @explorer.exe (GdiplusNotificationUnhook) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740261CE)
[Address] EAT @explorer.exe (GdiplusShutdown) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x740256E2)
[Address] EAT @explorer.exe (GdiplusStartup) : taskschd.dll -> HOOKED (C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll @ 0x74025624)
¤¤¤ Vonkajšie Hives: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS723232L9A360 ATA Device +++++
--- User ---
[MBR] edd39e6b94e31d2b9733bd8161cc8cba
[BSP] 9c3bf6411b0836460ac1b7e8cb931224 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29362176 | Size: 100 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29566976 | Size: 290807 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[0]_S_05272014_103408.txt >>
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 119 hostů