Prosím o kontrolu logu Vyřešeno

[stredis]

Prosím o kontrolu logu, předem děkuji.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:00, on 4.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
E:\Instalace - Programy\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSHostSrv] C:\Windows\inf\cssi.vbe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Instalace - Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DVDFab Passkey] "E:\Instalace - Programy\DVDFab Passkey\DVDFabPasskey.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - E:\Instalace - Programy\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 6617 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[stredis]

# AdwCleaner v3.023 - Report created 04/04/2014 at 11:56:04
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Stredis - STREDIS-PC
# Running from : C:\Users\Stredis\Desktop\adwcleaner (1).exe
# Option : Scan

***** [ Services ] *****

Service Found : BCUService

***** [ Files / Folders ] *****

Folder Found : C:\Users\Stredis\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found C:\Program Files\DeviceVM

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\BI
Key Found : HKCU\Software\DeviceVM
Key Found : HKCU\Software\InstallCore
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Stredis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1940 octets] - [04/04/2014 11:56:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2000 octets] ##########

[stredis]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4.4.2014
Scan Time: 12:16:25
Logfile: MAM.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.04.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Stredis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 214037
Time Elapsed: 4 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1944539839-1407035669-3274785597-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [2c269f8795e636006cb3b0bd669ce31d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1944539839-1407035669-3274785597-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [2c2627ff5427f640b4a90d76a45fa55b],

Registry Values: 2
Trojan.Agent.VBSGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSHostSrv, C:\Windows\inf\cssi.vbe, , [f35f00269edd7abc4e3b3d2c887a2cd4]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1944539839-1407035669-3274785597-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0S1G1M1G1I1O2Wzr1C1M, , [2c2627ff5427f640b4a90d76a45fa55b]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
Trojan.Downloader, C:\Users\Stredis\Downloads\clonedvd-2-9-2-2-final.rar, , [074b7caa8dee63d3d3f0b98ffe02926e],
PUP.Optional.InstalleRex, C:\Users\Stredis\Downloads\Download_Manager-SC-897451F541UU.rar.exe, , [460c0e185f1c51e5207b729e956c3cc4],
PUP.Optional.OpenCandy, C:\Users\Stredis\Downloads\DTLite4471-0335.exe, , [87cbdf47f68589ad6e63bc7a9a6af40c],
Trojan.Agent, C:\Users\Stredis\Downloads\TomTom Keygen 2.1.A.rar, , [0c4695914d2eb581ff9a1867f907e31d],
Trojan.Agent.VBSGen, C:\Windows\inf\cssi.vbe, , [f35f00269edd7abc4e3b3d2c887a2cd4],

Physical Sectors: 0
(No malicious items detected)


(end)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[stredis]

# AdwCleaner v3.023 - Report created 05/04/2014 at 13:34:04
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Stredis - STREDIS-PC
# Running from : C:\Users\Stredis\Desktop\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BCUService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\DeviceVM
Folder Deleted : C:\Users\Stredis\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Stredis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2080 octets] - [04/04/2014 11:56:04]
AdwCleaner[R1].txt - [2140 octets] - [05/04/2014 13:33:12]
AdwCleaner[S0].txt - [2103 octets] - [05/04/2014 13:34:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2163 octets] ##########

[stredis]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by Stredis on so 05.04.2014 at 13:41:55,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3D2104E6-564E-4407-A06A-AE1C4B10FC4F}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05.04.2014 at 13:46:36,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[stredis]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5.4.2014
Scan Time: 13:56:29
Logfile: MAM1.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.05.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Stredis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 214968
Time Elapsed: 6 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Trojan.Agent.VBSGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSHostSrv, C:\Windows\inf\cssi.vbe, Quarantined, [bbfb92941566e45284d66dfde1218977]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
Trojan.Downloader, C:\Users\Stredis\Downloads\clonedvd-2-9-2-2-final.rar, Quarantined, [c6f0a4820a715adc597f2523c43c43bd],
PUP.Optional.InstalleRex, C:\Users\Stredis\Downloads\Download_Manager-SC-897451F541UU.rar.exe, Quarantined, [a61086a0fa812016634c858b2bd6c040],
PUP.Optional.OpenCandy, C:\Users\Stredis\Downloads\DTLite4471-0335.exe, Quarantined, [0fa73ee8205b171fd418da5d976d9f61],
Trojan.Agent, C:\Users\Stredis\Downloads\TomTom Keygen 2.1.A.rar, Quarantined, [3e78c56191ea55e12a84dda29e62f907],
Trojan.Agent.VBSGen, C:\Windows\inf\cssi.vbe, Quarantined, [bbfb92941566e45284d66dfde1218977],

Physical Sectors: 0
(No malicious items detected)


(end)

[stredis]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5.4.2014
Scan Time: 14:06:53
Logfile: MAM2.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.05.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Stredis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 214867
Time Elapsed: 5 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[stredis]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Stredis [Práva správce]
Mód : Kontrola -- Datum : 04/05/2014 14:15:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\23259libfoxloader.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1944539839-1407035669-3274785597-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1944539839-1407035669-3274785597-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (DriverProc) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D343FEE)
[Address] EAT @explorer.exe (midMessage) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D34817A)
[Address] EAT @explorer.exe (modMessage) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D347F0C)
[Address] EAT @explorer.exe (mxdMessage) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D343F5C)
[Address] EAT @explorer.exe (widMessage) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D3465C3)
[Address] EAT @explorer.exe (wodMessage) : midimap.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x6D344AB6)
[Address] EAT @explorer.exe (BluetoothAddressToString) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB740F)
[Address] EAT @explorer.exe (BluetoothAuthenticateDevice) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB82A0)
[Address] EAT @explorer.exe (BluetoothAuthenticateDeviceEx) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB83B9)
[Address] EAT @explorer.exe (BluetoothAuthenticateMultipleDevices) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB82C8)
[Address] EAT @explorer.exe (BluetoothAuthenticationAgent) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BA98BE)
[Address] EAT @explorer.exe (BluetoothDisconnectDevice) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BADD74)
[Address] EAT @explorer.exe (BluetoothDisplayDeviceProperties) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB41AB)
[Address] EAT @explorer.exe (BluetoothEnableDiscovery) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE424)
[Address] EAT @explorer.exe (BluetoothEnableIncomingConnections) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE6C4)
[Address] EAT @explorer.exe (BluetoothEnumerateInstalledServices) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BADE94)
[Address] EAT @explorer.exe (BluetoothEnumerateInstalledServicesEx) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAF7A2)
[Address] EAT @explorer.exe (BluetoothFindBrowseGroupClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACB63)
[Address] EAT @explorer.exe (BluetoothFindClassIdClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACB63)
[Address] EAT @explorer.exe (BluetoothFindDeviceClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD785)
[Address] EAT @explorer.exe (BluetoothFindFirstBrowseGroup) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BADB97)
[Address] EAT @explorer.exe (BluetoothFindFirstClassId) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD8F5)
[Address] EAT @explorer.exe (BluetoothFindFirstDevice) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE9E6)
[Address] EAT @explorer.exe (BluetoothFindFirstProfileDescriptor) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BADC7E)
[Address] EAT @explorer.exe (BluetoothFindFirstProtocolDescriptorStack) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD9D5)
[Address] EAT @explorer.exe (BluetoothFindFirstProtocolEntry) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BADACC)
[Address] EAT @explorer.exe (BluetoothFindFirstRadio) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD6E6)
[Address] EAT @explorer.exe (BluetoothFindFirstService) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB032D)
[Address] EAT @explorer.exe (BluetoothFindFirstServiceEx) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAEDBE)
[Address] EAT @explorer.exe (BluetoothFindNextBrowseGroup) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACB98)
[Address] EAT @explorer.exe (BluetoothFindNextClassId) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC97D)
[Address] EAT @explorer.exe (BluetoothFindNextDevice) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC194)
[Address] EAT @explorer.exe (BluetoothFindNextProfileDescriptor) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACBFD)
[Address] EAT @explorer.exe (BluetoothFindNextProtocolDescriptorStack) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC9D4)
[Address] EAT @explorer.exe (BluetoothFindNextProtocolEntry) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACAA8)
[Address] EAT @explorer.exe (BluetoothFindNextRadio) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC066)
[Address] EAT @explorer.exe (BluetoothFindNextService) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD84C)
[Address] EAT @explorer.exe (BluetoothFindProfileDescriptorClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACB63)
[Address] EAT @explorer.exe (BluetoothFindProtocolDescriptorStackClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACA5B)
[Address] EAT @explorer.exe (BluetoothFindProtocolEntryClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACB63)
[Address] EAT @explorer.exe (BluetoothFindRadioClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC1CD)
[Address] EAT @explorer.exe (BluetoothFindServiceClose) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAC92F)
[Address] EAT @explorer.exe (BluetoothGetDeviceInfo) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE8F6)
[Address] EAT @explorer.exe (BluetoothGetRadioInfo) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD083)
[Address] EAT @explorer.exe (BluetoothIsConnectable) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE6E6)
[Address] EAT @explorer.exe (BluetoothIsDiscoverable) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE5F3)
[Address] EAT @explorer.exe (BluetoothIsVersionAvailable) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD4B2)
[Address] EAT @explorer.exe (BluetoothMapClassOfDeviceToImageIndex) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB731E)
[Address] EAT @explorer.exe (BluetoothMapClassOfDeviceToString) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB6F6D)
[Address] EAT @explorer.exe (BluetoothRegisterForAuthentication) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB0114)
[Address] EAT @explorer.exe (BluetoothRegisterForAuthenticationEx) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB0137)
[Address] EAT @explorer.exe (BluetoothRemoveDevice) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB0EBD)
[Address] EAT @explorer.exe (BluetoothSdpEnumAttributes) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACCD9)
[Address] EAT @explorer.exe (BluetoothSdpGetAttributeValue) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB1530)
[Address] EAT @explorer.exe (BluetoothSdpGetContainerElementData) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB1488)
[Address] EAT @explorer.exe (BluetoothSdpGetElementData) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB1223)
[Address] EAT @explorer.exe (BluetoothSdpGetString) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB1883)
[Address] EAT @explorer.exe (BluetoothSelectDevices) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB3D76)
[Address] EAT @explorer.exe (BluetoothSelectDevicesFree) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB253F)
[Address] EAT @explorer.exe (BluetoothSendAuthenticationResponse) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE323)
[Address] EAT @explorer.exe (BluetoothSendAuthenticationResponseEx) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAE235)
[Address] EAT @explorer.exe (BluetoothSetLocalServiceInfo) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAFB77)
[Address] EAT @explorer.exe (BluetoothSetServiceState) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB0DDB)
[Address] EAT @explorer.exe (BluetoothUnregisterAuthentication) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BACF30)
[Address] EAT @explorer.exe (BluetoothUpdateDeviceRecord) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAD7E1)
[Address] EAT @explorer.exe (BthpEnableAllServices) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB106A)
[Address] EAT @explorer.exe (BthpFindPnpInfo) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAEEC6)
[Address] EAT @explorer.exe (BthpMapStatusToErr) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BB73DF)
[Address] EAT @explorer.exe (CPlApplet) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BABB60)
[Address] EAT @explorer.exe (DllCanUnloadNow) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAB2E6)
[Address] EAT @explorer.exe (DllGetClassObject) : wwanapi.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x67BAB1E8)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD322HJ SATA Disk Device +++++
--- User ---
[MBR] 2dcbcbb8457849da011f072044eb62f4
[BSP] 3487607c5686cf026a8a9d49beb14319 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Nesprávná funkce. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG HD103SJ SATA Disk Device +++++
--- User ---
[MBR] d2d95841e9460034ab6fe1c50a8acc4e
[BSP] 8a11ca1f37b8403247fc3697f78bc991 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Nesprávná funkce. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04052014_141507.txt >>

[Orcus]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

[stredis]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Stredis [Práva správce]
Mód : Odebrat -- Datum : 04/06/2014 08:27:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\23259libfoxloader.dll [x] -> ODEBRÁNO
[SUSP PATH] szninstall.exe -- C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] szndesktop.exe -- C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1944539839-1407035669-3274785597-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1944539839-1407035669-3274785597-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Stredis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FCE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FCD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FCD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FD3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FD3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FD3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FB73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FD3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FC0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FCCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FBB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73FE068D)
[Address] EAT @explorer.exe (DllGetClassObject) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox7ùH—Çø";) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : dhcpcsvc.DLL -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7384DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD322HJ SATA Disk Device +++++
--- User ---
[MBR] 2dcbcbb8457849da011f072044eb62f4
[BSP] 3487607c5686cf026a8a9d49beb14319 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Nesprávná funkce. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG HD103SJ SATA Disk Device +++++
--- User ---
[MBR] d2d95841e9460034ab6fe1c50a8acc4e
[BSP] 8a11ca1f37b8403247fc3697f78bc991 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Nesprávná funkce. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_04062014_082753.txt >>
RKreport[0]_S_04062014_082712.txt