prosím o kontrolu logu Avira zaregistrovala 3 viry Vyřešeno

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:59, on 9.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)

FIREFOX: 22.0 (cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\P. a K. Szabovy\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\P. a K. Szabovy\Downloads\STAŽENINY\HijackThis.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [uTorrent] "C:\Users\P. a K. Szabovy\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6484 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[KamilaS]

# AdwCleaner v3.207 - Report created 10/05/2014 at 10:25:49
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : P. a K. Szabovy - PAKSZABOVY-PC
# Running from : C:\Users\P. a K. Szabovy\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\invalidprefs.js
File Found : C:\Users\P. a K. Szabovy\daemonprocess.txt
File Found : C:\Windows\System32\Tasks\Plus-HD-8.1-codedownloader
File Found : C:\Windows\System32\Tasks\Plus-HD-8.1-enabler
File Found : C:\Windows\System32\Tasks\Plus-HD-8.1-firefoxinstaller
File Found : C:\Windows\System32\Tasks\Plus-HD-8.1-updater
File Found : C:\Windows\Tasks\Plus-HD-8.1-codedownloader.job
File Found : C:\Windows\Tasks\Plus-HD-8.1-enabler.job
File Found : C:\Windows\Tasks\Plus-HD-8.1-firefoxinstaller.job
File Found : C:\Windows\Tasks\Plus-HD-8.1-updater.job
Folder Found : C:\Program Files\Plus-HD-8.1
Folder Found : C:\Program Files\Plus-HD-8.1
Folder Found : C:\Users\P. a K. Szabovy\AppData\Local\AppsHat Mobile Apps
Folder Found : C:\Users\P. a K. Szabovy\AppData\Local\genienext
Folder Found : C:\Users\P. a K. Szabovy\AppData\Local\Mobogenie
Folder Found : C:\Users\P. a K. Szabovy\AppData\Local\webplayer
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\HoolappforAndroid
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\iPumper
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\staged\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\staged\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me
Folder Found : C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy
Folder Found : C:\Users\P. a K. Szabovy\Documents\Mobogenie

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\P. a K. Szabovy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk ( _?=C:\Users\P. a K. Szabovy\AppData\Local\WebPlayer\AppsHat )

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-8.1
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555115508}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566116608}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544114408}
Key Found : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\Software\hdcode
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f61b834c-85c4-45e9-8a64-66c97e7621d4}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63FFCE54-3ECF-4143-86AF-4F69B3A7CC98}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEC64F8F-C628-4CB8-82D0-6629422D3663}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9045CF4-B80B-4826-BEF5-0C014F8F5322}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D3E2F6E6-F5BB-4942-AC2B-50794BA966C9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31302440-D925-48FD-B59A-6845FA58910B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31302440-D925-48FD-B59A-6845FA58910B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31302440-D925-48FD-B59A-6845FA58910B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63FFCE54-3ECF-4143-86AF-4F69B3A7CC98}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC64F8F-C628-4CB8-82D0-6629422D3663}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9045CF4-B80B-4826-BEF5-0C014F8F5322}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3E2F6E6-F5BB-4942-AC2B-50794BA966C9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Plus-HD-8.1
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\prefs.js ]

Line Found : user_pref("extensions.crossrider.bic", "144376ccb94998cefe808777513b5324");

*************************

AdwCleaner[R0].txt - [6526 octets] - [12/10/2013 12:24:00]
AdwCleaner[R1].txt - [6586 octets] - [12/10/2013 12:59:26]
AdwCleaner[R2].txt - [7421 octets] - [10/05/2014 10:25:49]
AdwCleaner[S0].txt - [6745 octets] - [12/10/2013 13:00:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [7541 octets] ##########

[KamilaS]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.5.2014
Scan Time: 10:39:00
Logfile: malware log.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.10.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: P. a K. Szabovy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311345
Time Elapsed: 8 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\Plus-HD-8.1, , [d5e6014e3f3cef476692583e28daa35d],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, , [dae17ed14b309f97ba52413b4bb7ea16],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [3b80a0affd7ec76fcb42df9dfa0847b9],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [fbc085ca106bd363da346d0ffb07c43c],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, , [744778d7b8c38babea25344810f254ac],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.1, , [e7d4dd72fd7efc3a85713b4b1be7e818],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [6358f45b314a2a0cea81238e0cf7f60a],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.1, , [aa11cb842952de58a650d9ad5aa8b34d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-515406080-459877351-3489255866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [bdfeca85176479bd3ea3e1dd6a99639d],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-515406080-459877351-3489255866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.1, , [f5c69cb3cab1d75f10e63a4c09f9867a],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-515406080-459877351-3489255866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, , [2497b59a017a80b6db1c3c4a10f2cc34],
PUP.Optional.Softonic.A, HKU\S-1-5-21-515406080-459877351-3489255866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [dedd08471a61c6707fef3a4861a159a7],

Registry Values: 8
PUP.Optional.NextLive.A, HKU\S-1-5-21-515406080-459877351-3489255866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\system32\rundll32.exe "C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [c8f3be91304beb4bd343ed66fe0349b7]
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [ac0ff05fc5b62f075ab254cf4ab859a7],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Ë?¶stâ?�FDG¨+xTA«=p¶, , [ac0ff05fc5b62f075ab254cf4ab859a7]
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [ac0ff05fc5b62f075ab254cf4ab859a7],
PUP.Optional.Conduit.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}, , [4d6ee36c8cef171ffe167aa7a0621fe1],
PUP.Optional.Conduit.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}, , [4d6ee36c8cef171ffe167aa7a0621fe1],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [f5c667e80d6efa3c1bf1899ab949d030],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, , [6358f45b314a2a0cea81238e0cf7f60a],

Registry Data: 1
PUP.Optional.Conduit, HKU\S-1-5-21-515406080-459877351-3489255866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.conduit.com?SearchSource= ... =CT3225826, Good: (http://www.google.com), Bad: (http://search.conduit.com?SearchSource= ... =CT3225826),,[dddede714833ce68ad8fb091877d40c0]

Folders: 19
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy, , [3487e56ab9c2c86e75c377f505fdbc44],
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy\4AC34664792D43049B3CD0914252C139, , [3487e56ab9c2c86e75c377f505fdbc44],
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy\FAFD8368D70846D8BB2EE38F94BC1C1D, , [3487e56ab9c2c86e75c377f505fdbc44],
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me, , [a01bb49bdf9c2c0a1bd177f6e022f010],
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\cache, , [a01bb49bdf9c2c0a1bd177f6e022f010],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\defaults, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\defaults\preferences, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\userCode, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\locale, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\locale\en-US, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1, , [ceedfb54b7c4a2940352fb789171c53b],

Files: 123
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\nengine.dll, , [c8f3be91304beb4bd343ed66fe0349b7],
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\Downloads\InstallRarZilla.exe, , [4774ef60a4d787affd8c99cced17be42],
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Local\genienext\nengine.dll, , [e6d5ec63e5961d1950c60053d22f7b85],
PUP.Optional.Spigot.A, C:\Windows\Installer\512a1.msi, , [704b4c037b00a88e0e72210504fcd52b],
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-8.1-codedownloader.job, , [15a6aea1a6d5b3832301b1d27d85d52b],
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-8.1-enabler.job, , [cbf098b7532843f368bc63209072e41c],
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-8.1-firefoxinstaller.job, , [cdee1c33bebd3cfaa87cc6bdc9394db3],
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-8.1-updater.job, , [d4e79cb3bfbcfd39180cf98a99699769],
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-8.1-validator.job, , [2596a8a7f784b581ce56a5de20e2d12f],
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy\4AC34664792D43049B3CD0914252C139\chrometest3.html, , [3487e56ab9c2c86e75c377f505fdbc44],
PUP.Optional.OpenCandy, C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy\FAFD8368D70846D8BB2EE38F94BC1C1D\avg_tuht_stf_cs_2014_206_CZ.exe, , [3487e56ab9c2c86e75c377f505fdbc44],
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\nengine.cookie, , [a01bb49bdf9c2c0a1bd177f6e022f010],
PUP.Optional.NextLive.A, C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me\cache\spark.bin, , [a01bb49bdf9c2c0a1bd177f6e022f010],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome.manifest, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\install.rdf, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\background.html, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\baseObject.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\browser.xul, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\dialog.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\ffCoreFilesIndex.txt, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\main.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\options.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\options.xul, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\platformVersion.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\search_dialog.xul, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\asyncDB.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\background.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\browserAction.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\contextMenu.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\dbManager.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\dom_bg.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\fileManager.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\firefox.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\firefoxNotifications.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\firefoxOmnibox.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\message.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\pageAction.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\request.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\tabs.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\webRequest.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\api\windowsMessagingHandler.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\addressBarChangeObserver.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\console.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\consts.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\delegate.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\extensionDataStore.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\folderIOWrapper.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\httpObserver.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\IDBWrapper.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\installer.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\logFile.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\prefs.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\progressListenerObserver.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\registry.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\reloadObserver.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\reports.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\requestObject.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\searchSettings.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\uninstallObserver.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\updateManager.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\utils.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\chrome\content\core\xhr.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\defaults\preferences\prefs.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\manifest.xml, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins.json, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\17_jQuery.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\220_icm_base_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\104_jollywallet_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\13_CrossriderAppUtils.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\14_CrossriderUtils.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\155_ibario_pops_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\16_FFAppAPIWrapper.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\177_crossriderDashboard.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\178_revizer_ws_dynamic_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\179_revizer_p_dynamic_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\180_bpo_serp_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\182_openUrl.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\183_tabsWrapper.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\195_icm_convertmedia_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\1_base.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\207_dbWrapper.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\213_dealply_no_google_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\21_debug.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\226_set_campaign_id_m.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\22_resources.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\28_initializer.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\47_resources_background.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\4_jquery_1_7_1.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\64_appApiMessage.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\72_appApiValidation.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\78_CrossriderInfo.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\7_hooks.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\91_monetizationLoader.js.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\98_omniCommands.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\plugins\9_search_engine_hook.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\userCode\background.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\extensionData\userCode\extension.js, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\locale\en-US\translations.dtd, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\button1.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\button2.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\button3.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\button4.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\button5.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\crossrider_statusbar.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\icon128.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\icon16.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\icon24.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\icon48.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\panelarrow-up.png, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\popup.html, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\skin.css, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com\skin\update.css, , [4477202fd2a95fd712f688ea4db5ba46],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\51108.crx, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\51108.xpi, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Installer.log, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-bg.exe, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-codedownloader.exe, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-updater.exe, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-validator.exe, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.PlusHD.A, C:\Program Files\Plus-HD-8.1\Plus-HD-8.1.ico, , [ceedfb54b7c4a2940352fb789171c53b],
PUP.Optional.CrossRider.A, C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "144376ccb94998cefe808777513b5324");), ,[46755ef1ee8dae8841a3d89520e46799]

Physical Sectors: 0
(No malicious items detected)


(end)

[KamilaS]

wow

[Orcus]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[KamilaS]

# AdwCleaner v3.207 - Report created 10/05/2014 at 12:32:13
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : P. a K. Szabovy - PAKSZABOVY-PC
# Running from : C:\Users\P. a K. Szabovy\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Plus-HD-8.1
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Local\genienext
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Local\Mobogenie
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Local\webplayer
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\HoolappforAndroid
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\iPumper
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\P. a K. Szabovy\Documents\Mobogenie
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\Extensions\staged\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
File Deleted : C:\END
File Deleted : C:\Users\P. a K. Szabovy\daemonprocess.txt
File Deleted : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\invalidprefs.js
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-codedownloader
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-enabler.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-enabler
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-firefoxinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-updater.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-updater

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\P. a K. Szabovy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31302440-D925-48FD-B59A-6845FA58910B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31302440-D925-48FD-B59A-6845FA58910B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D3E2F6E6-F5BB-4942-AC2B-50794BA966C9}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3E2F6E6-F5BB-4942-AC2B-50794BA966C9}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEC64F8F-C628-4CB8-82D0-6629422D3663}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC64F8F-C628-4CB8-82D0-6629422D3663}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9045CF4-B80B-4826-BEF5-0C014F8F5322}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9045CF4-B80B-4826-BEF5-0C014F8F5322}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63FFCE54-3ECF-4143-86AF-4F69B3A7CC98}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63FFCE54-3ECF-4143-86AF-4F69B3A7CC98}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555115508}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566116608}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544114408}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f61b834c-85c4-45e9-8a64-66c97e7621d4}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-8.1
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\Plus-HD-8.1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\f38ynnaa.default-1372323181890\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "144376ccb94998cefe808777513b5324");

*************************

AdwCleaner[R0].txt - [6526 octets] - [12/10/2013 12:24:00]
AdwCleaner[R1].txt - [6586 octets] - [12/10/2013 12:59:26]
AdwCleaner[R2].txt - [7621 octets] - [10/05/2014 10:25:49]
AdwCleaner[R3].txt - [7681 octets] - [10/05/2014 12:31:13]
AdwCleaner[S0].txt - [6745 octets] - [12/10/2013 13:00:03]
AdwCleaner[S1].txt - [7017 octets] - [10/05/2014 12:32:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7077 octets] ##########

[KamilaS]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by P. a K. Szabovy on so 10.05.2014 at 12:44:53,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-8.1-validator
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-8.1-validator.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Program Files\ytd"
Successfully deleted: [Empty Folder] C:\Users\P. a K. Szabovy\appdata\local\{9096B9DC-72EE-4093-9B86-0797FE03D788}
Successfully deleted: [Empty Folder] C:\Users\P. a K. Szabovy\appdata\local\{FA270022-1BA2-43D8-A9AC-2002E31DBFB8}



~~~ FireFox

Emptied folder: C:\Users\P. a K. Szabovy\AppData\Roaming\mozilla\firefox\profiles\f38ynnaa.default-1372323181890\minidumps [218 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 10.05.2014 at 12:46:23,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[KamilaS]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : P. a K. Szabovy [Práva správce]
Mód : Kontrola -- Datum : 05/10/2014 12:53:47
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[84] : NtCreateSection @ 0x8303D13D -> HOOKED (Unknown @ 0x92210EC6)
[Address] SSDT[299] : NtRequestWaitReplyPort @ 0x83057B22 -> HOOKED (Unknown @ 0x92210ED0)
[Address] SSDT[316] : NtSetContextThread @ 0x830F784F -> HOOKED (Unknown @ 0x92210ECB)
[Address] SSDT[347] : NtSetSecurityObject @ 0x8301B805 -> HOOKED (Unknown @ 0x92210ED5)
[Address] SSDT[368] : NtSystemDebugControl @ 0x8309F802 -> HOOKED (Unknown @ 0x92210EDA)
[Address] SSDT[370] : NtTerminateProcess @ 0x83074D9A -> HOOKED (Unknown @ 0x92210E67)
[Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x92210EEE)
[Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x92210EF3)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BCE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BCD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BCD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BD3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BD3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BD3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BB73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BD3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BC0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BCCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BBB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73BE068D)
[Address] EAT @explorer.exe (DllGetClassObject) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BCF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxaÿdn˜™¶ø"
ÿÿÿÿ¤™¶tD
ÿdnP) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BEB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BD217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BE1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : AVRT.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x736BDD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EALX-009BA0 +++++
--- User ---
[MBR] 608aac626f2a56a52f454c9de60ba0c8
[BSP] da6ca8bfc332d8b697f854e6bb8b6f7c : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 945863 MB
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1937129472 | Size: 8000 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- Compact Flash USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_05102014_125347.txt >>

[jaro3]

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[KamilaS]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11.5.2014
Scan Time: 13:39:55
Logfile: malwarelog11052014.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.11.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: P. a K. Szabovy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311231
Time Elapsed: 9 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[KamilaS]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : P. a K. Szabovy [Práva správce]
Mód : Odebrat -- Datum : 05/11/2014 13:45:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[84] : NtCreateSection @ 0x8307713D -> HOOKED (Unknown @ 0x916C8ED6)
[Address] SSDT[299] : NtRequestWaitReplyPort @ 0x83091B22 -> HOOKED (Unknown @ 0x916C8EE0)
[Address] SSDT[316] : NtSetContextThread @ 0x8313184F -> HOOKED (Unknown @ 0x916C8EDB)
[Address] SSDT[347] : NtSetSecurityObject @ 0x83055805 -> HOOKED (Unknown @ 0x916C8EE5)
[Address] SSDT[368] : NtSystemDebugControl @ 0x830D9802 -> HOOKED (Unknown @ 0x916C8EEA)
[Address] SSDT[370] : NtTerminateProcess @ 0x830AED9A -> HOOKED (Unknown @ 0x916C8E77)
[Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x916C8EFE)
[Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x916C8F03)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740809AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740749A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74076395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740808ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7408E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7408D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740794AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74076A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74073982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7408D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74093B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740753E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740751BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74074EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740763E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74073F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74073F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74074BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740804BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74080473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740805DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74080FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7408165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74077C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740786E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740806E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74093FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74083611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740839D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74093274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74072D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74081081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74083CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74072E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740760AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740785B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740773D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74093D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74080134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7408CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7407B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740A068D)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EALX-009BA0 +++++
--- User ---
[MBR] 608aac626f2a56a52f454c9de60ba0c8
[BSP] da6ca8bfc332d8b697f854e6bb8b6f7c : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 945863 MB
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1937129472 | Size: 8000 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- Compact Flash USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_05112014_134504.txt >>
RKreport[0]_S_05102014_125347.txt;RKreport[0]_S_05112014_134454.txt