Prosím o kontrolu logu (přibržděný pc)

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 25 bře 2014 14:18

Dobrý den, prosím o kontrolu logu z programu Hijackthis.
Poslední dva dny mi PC blbne - padají mi flashová videa (zásuvný modul Shockwave Flash - kontroloval jsem ho, je plně aktuální a aktualizovat nejde), nebo se hryzají - ať už je to stream české televize, videa na youtube a jiná flash videa... Celý komp je takový přibržděný, jak nebýval, nevím, co tomu je. Asi nějaký bug. Předem moc děkuji!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:48, on 25.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\DiVapton\bin\XTLSApp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Ask Toolbar BHO - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\8b8f2e4a-3705-4ae1-ab4d-d8cac8d00c1f.exe /check
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{46BC5F84-E392-48DD-B2BA-070C76E6E37C}: NameServer = 213.211.45.3,212.96.160.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Update DiVapton - Unknown owner - C:\Program Files\DiVapton\updateDiVapton.exe
O23 - Service: Util DiVapton - Unknown owner - C:\Program Files\DiVapton\bin\utilDiVapton.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7582 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod jaro3 » 25 bře 2014 17:12

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 10:42

Zde je log z Adwcleaneru:

# AdwCleaner v3.022 - Report created 27/03/2014 at 10:39:58
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\adwcleaner 2.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\ProgramData\apn
Folder Found C:\Users\User\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\User\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog

Update Checker
Folder Found C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog

Update Checker

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u7t26xbf.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2200 octets] - [27/03/2014 10:36:35]
AdwCleaner[R1].txt - [2018 octets] - [27/03/2014 10:39:58]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2078 octets] ##########

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 11:07

A tady je log z Malwarebytes. MOC DĚKUJI ZA TVOJI POMOC!


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.3.2014
Scan Time: 11:03:28
Logfile: malware log.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.27.02
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 218760
Time Elapsed: 11 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 4
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\updateDiVapton.exe, 2572, , [40fe82864a3146f081d5d87418e9fe02]
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\utilDiVapton.exe, 2636, , [26183bcd3942f046ea6c82caac555da3]
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\FilterApp_C.exe, 2404, , [221c4fb9d7a42016eb501e6339ca03fd]
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLSApp.exe, 3880, , [221c4fb9d7a42016eb501e6339ca03fd]

Modules: 1
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLS.dll, , [221c4fb9d7a42016eb501e6339ca03fd],

Registry Keys: 15
PUP.Optional.DiVapton.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update DiVapton, , [40fe82864a3146f081d5d87418e9fe02],
PUP.Optional.DiVapton.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util DiVapton, , [26183bcd3942f046ea6c82caac555da3],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [48f661a7611ab2840bbec2784bb71fe1],
PUP.Optional.Somoto.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, , [70ce6e9a186360d6ee4e51b1bb4628d8],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiVapton, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\DiVapton, , [42fc33d55c1fe6500e2f6819ec171fe1],
PUP.Optional.DiVapton.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DiVapton, , [c37b34d44d2ebc7a93a99be68e756c94],
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, , [62dc0305a0dbdc5a8a82ee91bd46ea16],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [da6411f70477f541d865e281de24867a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [fa44e02896e5270f0c77780108fbec14],
PUP.Optional.Somoto.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, , [44fa3ccce3981a1c0a30c3bbbd46c937],

Registry Values: 3
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, , [62dc0305a0dbdc5a8a82ee91bd46ea16]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, , [fa44e02896e5270f0c77780108fbec14]
PUP.Optional.Somoto.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, rarpasswordcrackerwqbh, , [44fa3ccce3981a1c0a30c3bbbd46c937]

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\TEMP, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.FilesFrog.A, C:\Users\User\AppData\Local\FilesFrog Update Checker, , [83bb38d0651642f4c4dbba93e81add23],
PUP.Optional.FilesFrog.A, C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, , [63dba56357243cfadec20944f30f13ed],

Files: 22
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\updateDiVapton.exe, , [40fe82864a3146f081d5d87418e9fe02],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\utilDiVapton.exe, , [26183bcd3942f046ea6c82caac555da3],
PUP.Optional.Softonic.A, C:\Users\User\Desktop\kmp.exe, , [56e8957392e9e25486ba90878a779769],
PUP.Optional.Somoto.A, C:\Users\User\AppData\Local\FilesFrog Update Checker\uninstall.exe, , [70ce6e9a186360d6ee4e51b1bb4628d8],
PUP.Optional.FilesFrog.A, C:\Users\User\AppData\Local\FilesFrog Update Checker\update_checker.exe, , [d86621e7c4b74aec1dec02218f712dd3],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\DiVapton.ico, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\DiVaptonUninstall.exe, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\updateDiVapton.InstallState, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\7za.exe, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\BrowserAdapterS.7z, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\FilterApp_C.exe, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\sqlite3.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\utilDiVapton.InstallState, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLS.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLSApp.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLSApp.exe, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.16.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.Bromon.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.BrowserAdapterS.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.PurBrowse.dll, , [221c4fb9d7a42016eb501e6339ca03fd],
PUP.Optional.FilesFrog.A, C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, , [63dba56357243cfadec20944f30f13ed],
PUP.Optional.FilesFrog.A, C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, , [63dba56357243cfadec20944f30f13ed],

Physical Sectors: 0
(No malicious items detected)


(end)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod jaro3 » 27 bře 2014 17:22

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 17:49

Log ADWCleaneru po vymazání:


# AdwCleaner v3.022 - Report created 27/03/2014 at 17:47:03
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\adwcleaner 2.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\User\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u7t26xbf.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2200 octets] - [27/03/2014 10:36:35]
AdwCleaner[R1].txt - [2158 octets] - [27/03/2014 10:39:58]
AdwCleaner[R2].txt - [2218 octets] - [27/03/2014 17:45:31]
AdwCleaner[S0].txt - [2009 octets] - [27/03/2014 17:47:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2069 octets] ##########

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 17:55

Junkware Removal Toll by Thisisu NEFUNGUJE - NELZE SPUSTIT: Vyhodí to hlášku "Non 7-zip archive." A měl jsem vypnutý antivirák i zavřené vše ostatní.
Co s tím?

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 18:05

Tak jsem si poradil - stáhl jsem to odjinud a už funguje.
Zde je log JRT:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by User on źt 27.03.2014 at 18:01:39,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\u7t26xbf.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 27.03.2014 at 18:04:22,84
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 18:33

Log MbAM před čištěním:


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.3.2014
Scan Time: 18:12:26
Logfile: MBAM log před čištěním.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.27.05
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 219021
Time Elapsed: 4 min, 51 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DiVapton, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, HKLM\SOFTWARE\DiVapton, , [033e65a31f5cb97d9a761b67838054ac],
PUP.Optional.DiVapton.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update DiVapton, , [7ac755b391ea181ed5a6f490cf348c74],
PUP.Optional.DiVapton.A, HKU\S-1-5-21-2812968893-955805403-1108646696-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DiVapton, , [65dcb7513d3eb6808d82176b788b6799],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\TEMP, , [212087812457ac8acb43bec4e91a5ba5],

Files: 16
PUP.Optional.Softonic.A, C:\Users\User\Desktop\kmp.exe, , [dd6496727a01ec4a77d8df38cb36ed13],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\DiVapton.ico, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\DiVaptonUninstall.exe, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\updateDiVapton.InstallState, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\7za.exe, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\BrowserAdapterS.7z, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\FilterApp_C.exe, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\sqlite3.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\utilDiVapton.InstallState, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLS.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLSApp.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\XTLSApp.exe, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.16.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.Bromon.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.BrowserAdapterS.dll, , [212087812457ac8acb43bec4e91a5ba5],
PUP.Optional.DiVapton.A, C:\Program Files\DiVapton\bin\plugins\DiVapton.PurBrowse.dll, , [212087812457ac8acb43bec4e91a5ba5],

Physical Sectors: 0
(No malicious items detected)


(end)

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 18:34

Log MbAM po čištění:



Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.3.2014
Scan Time: 18:20:53
Logfile: MBAM log po čištění.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.27.05
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 218819
Time Elapsed: 4 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 18:56

Log RougueKiller:



RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : User [Práva správce]
Mód : Kontrola -- Datum : 03/27/2014 18:43:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{46BC5F84-E392-48DD-B2BA-070C76E6E37C} : NameServer (213.211.45.3,212.96.160.7 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{46BC5F84-E392-48DD-B2BA-070C76E6E37C} : NameServer (213.211.45.3,212.96.160.7 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{46BC5F84-E392-48DD-B2BA-070C76E6E37C} : NameServer (213.211.45.3,212.96.160.7 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] {2D983F83-0A7E-49AA-8C39-3E344709C059} : C:\Users\User\Desktop\sd4hide.exe [-] -> NALEZENO

¤¤¤ spuštění položky : 1 ¤¤¤
[User][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk @C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748009AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74820731)
[Address] EAT @explorer.exe (BufferedPaintClear) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748008ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7480E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7480D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F94AB)
[Address] EAT @explorer.exe (CloseThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7480D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74813B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748235E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F51BF)
[Address] EAT @explorer.exe (DrawThemeText) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FFCAF)
[Address] EAT @explorer.exe (EnableTheming) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748206CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748004BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74800473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748005DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74800FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7480165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FBF93)
[Address] EAT @explorer.exe (GetThemeBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F616C)
[Address] EAT @explorer.exe (GetThemeFilename) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822412)
[Address] EAT @explorer.exe (GetThemeFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FFF21)
[Address] EAT @explorer.exe (GetThemeInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F616C)
[Address] EAT @explorer.exe (GetThemeIntList) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748223B1)
[Address] EAT @explorer.exe (GetThemeMargins) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748006E2)
[Address] EAT @explorer.exe (GetThemePartSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74813FBB)
[Address] EAT @explorer.exe (GetThemeRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74803611)
[Address] EAT @explorer.exe (GetThemeStream) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748039D9)
[Address] EAT @explorer.exe (GetThemeString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748222E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74823172)
[Address] EAT @explorer.exe (GetThemeSysColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74813274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7482301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748229C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7482320B)
[Address] EAT @explorer.exe (GetThemeSysString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74822B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74801081)
[Address] EAT @explorer.exe (GetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74803CE3)
[Address] EAT @explorer.exe (IsAppThemed) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FF869)
[Address] EAT @explorer.exe (IsCompositionActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7482312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F85B4)
[Address] EAT @explorer.exe (OpenThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74813D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74823296)
[Address] EAT @explorer.exe (SetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74800134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7480CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747FB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7482068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox«4—¿°š<ø"ÿÿÿÿ¼š<tDK4—¿A) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD99)
[Address] EAT @explorer.exe (DriverProc) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B223FEE)
[Address] EAT @explorer.exe (midMessage) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B22817A)
[Address] EAT @explorer.exe (modMessage) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B227F0C)
[Address] EAT @explorer.exe (mxdMessage) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B223F5C)
[Address] EAT @explorer.exe (widMessage) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B2265C3)
[Address] EAT @explorer.exe (wodMessage) : ksuser.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6B224AB6)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD3200BEKT-75KA9T0 +++++
--- User ---
[MBR] 49a2003079720f4b1612a48a4cdf6ebc
[BSP] 9c1b002a505b796a453bd1412ebbbb2e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 165909 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 339988480 | Size: 139233 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) WD 5000AAV External USB Device +++++
--- User ---
[MBR] 2cad1879d3ecde5c7399cdd5593b0c2f
[BSP] 1343860dbef73a961735f1522ff55311 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_03272014_184321.txt >>

Andronik
nováček
Příspěvky: 14
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (přibržděný pc)

Příspěvekod Andronik » 27 bře 2014 18:58

VŠE SPLNĚNO - CO DÁL? Děkuji, Andronik


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 84 hostů